Standard Bank AIR2017 Standard Bank Group Risk and Capital Management Report 2017

Standard Bank Group
RISK AND CAPITAL

MANAGEMENT REPORT
2017
RISK AND CAPITAL
MANAGEMENT REPORT 2
Our reporting suite 2
Risk oversight 4
Enterprise risk management 15
Capital management 25
Risk appetite and stress testing 34
Linkages 38
Credit risk 41
Compliance risk 66
Country risk 68
Funding and liquidity risk 72
Market risk 79
Insurance risk 86
Operational risk 90
Business risk 96
Reputational risk 98
Restatements 100
CONTENTS
ANNEXURES
Annexure A –
102
Regulatory and legislative developments
impacting the group 102
Annexure B –
Basel pillar 3 credit tables 108
Annexure C –
Composition of capital 128
Annexure D –
Map of cross-reference of pillar 3 tables 132
Standard Bank Group
RISK AND CAPITAL

MANAGEMENT REPORT
2017
Standard Bank Group

Risk and capital management report 2017 1
OUR REPORTING SUITE
We produce a full suite of reports to cater for the diverse needs of our stakeholders.
References
These icons refer readers
to information elsewhere in
this report or in our other reports,
which are available online.
Annual integrated report
Provides a holistic assessment Frameworks* applied Assurance

of the group’s ability to create value. •JSE Listings Certain information in this
Standard Bank Group
ANNUAL INTEGRATED
REPORT 2017
It considers the issues that are material Requirements report has been extracted
to our commercial viability and social •King Code from the group’s audited
relevance, which are required to achieve •<IR> Framework of the annual financial
our strategy in the medium to long term. International Integrated statements.
These include the macroeconomic and Reporting Council
socio-political conditions in which
AIR
we operate. Where applicable,
information in this report has been
extracted from other publications
in our reporting suite.
Intended readers: primarily our providers of financial capital, being our shareholders, depositors and bondholders,
but information relevant to our other stakeholders is also included.
Report to society
An account of the group’s social, Frameworks* applied Assurance

economic and environmental impacts •King Code KPMG Inc. has provided
and how these contribute to the •FTSE/JSE Responsible assurance over selected
group’s sustainability and its ability Investment Index Series information in the report
Standard Bank’s
REPORT TO SOCIETY 2017

to achieve its purpose. and Dow Jones/ to society.
Moving Forward, Together
RobecoSAM
Our supplementary environmental,
•Sustainalytics
social and governance report, and
•Carbon Disclosure RTS
our transformation report to society
Project
are available online.
•United Nations
Sustainable
Development Goals
Intended readers: the group’s broad base of
•Equator Principles
stakeholders, particularly clients, employees,
business partners, regulators, government and civil •Global
society organisations. Reporting Initiative
(as a guide)
*Definitions:
Banks Act – South African Banks Act 94 of 1990 The invitation to the annual general
Companies Act – South African Companies Act 71 of 2008 meeting and the notice of the
FTSE – Financial Times Stock Exchange resolutions to be tabled at the meeting
IFRS – International Financial Reporting Standards will be sent separately to shareholders
JSE – Johannesburg Stock Exchange and is also available on our website at:
King Code – King Report on Corporate Governance, also known as King IV www.standardbank.com
The group – Standard Bank Group
2
Intended readers of the reports below: shareholders, debt providers and regulators.
Governance and remuneration report
A detailed review of the group’s Frameworks* applied Assurance

governance and remuneration •Companies Act Certain information in the
practices, including the group’s •Banks Act governance and
remuneration policy. remuneration report has GOV
•JSE Listings REM
Standard Bank Group
GOVERNANCE AND
REMUNERATION Requirements been extracted from the
REPORT 2017
group’s audited annual

•King Code
financial statements.
•Basel pillar 3
Annual financial statements
Sets out the group’s full audited Frameworks* applied Assurance

annual financial statements, •IFRS Unmodified audit
Standard Bank Group
ANNUAL FINANCIAL
STATEMENTS 2017
including the report of the group •Companies Act opinion expressed
audit committee. by KPMG Inc. and AFS
•Banks Act
PricewaterhouseCoopers Inc.
•JSE Listings
Requirements
•King Code
This
report
Risk and capital management report
A detailed view of the management Frameworks* applied

of risks relating to the group’s •Various regulations,
Standard Bank Group
RISK AND CAPITAL

MANAGEMENT REPORT
2017
operations. including Basel III

•Banks Act RCM pg
•IFRS
•JSE Listings Requirements
•King Code
To assist in the reduction of the group’s carbon footprint we urge our stakeholders to make
use of our reporting site to view our reporting suite at www.standardbank.com/reporting
or scan the above code to be taken there directly.
Standard Bank Group

RISK AND CAPITAL MANAGEMENT REPORT
All amounts are in rand millions unless

otherwise stated.
Pillar 3 table references (OV1, CR1

etc.) have been included in the table
headings. Refer to annexure D on
page 132 for more information.
The pillar 3 remuneration disclosure

can be found on the following pages
of the group’s 2017 governance and
remuneration report:
RISK OVERSIGHT GOV

REM
Remuneration policy
(REMA): page 63 – 68;
88 – 89 and 104 – 107
THIS REPORT
GOV Remuneration awarded
This risk and capital management REM during the financial year
(REM1): page 109
report covers the Standard Bank

Group’s (the group) banking activities GOV Special payments
REM (REM2): page 109
and other banking interests.
Certain information pertains to the
group’s results, which includes GOV Deferred remuneration
(REM3): page 110
REM
the group’s interest in Liberty and its
other banking interests, and has
been denoted as such.
Refer to annexure C of the group’s
annual financial statements for
IFRS disclosure.
The main features of

regulatory capital
instruments (CCA) can
be found on the group’s
website: reporting.
standardbank.com
4
BOARD RESPONSIBILITY
The group’s board of directors (the board) has the ultimate responsibility
for the oversight of risk.
For the period under review,

the board is satisfied that:
•the group’s risk, •the group’s business •the group is adequately

compliance, treasury, activities have been funded and capitalised to
capital management and managed within the support the execution of
group internal audit (GIA) board-approved risk the group’s strategy
processes generally appetite
operated effectively
In the instances where the group incurred losses, breached risk appetite or was
fined by its regulators, the board is satisfied that management has taken
appropriate remedial action.
BASEL PILLAR 3
KING IV
DISCLOSURE
The group abides by a disclosure policy The board is supportive of the revised
which incorporates the revised pillar 3 King Code which was formally adopted
disclosure requirements as set out by the from 1 October 2017. The group’s adherence
Basel Committee on Banking Supervision in relation to the specific practices and
(BCBS). disclosure requirements attendant to the
principles was assessed and all committee
mandates have been amended to align to
Key elements of this the new requirements.
policy include:
•guiding principles for pillar 3

disclosure
•frequency of reporting
•governance processes
•internal controls and procedures.
The board is satisfied that this report has

been prepared in accordance with the
requirements of the group disclosure policy
and that an appropriate control framework
has been applied in the preparation
of this report.
Standard Bank Group

RISK TYPES
Each risk is defined below. The relevant sections include:
•an explanation of the application of the group’s risk, compliance
and capital management (RCCM) governance framework to the
specific risk
•the approved regulatory treatment for capital requirements to be
held against the specific risk in terms of Basel
•a description of the relevant portfolio characteristics both in K
RIS
terms of prescribed disclosure and the group’s business model. DIT
E
CR
41
Credit risk
Credit risk is the risk of loss arising out of the failure
of obligors to meet their financial or contractual
obligations when due. It is composed of obligor risk,
K
RIS
concentration risk and country risk.
NCE
PLIA
COM
66
Compliance risk
Compliance risk is the risk of legal or regulatory
sanction, financial loss or damage to reputation that
the group may suffer as a result of its failure to
comply with laws, regulations, codes of conduct and
standards of good practice applicable to its financial
services activities.
COU
NTR
YR
68
ISK
Country risk
Country risk, also referred to as cross-border country
risk, is the uncertainty that obligors (including the
relevant sovereign, and the group’s branches and
subsidiaries in a country) will be able to fulfil
obligations due to the group given political or
economic conditions in the host country.
FU
ND
IN
GA
ND
LIQ
UID
ITY
RISK
72
Funding and liquidity risk
Liquidity risk is defined as the risk that an entity,
although solvent, cannot maintain or generate
sufficient cash resources to meet its payment
obligations in full as they fall due, or can only do so at
materially disadvantageous terms.
6
98
Reputational risk
REPUT Reputational risk is the risk of potential or actual
ATIO
NAL damage to the group’s image which may impair the
RIS
K profitability and/or sustainability of its business.
B
US
IN
96
ES
Business risk
S
RI
SK
Business risk is the risk of earnings variability,

resulting in operating revenues not covering
operating costs after excluding the effects of market
risk, credit risk, structural interest rate risk and
operational risk.
90
OPERATIONAL RISK
Operational risk
Operational risk is the risk of loss suffered as a result
of the inadequacy of, or failure in, internal processes,
people and/or systems or from external events.
86
Insurance risk
Insurance risk is the risk that actual future
underwriting, policyholder behaviour and expense
experience will differ from that assumed in measuring
policyholder contract values and in pricing products.
K
IS
Insurance risk arises due to uncertainty regarding the

ER
timing and amount of future cash flows from

NC
RA
insurance contracts.
SU
IN
79
ISK
ET R Market risk
MARK
Market risk is the risk of a change in the market value,
actual or effective earnings, or future cash flows of a
portfolio of financial instruments, including
commodities, caused by adverse movements in
market variables such as equity, bond and
commodity prices, currency exchange and interest
rates, credit spreads, recovery rates, correlations and
implied volatilities in all of these variables.
Standard Bank Group

HIGHLIGHTS
We have a well-developed enterprise risk management framework

which ensures a consistent approach to managing risk across the
group, together with a clear risk appetite aligned to our group
strategy. We take a holistic and forward-looking view of risks we face,
continuously assessing both current and emerging risks.
For more information, refer to the

AIR risk report in the group’s annual
integrated report.
Neil Surgey
Chief risk officer
8
RISK APPETITE
AND STRESS
TESTING
CAPITAL
MANAGEMENT
Year in brief
During 2017, a number of risks threatened to escalate
further. Key among these were:
•rising geopolitical volatility
•the South African ratings downgrade
Year in brief •the uneasy social and political environment
The group remained adequately capitalised above •pressure on commodity prices
minimum regulatory requirements. •a loss of investment in emerging markets
•threats to the stability of the financial sector in both
The group issued its debut Basel III compliant additional South Africa and across the African continent
tier I (AT1) capital instrument for R1.7 billion on
•de-risking by correspondent banks.
30 March 2017, followed by a second issuance on
21 September 2017 for R1.8 billion. These AT1 issuances Additionally, sovereign risk arising from elections in
contribute towards a more optimal composition of the certain countries, policy changes and spill-over effects
group’s capital resources. from South Africa were also considered as risks specific
to individual African countries. These all formed the
The downgrades to the South African sovereign rating
basis of various macroeconomic stress testing exercises
and consequential downgrades in the credit ratings of
performed during the year within the group and
South African banks in the first half of 2017 did not have
individual legal entities. The group continued to focus
a material impact on the group’s capital adequacy ratios,
on the implementation and cascading of the risk
although there was an increase in market risk risk-
appetite on a groupwide, business unit, legal entity
weighted assets (RWA).
and risk-type basis.
The BCBS published the final Basel III post-crisis reform
proposals in December 2017, with an implementation
date of 1 January 2022 and with transitional FOCUS AREAS FOR 2018
arrangements for the phasing-in of the aggregate output Stress testing has evolved from a regulatory tool
floor from 1 January 2022 to 1 January 2027. used by supervisors to assess banks’ ability to
withstand stress, to an internal risk management
tool. Embedding the use of stress testing results to
FOCUS AREAS FOR 2018 benefit risk management and decision-making at
During 2018, the group will focus on: various levels in the organisation is ongoing, driven
by a focus on:
•optimising the level and composition of capital
with due consideration of business plans, as well •continual refinement of internal models to
as current and future regulatory requirements determine the impact of stress scenarios
•effectively allocating resources, including capital •further integration of stress testing and risk
and liquidity between product lines, trading desks, appetite with strategic planning, as well as
industry sectors and legal entities to enhance the financial planning
overall group economic profit and return on equity •monitoring the consequences of a number of
(ROE) events, including:
•analysing the impact of the Basel III post-crisis – political and policy changes in South Africa
reform proposals on the group’s capital adequacy and elsewhere
ratios, systems and processes to support the new – actions by rating agencies with regard to the
requirements South African sovereign rating
•engaging with the SARB on the South African – volatile macroeconomic environment in key
implementation of the Basel III post-crisis reform markets
proposal, including areas of national discretion •embedding qualitative and quantitative risk
specified by the BCBS. appetite across the group.
Standard Bank Group

Highlights continued
CREDIT
RISK
While economic growth across the continent was positive during the year,
business confidence in key markets such as South Africa remained under
pressure, reflecting prevailing political and economic uncertainty through
much of 2017.
Year in brief CIB non-performing loans (NPLs) remained flat

year-on-year despite the growth in exposure and the
Credit demand remained subdued, reflected by low growth
challenging operating environment. There was however
in Personal & Business Banking (PBB) exposures and
a significant increase in the watchlist and early arrears
partially offset by selective growth in Corporate &
portfolio but these have been driven by a small number
Investment Banking (CIB) exposures. The credit loss ratio
of large exposures which are not expected to result in
(CLR) for the group was flat year-on-year at 0.86%.
material losses to the group.
In the retail and business portfolios, the focus for The CIB total CLR increased to 0.33% in 2017 from 0.30%
the year was on proactive engagement with in 2016 (the customer CLR remained unchanged at 0.44%),
distressed customers, decentralisation of credit driven largely by higher portfolio impairments in South
teams to support a more customer-centric Africa reflecting adjustments to the sovereign risk outlook
organisational design, digitisation of credit and a low growth environment. There was an improvement
processes and enhancements in customer scoring. in the CLR in CIB’s Africa Regions operations (total CLR of
0.97% in 2017 from 1.06% in 2016) following an extensive
review of lending exposures. CIB’s CLR remains within the
The PBB total CLR improved from 1.25% in 2016 to 1.20% target range, reflecting the group’s proactive management
in 2017, largely due to the decline in impairments within of exposures to sectors and countries that are experiencing
South African secured products and card but also reflective strain and the group’s ability to assist clients in times of
of some consumer resilience. financial pressure.
PBB’s Africa Regions CLR increased year-on-year largely

due to low portfolio growth in a volatile macroeconomic FOCUS AREAS FOR 2018
environment. Portfolio performance was influenced by
In a climate that is cautiously expected to yield marginal
results in Nigeria, Malawi and Ghana where credit
improvement in economic growth and associated
impairments trended higher. However, enhancements in
increases in private sector credit extensions, the group
processes, controls and frameworks improved the credit
will focus on the following in 2018:
risk profile in other countries.
•improving automated origination decision-making
through enhanced systems, processes and analytics
On a constant currency basis, CIB’s credit •the effectiveness of collections and early, proactive
exposures to all sectors except mining and metals engagements with distressed customers
grew over the year, following considered increase •high-quality credit customers and proactive
in appetite to certain countries and sectors adjustment of risk appetite by sector and country
showing improving fundamentals, such as to reflect opportunities and challenges
financial institutions, consumer and diversified
•increasing attention to risk mitigation options,
industrial sectors. Following improvement in
including the distribution of credit risk
global commodity prices, exposures to the mining
and metals and oil and gas sectors are expected •following the implementation of IFRS 9 – Financial
to continue to increase. Where unfavourable Instruments (IFRS 9), close monitoring of portfolio
economic and regulatory trends in countries impairment levels and the potential impact that it
prevail, risk appetite has been reduced. may have on origination strategies.
10
COMPLIANCE
RISK
The growth in the complexity of regulatory frameworks impacting the

group gave rise to an appreciable growth in the group’s compliance
function organisational structure.
Year in brief In addition, the promulgation of the Protection of Personal

Information Act and amendments to the European Union’s
Compliance resourcing, particularly in the Africa Regions,
general data protection regulations necessitated a revision
money laundering control, sanctions control and exchange
of data privacy policy and controls across the group, to
control compliance areas increased to meet the demands
safeguard the privacy of clients and to ensure that the group
of regulatory change and supervisory expectations.
treats personal information as private and confidential.
Compliance continued to partner with the other internal
assurance risk partners and the approach to combined
assurance was formalised to ensure that all compliance FOCUS AREAS FOR 2018
risks are adequately addressed. The compliance function will continue to support the
group to do the right business the right way. This will
The compliance training approach was further refined with include enabling the automation of policy
the rollout of more interactive and digital methods of requirements where possible, and introducing
training, standardised across the group, which led to both robotics and advanced analytics initiatives to simplify
cost and time savings. processes, enabling a more efficient response to
regulatory requirements. Predictive analytics are also
a focus area for development. Opportunities to
The alignment of IT systems across the Africa
optimise client onboarding processes and
Regions in the areas of anti-money laundering
surveillance capabilities have been identified and will
(AML) and combating the financing of terrorism
be implemented in the Africa Regions.
(CFT) continued. Embedment of the revised
anti-bribery and corruption policy and procedures Training initiatives will be further streamlined to
took place in 2017, with increased training and ensure that board members, executive management
awareness provided across the group. and all staff are made aware of their legislative
obligations in a time- and cost-efficient manner. An
emphasis will continue to be placed on cross-and
A key legislative development in 2017 was the enactment of
up-skilling across jurisdictions in an environment of
the Financial Intelligence Centre Amendment Act, amended
scarce resources, particularly in the Africa Regions.
to improve the protection of the integrity of South Africa’s
financial system and strengthen its ability to prevent and
The new regulatory regime, following the
punish financial crimes such as money laundering, illicit
promulgation of the Financial Sector Regulation Act,
capital flows, tax evasion, bribery and corruption and the
will increase supervisory focus to determine whether
financing of terrorism. The amendments required a review
the group is delivering good client outcomes, and
of the group’s policies and procedures and revisions are in
whether this is supported by the group’s culture,
progress.
values and behaviours. The group will continue to
develop conduct metrics to measure progress in
this regard.
Standard Bank Group

COUNTRY
RISK
LIQUIDITY
RISK
Sub-Saharan Africa
recorded modest Appropriate liquidity buffers were held in
economic growth due to line with regulatory and internal stress
a recovery in commodity testing requirements, taking into account
prices and the end of the the global risk profile and market
2016 drought, although conditions.
some areas remain
drought stricken. Year in brief
The group maintained the liquidity coverage ratio (LCR) in excess of the
Year in brief 80% minimum regulatory requirement throughout 2017.
Political and social risks, uncertain The group successfully managed the balance sheet structure in order
regulatory environments, below average to meet both the LCR and net stable funding ratio (NSFR) regulatory
economic growth and sovereign debt requirements with effect January 2018.
vulnerability continue to be a feature of
some of the group’s presence markets, The group successfully increased longer-term funding during 2017, raising
but the majority are now showing R32.4 billion through a combination of senior debt and syndicated loans.
recovery or stronger growth. An additional R24.6 billion was raised through negotiable certificate of
deposits (NCDs) funding in excess of 12 months.
The focus continued to be on mitigating
transfer and convertibility risks and The group implemented certain mitigating strategies to address the
managing risk appetite within agreed liquidity risks from the downgrade of the South African sovereign to
parameters, and proactively managing sub-investment grade in the first half of 2017. The foreign and local
country-specific risks and concentrations currency downgrades have had a more benign impact than previously
on a forward-looking basis. anticipated on the availability and cost of foreign currency funding. This
was largely due to the supportive global liquidity environment for
emerging markets. The group continues to monitor the implications of
FOCUS AREAS FOR 2018 further credit rating agency downgrades for both local and foreign
The group anticipates continuing currency, which could have a more significant impact on the group’s
sovereign debt vulnerability in some access and cost of foreign currency liquidity sources.
countries as political and social
issues continue to weigh down on
fiscal consolidation and the FOCUS AREAS FOR 2018
regulatory environment. Continued During 2018, the group will focus on:
recovery in economic growth on the
•the strategy on balance sheet optimisation and mix in conjunction
back of a stronger global economy
with both LCR and NSFR compliance from January 2018. This is to
and commodity prices is expected to
ensure that the group has the appropriate amount, diversification
result in improved foreign exchange
and tenor of funding and liquidity to support its asset base at all
reserves and reduced currency
times while continuing to minimise the overall cost of funding
liquidity shortages.
•ensuring mitigating actions are available to address the
The focus will continue to be on implications of further South African sovereign credit rating
managing country specific risks, downgrades, with a focus on diversifying its funding base across
extending local currency risk both rand and foreign currency
products and mitigating foreign •ongoing system enhancements to ensure continued data quality,
currency liquidity risks. The effects efficiency and effectiveness, especially when considering the daily
of climatic changes and related liquidity reporting requirements, across all entities
emerging risks remain a focus in •ongoing enhancements to funds transfer pricing methodology to
relevant markets. steer further balance sheet optimisation and growth strategies.
12
MARKET
RISK
The group maintained its

trading book market risk and
banking book interest rate risk
within the approved risk
appetite and tolerance levels in
the context of market volatility
and rating changes.
Year in brief
Examples of market volatility experienced include:
•two rating agencies downgraded South Africa to INSURANCE
sub-investment grade during the year RISK
•the ANC held presidential elections which, post-
elections, resulted in significant rand strength
•certain equity counters experienced significant
volatility in December 2017
•a number of African currencies devalued significantly.
The group continued to enhance its interest rate risk

management and make changes to its global markets
Year in brief
and market risk technology. The value of new business in 2017 was well below budgeted
long-term expectations as a result of lower margins on
products sold and lower than budgeted business volumes.
The group participated in the review of
proposed changes to regulations impacting Liberty observed deteriorations in its experience for certain
trading and banking book positions. lines of morbidity risk, which are unlikely to be due solely to
random variation in claims. Liberty has used insights from
the relevant experience investigations to drive improvements
in risk selection by amending underwriting and claims
FOCUS AREAS FOR 2018 practices and through re-pricing some new business
The group will continue to focus on monitoring during 2017.
and managing the traded market risk, banking
book interest rate, equity risk, own equity-
linked transactions, foreign currency risk and FOCUS AREAS FOR 2018
associated hedges in the context of current A financial remediation programme has been initiated to
market volatility, including monetary policy expedite the changes required in products, underwriting,
decisions and rating changes. pricing and customer experience to improve the value of
new business. Focus will be placed on tighter expense
The implications of the revised trading book management and simplifications in products and
regulations and interest rate risk in the banking operational processes to drive further expense
book standards recently published will be a efficiencies in order to maintain competitive expense
continued area of focus, together with the assumptions in the valuation of the policyholder
resulting system enhancements required. liabilities.
Standard Bank Group

OPERATIONAL
RISK
The group’s operational risk profile trended

moderately and operational risk losses improved,
despite a volatile economic landscape, pressures on
growth, political instability, technology evolution,
regulatory reform and the strain of repaying debts.
Year in brief In 2017, the group introduced new technology and

processes to enable detection, monitoring and intervention,
For 2017, in light of economic changes and regulatory
to known threats and fraudulent activities on customers’
reform, operational risk governance matured by applying
accounts, both in South Africa and the Africa Regions. To
principle based methodologies. Additionally, operational
ensure that responses to fraud incidents are efficient and in
risk has gained experience in implementing operational risk
near-real time, fraud response centres were introduced in
management frameworks, loss data collection exercises,
South Africa, Swaziland, Botswana, Uganda, Ghana,
quantitative impact studies, and a range of practice reviews
Namibia, Lesotho and Zimbabwe, with a co-location of
covering governance, data and modelling issues, which has
multi-disciplinary teams made up of members from the
contributed to industry and supervisory knowledge and the
fraud and security value chain.
emergence of sound industry practices.
The group conducted test simulations on its business
The group continued to invest in anti-fraud capabilities that
continuity management, recovery and resolution plans and
proactively predict, detect and prevent fraud on the evolving
risk data aggregation and risk reporting readiness, which
digital channels. The bank successfully implemented the
proved successful in preparing for times of stress.
ability to profile a customer’s device and sim card when
transacting on these channels, making verification
seamless to the customer. The anti-fraud landscape is
migrating towards predictive analytics and artificial FOCUS AREAS FOR 2018
intelligence that will continuously contribute towards the For the year ahead, operational risk will continue
desired customer experience. to focus on creating a secure, collaborative customer-
centric organisation where risk is managed within
appetite and opportunities are linked to reward for both
2017 saw a continued focus on improving cyber
the customer and group.
security capabilities. Phishing sites attacks that
target Standard Bank clients have reduced It is expected that banking regulators across most
significantly in 2017, down 53% from 2016. This territories will issue cyber regulation in the coming year.
reduction has seen a corresponding reduction in
the number of online banking fraud incidents Credit card fraud continues to plague the industry.
reported over the same period, down 48%. The The growing popularity of e-commerce transactional
reduction in phishing sites and incidents is largely volumes also provides the ideal opportunity for
due to the implementation of new prevention and criminals to siphon or breach sensitive card data. In
detection controls. 2018, the group will continually strive to maintain a
balance between the customer experience and
anti-fraud measures by analysing data to establish
The group continues to partner with technology partners in
behaviour, further enabling the prediction, prevention,
order to deliver digitised and innovative products and
detection and rapid response to changes in the card
offerings to our customers. These partners are on-boarded
fraud threat landscape.
with due diligence to ensure that the risks associated with
on-boarding are well taken care of. The controls that are In the Africa Regions, increased focus will be placed
considered with partnering with fintechs include the ability on the quality of IT service, particularly as it pertains
to manage sensitive information and data, minimum to service, availability and stability of systems, both
standards on logical access and security controls and layers where services are provided by the group to the
of anti-fraud measures that complement internal controls Africa Regions and where third-party service providers
in place. are used.
The group is on a journey to analytically and systematically With the aim of ensuring that information is secure and
remove all human interface to detect and prevent customers are consistently educated, the group will:
suspicious behaviour from customers’ profile activities and
transactions, through the use of artificial intelligence, •enhance its targeted awareness campaigns in 2018
robotics and big data services. In the last year, the group to drive risk-conscious behaviour
has formed a dedicated digital channels fraud lab in order •improve third-party management
to optimise the response to new threats such as •establish behavioural analytics capabilities
cryptocurrency. •research on trending information risk topics.
14
ENTERPRISE RISK
MANAGEMENT
16 EMERGING ENTERPRISE RISKS
20 KEY COMPONENTS OF THE ENTERPRISE RISK
MANAGEMENT PROCESS
21 RISK GOVERNANCE
24 THREE LINES OF DEFENCE MODEL
24 RISK CULTURE
24 REPORTING
Standard Bank Group

Enterprise risk management continued
EMERGING ENTERPRISE RISKS

Emerging enterprise risks are identified annually to empower conscious risk-taking. These enterprise-level risks are
closely linked to the group’s strategy. The group faces an assortment of external pressures which influence our internal
risk profile. The group’s RCCM framework is central to the identification and management of these risks.
Environmental concerns are high following the droughts The rise of cryptocurrencies has the potential to result in a loss of
experienced across Africa and hurricane and flood activity in the confidence in paper money and banking systems. The bank
Gulf of Mexico, Caribbean and Bangladesh. The South African continues to leverage relationships with fintechs to maintain
city of Cape Town is widely recognised as the first major city to relevance in the market.
potentially run out of water. The group is managing our exposure
to this situation with an on-the-ground team focusing on the We operate in an environment undergoing significant social
business continuity in our affected businesses and the impact on change. Our staff are multi-generational and increasingly digitally
our staff. enabled. Communication from our clients and staff has
transitioned towards social media. Digitisation is a core strategic
Technology is evolving at an unwavering pace. Reports in both objective for the group, with an increased focus on accelerating
local and international media demonstrates the increasing digital execution in order to better respond to increasing
number of cyber crime incidents and the growing sophistication demands.
of attacks, including the involvement of Nation States in many
instances. Radical cyber attacks are ever present evidenced by Regulations are becoming more punitive and prescriptive and
the global Wannacry and Petya attacks. The group continues to regulations continue to grow across multiple jurisdictions. The
place focus on our cyber and technology resilience to ensure that potential for legal action from infringements is uncertain.
information is protected and our services are always on and Compliance resourcing has increased to meet the demands of
always available. regulatory change and supervisory expectations.
In 2017, the South African Reserve Bank (SARB) issued guidelines Third-party relationships continue to be leveraged to acquire
to banks to ensure that they are developing resilient systems specialised skills in response to competition and demands.
that can recover quickly in the event of a cyber incident. Other
regulators on the continent are following suit with the Kenyan In addition to the core banking risks of credit, market and
Central Bank issuing similar guidelines. liquidity risk, the group recognises the following emerging
enterprise risks.
Technology risk
Cyber risk
Regulatory People risk

Karin Griffin
impact risk
Group head of operational
risk management
Fraud risk Business

disruption risk
Information risk Third-party risk
Conduct risk
16
MANAGEMENT
ENTERPRISE RISK
Emerging enterprise risks
1 2 3
TECHNOLOGY CYBER REGULATORY

IMPACT
The inability to manage, develop The risk of financial loss, The risk of reputational and
and maintain secure, agile disruption or damage to financial losses due to the inability
technology assets to support reputation from breaches or to comply with or keep abreast of
strategic objectives attacks on transaction sites, regulatory requirements
systems or networks
Risk drivers* Risk drivers* Risk drivers*

•a multi-channel digital experience •remote presence technologies •changing regulatory and
means more technology to keep may increase the avenues supervisory requirements often
relevant, up-to-date and safe from for attack come at a high cost and are
fraud attacks •increasing number and human resource intensive
•new types of devices span an sophistication of cyber crime •public interest, social drivers and
extremely wide range of security incidents globally. consumerism may initiate
requirements and have very legislative change, requiring
different security postures. appropriate response strategies.
MITIGANTS* MITIGANTS* MITIGANTS*

•dedicated simultaneous •use of adaptive cyber security •ongoing engagement with
development, security and which uses a combination of government and regulators to
operational teams focus on artificial intelligence and other support evidence-based
speeding up implementation of methods to dynamically shift policy-making and dialogue
projects and changes tactics and detect and remove between public and private
•continual testing of technology threats as quickly as possible sectors
and applications to identify and •multi-factor authentication •monitoring of international
rectify potential weaknesses that integrated into all critical payment developments, learnings and
can be exploited. applications and end-user devices benchmarks to identify future
•the 24/7 cyber security operation supervisory focus areas.
centres are enabled with
improved monitoring capabilities
for evolving cyber vulnerabilities
and attacks.
* Risk drivers and mitigants are examples and do not represent all activities being pursued to manage these risks.
Standard Bank Group

Emerging enterprise risks continued
4 5 6
FRAUD INFORMATION PEOPLE
The risk of regulatory sanction The risk of loss due to inaccurate The risk of failure of the
and reputational and financial data, data breaches workforce to adequately
losses due to fraud, crime and or being unable to protect and efficiently serve clients,
misconduct from staff or client information support operations and
syndicates deliver business strategy

•increasingly advanced cyber and •perpetrators and events will •the multi-generational workforce
malware attacks are expected, continue to evolve has different needs, expectations
which may result in fraud being •there may be increased demand and aspirations, increasing
perpetrated for processing of information complexity in the workplace
•aggressive advancements in from data subjects. •a rise in digitisation and
technology may cause automation will deliver
unforeseeable fraud threats. efficiencies and reduce demand
for certain skillsets.

•enhanced digital detection •ongoing awareness encourages a •a range of learning and
capability covering people, consistent information protection development solutions
processes and technology culture ensure that employees can
•development of predictive fraud •ongoing research and threat adapt and remain relevant in
detection and prevention intelligence to stay abreast of the changing work environment
capabilities using agile developments and to ensure the through continuous learning
methodologies. protection of information assets. •recognition programmes support
a culture where success is
celebrated and employees feel
valued for their contribution to
the business.
18
MANAGEMENT
ENTERPRISE RISK
7 8 9
BUSINESS
DISRUPTION THIRD-PARTY CONDUCT
The risk of infrastructure/ The risk of losses or

change failure or disruptions due to ineffective The risk of harm being caused
environmental impacts management of third-party to the group, its clients and
disrupting the services to and relationships markets due to inappropriate
of the group execution of business activities

•voluminous and/or significant •emergence of third-party •cultural misalignment due to
system changes always pose the partnerships and outsourcing as inappropriate ethics, behaviours
risk of unforeseen consequences business enablers, for example, and values being applied that
or disruption to clients and partnering with fintechs result in poor business practices
business activities •the potential for unknown •growth in the complexity of
•reliance on infrastructure such fourth- and fifth-parties regulatory frameworks.
as water and power utilities, and supporting third-party providers.
network service providers.

•continue to improve system •predictive profiling of suppliers to •by driving a culture of doing the
production stability and reliability drive improved supply chain right business the right way, the
to minimise disruption of digitally management group will continue to embed
enabled services to clients •increased visibility into fourth- the desired values, ethics and
•business continuity plans are parties to ensure accountability behaviours
prepared for all business areas and preparedness to avoid •continuing to refine the approach
•simplify the IT landscape to potential incidents. to training through the rollout of
improve agility, enhance more interactive and digital
customer experience and methods of training that are
ensure the relevance of services standardised across the group
the group offers to its clients. •embedding and monitoring
conduct-related metrics in
business units and corporate
functions across the group.
Standard Bank Group

KEY COMPONENTS OF THE ENTERPRISE

RISK MANAGEMENT PROCESS
Group strategy
Governance and structure

RCCM The board Group risk oversight committee
framework and its subcommittees (GROC) and its subcommittees
Managing risk is a key part of the group’s The board has the ultimate responsibility These committees are responsible for
everyday activities. The framework for the oversight of risk, including approval management of all risks and
ensures risks are managed in a consistent of strategy and risk appetite. implementation of risk governance
way across the group with appropriate processes, standards, policies and
oversight and accountability. frameworks.
THE FIRST LINE
24
THE SECOND LINE

Three lines of defence
The group uses the three lines of defence governance model which
promotes transparency, accountability and consistency through the
THE
THIRD clear identification and segregation of roles.
LINE
Enterprise risk management processes

35 16 The group’s risk appetite statement sets out the
Risk Emerging
appetite enterprise risks aggregate level and types of risk that the group is willing
to accept to meet its strategic objectives. Enterprise risk
management processes enable the group to measure,
6–7 36
Risk Stress monitor, actively manage and mitigate risks to ensure
types testing it remains within risk appetite.
Control framework
Risk standards, frameworks, policies
and internal controls
Underpinned by:
SYSTEMS, DATA AND INFRASTRUCTURE
RISK CULTURE AND VALUES
20
MANAGEMENT
ENTERPRISE RISK
RISK GOVERNANCE
The group’s approach to managing risk and capital is set out in the
group’s RCCM governance framework, which is approved by the
group risk and capital management committee (GRCMC).
The framework has two components:
Governance documents comprise

GOVERNANCE standards, frameworks and policies which
DOCUMENTS set out the requirements for
the identification, assessment,
measurement, monitoring, managing and
reporting of risks and the effective
management of capital.
Governance standards and frameworks
are approved by the relevant board
committee. Group policies are approved
by the group management committee
or subcommittee, relevant GROC
subcommittee, GROC itself or, where
regulations require board approval,
by the board or relevant board
committee.
Business line and legal entity policies

are aligned to these group policies
and are applied within their governance
structures.
Governance committees are in place at both a board and

GOVERNANCE management level. These committees have mandates and
COMMITTEES delegated authorities that are regularly reviewed.
Standard Bank Group

Governance committees
STANDARD BANK GROUP BOARD
Board committees Chief executive
Group risk and capital

Group executive committee
management committee
Group management committee

Group technology and
information committee
Group risk oversight committee

Group audit committee
Group model approval committee
Direct reporting line
Indirect reporting line

PBB model CIB model
approval approval
committee committee
The board committees that are responsible for the oversight of GAC
the group’s RCCM comprise the GRCMC, the group audit The GAC has oversight of the group’s financial position and
committee (GAC), the group technology and information makes recommendations to the board on all financial matters,
committee and the group model approval committee. financial risks, internal financial controls and compliance. In
relation to RCCM, the GAC plays a role in assessing the adequacy
The key roles and responsibilities of these committees, as they
and operating effectiveness of the group’s internal financial
relate to RCCM, are summarised in the sections that follow.
controls. In addition, the GAC:
Board subcommittees •monitors and reviews the adequacy and effectiveness of
GRCMC accounting policies, financial and other internal control
The GRCMC provides an independent objective oversight of risk systems and financial reporting processes
and capital management in the group. It also reviews and •provides independent oversight of the group’s assurance
assesses the adequacy and effectiveness of the group RCCM functions, with particular focus on combined assurance
governance framework, and the integrity of risk controls and arrangements, including external audit, internal audit,
systems. In addition, the GRCMC: compliance, risk and internal financial control functions
•sets the direction for how risk and capital management should •reviews the independence and effectiveness of the group’s
be approached and addressed in the group external audit, internal audit and compliance functions
•assesses the group’s compliance with applicable legal,
•reviews and approves the risk appetite statement for the
regulatory and accounting standards and policies in the
group’s banking activities
preparation of fairly presented financial statements and
•reviews risk management reports and monitors the group’s
external reports, thus providing independent oversight of
risk profile
the integrity thereof.
•evaluates and agrees the opportunities and associated risks
that the organisation should be willing to take. Membership comprises six independent non-executive directors,
which includes the group technology and information and group
The chairmen of the board, the GAC, the remuneration remuneration committee chairmen.
committee, the group social and ethics committee, the group
model approval committee and the group technology and In order to ensure the independence of the second line of
information committee are all members of the GRCMC. This defence functions, the chairman of the GAC meets individually
common membership supports an integrated view of financial, with the group chief compliance and data officer (GCCDO), the
IT and risk controls and ensures that relevant finance and risk group financial director and the group chief audit officer, without
input is considered in determining levels of compensation. management being present, on a quarterly basis and as required.
22
MANAGEMENT
ENTERPRISE RISK
Group technology and information committee Management committee
The group technology and information committee’s purpose is to GROC has been established as a subcommittee of the group
assist the board in fulfilling its corporate governance management committee to provide group-level oversight of all
responsibilities with respect to technology and information, and risk types and assists the GRCMC in fulfilling its mandate. As is
reports to the board through its chairman. In line with King IV and the case with the GRCMC, GROC calls for and evaluates in-depth
the board briefing on IT governance, as published by the IT investigations and reports based on its assessment of the group’s
Governance Institute, this committee ensures that prudent and risk profile and external factors.
reasonable steps are taken with respect to technology and
information governance. GROC delegates authority to various subcommittees which deal
with specific risk types or oversight activities. Material matters
The committee has the authority to review and provide guidance are escalated to GROC through reports or feedback from each
on matters related to the group’s IT strategy, budget, operations, subcommittee chairman.
policies and controls, the group’s assessment of risks associated
with IT, including disaster recovery, business continuity and IT CIB credit governance committee
security, as well as oversight of significant IT investments and Chaired by: CIB CRO
expenditure.
PBB credit governance committee
The committee oversees the governance of technology and Chaired by: PBB CRO
information in a way that supports the organisation in setting and
achieving its strategic objectives. Group asset and liability committee (ALCO)
Chaired by: group financial director
Membership comprises five independent non-executive directors,
two non-executive directors, all three executive directors and Group compliance committee
the group’s head of digitisation. This is complemented by an Chaired by: GCCDO
independent IT subject matter expert, the group chief
information officer, group chief risk officer (CRO), group chief Group country risk management committee
audit officer, business unit chief executives, group head of Chaired by: group CRO
operational risk, IT executive management members, GCCDO,
and the head of data management. The group’s external audit IT Group equity risk committee (ERC)
partners are standing invitees to committee meetings. Chaired by: CIB CRO
Group model approval committee Group internal financial control governance committee
This committee assists the board in discharging its obligations Chaired by: group financial director
for model risk as it pertains to the advanced internal rating-based
Group operational risk committee
(AIRB) approach for the measurement of the group’s exposure
Chaired by: group head of operational risk management
to credit risk as envisaged in the regulations of the Banks Act.
Group sanctions and client risk review committee
It performs functions that may be prescribed by regulation, from
Chaired by: group CRO
time-to-time, including the evaluation of risk evaluation models
that may need to be approved by the committee before being
Group stress testing and risk appetite committee
used to calculate a regulatory capital charge.
Chaired by: group CRO
Membership comprises three non-executive directors, all three
Group recovery and resolution plan committee
executive directors, the chief executives of PBB and CIB and the
Chaired by: group financial director
group CRO.
This committee is supported by the PBB and CIB model approval

subcommittees, with the models being assigned to these three
committees for approval based on an assessment of the materiality
of each model.
GOV For details on the activities of the committees, refer to the group’s
REM governance and remuneration report.
Standard Bank Group

THREE LINES OF DEFENCE MODEL

The FIRST LINE of defence consists of the management
of business lines and legal entities. It is the responsibility
of first line management to identify and manage risks.
This includes, at an operational level, the day-to-day
effective management of risk in accordance with agreed
risk policies, appetite and controls. Effective first line
management includes:
•the proactive self-
identification of issues and
risks, including emerging
risks
•the design, implementation
and ownership of
appropriate controls
•the associated operational
control remediation
THE FIRST •a strong control culture of
LINE effective and transparent
Business lines and legal entities
risk partnership.
THE SECOND
LINE
Risk management and compliance
The SECOND LINE of defence THE THIRD

functions provide independent oversight
LINE
and assurance. They have resources at Group internal
the centre and embedded within the audit (GIA)
business lines. Central resources provide
groupwide oversight of risks, while
resources embedded within the business The THIRD LINE of defence provides
lines support management in ensuring independent and objective assurance to
that their specific risks are effectively the board and senior management on the
managed as close to the source as effectiveness of the first and second lines
possible. Central and embedded of defence. This responsibility lies with
resources jointly oversee risks at a legal All three levels report to the board, the GIA function.
entity level. either directly or through the
GRCMC and the GAC.
The second line of defence functions
develop, implement and integrate
governance standards, frameworks and
policies for each material risk type to
which the group is exposed. This ensures
consistency and an enterprise-wide
approach across the group’s business
lines and legal entities. Compliance with
the standards and frameworks is ensured
through annual self-assessments by
the second line of defence and reviews
by GIA.
RISK CULTURE REPORTING

The group leverages the three lines of defence model to build and The group’s risk appetite, risk profile and risk exposures are
maintain a strong risk culture, where resilience is a priority for the reported on a regular basis to the board and senior management
effective management of risk across the group. Focus is placed through various governance committees. Risk management
on multiple drivers to enhance risk culture, with emphasis on reports originate in the business units and are then escalated
doing the right business, the right way. Employees are through the formalised governance structure, shown on page 22,
empowered to act with confidence, drive meaningful behavioural as mandated, based on materiality. A group risk management
changes and place the customer at the centre of everything they report is tabled at both board and senior management risk
do, through the embedding of the group’s values and ethics committees. These include the group executive committee, the
policies, compliance training and whistle-blowing programmes. group management committee, GROC and the GRCMC.
Reports to board committees comply with the group’s internal
risk reporting standards, which are set out in the group’s risk
data aggregation and risk reporting policy.
24
CAPITAL
MANAGEMENT
26 OVERVIEW AND OBJECTIVES
26 REGULATORY UPDATE
26 REGULATORY CAPITAL
32 ECONOMIC CAPITAL
33 RISK-ADJUSTED PERFORMANCE
MEASUREMENT
33 COST OF EQUITY
Standard Bank Group

Capital management continued
OVERVIEW AND OBJECTIVES Annexure A provides a summary of the regulatory and legislative
developments that impact the group. In particular, the impact of
The group’s capital management function is designed to ensure IFRS 9 as well as final Basel III post-crisis reform proposals that
that regulatory requirements are met at all times and that were published by the BCBS in December 2017 and the potential
the group and its principal subsidiaries are capitalised in line with requirements for loss absorbing and recapitalisation capacity of
the group’s risk appetite and target ratios, both of which are systemically important banks may impact capital levels going
approved by the board. forward. The implementation date of the Basel III post-crisis
reform proposals is 1 January 2022 with transitional
It further aims to facilitate the allocation and use of capital, such arrangements for the phasing in of the aggregate output floor
that it generates a return that appropriately compensates from 1 January 2022 to 1 January 2027. The Basel III post-crisis
shareholders for the risks incurred. Capital adequacy is actively reform proposals provide for areas of national discretion and the
managed and forms a key component of the group’s budget and group will, through relevant industry bodies, engage the SARB on
forecasting process. The capital plan is tested under a range of the South African implementation of the proposals.
stress scenarios as part of the group’s annual internal capital
adequacy assessment process (ICAAP) and recovery plan.
REGULATORY CAPITAL
The capital management function is governed primarily by The group manages its capital levels to support business growth,
management level subcommittees that oversee the risks maintain depositor and creditor confidence, create value for
associated with capital management, namely the group ALCO shareholders and ensure regulatory compliance.
and one of its subcommittees, the group capital management
committee. The principal governance documents are the capital The main regulatory requirements to be complied with are those
management governance framework and the model risk specified in the Banks Act and related regulations, which are
governance framework. aligned with Basel III.
REGULATORY UPDATE Banking operations

The SARB adopted the Basel III framework introduced by the Regulatory capital adequacy is measured through the following
BCBS from 1 January 2013. The group has complied with the three risk-based ratios:
minimum requirements from that date. The Basel III capital •CET I: ordinary share capital, share premium, retained
adequacy requirements are subject to phase-in rules and the earnings, other reserves and qualifying non-controlling interest
group is well positioned to comply with the requirements when less impairments divided by total RWA
they become effective. Specifically, the South African domestic •tier I: CET I and other qualifying non-controlling interest plus
systemically important banks (D-SIB) framework and the Basel perpetual, non-cumulative instruments with either contractual
III capital conservation and countercyclical capital buffer (CCyB) or statutory principal loss absorption features that comply
requirements came into effect from 1 January 2016 and will be with the Basel III rules divided by total RWA. Perpetual
phased in over a three-year period with full implementation from non-cumulative preference shares that comply with Basel I
1 January 2019. and Basel II rules are included in tier I capital but are currently
subject to regulatory phase-out requirements over a ten-year
The graph below reflects the Basel III capital requirements and period, which commenced on 1 January 2013.
phase-in periods applicable to South Africa. •total capital adequacy: tier I plus other items such as general
credit impairments and subordinated debt with either
South African minimum capital requirements1 contractual or statutory principal loss absorption features that
SARB ratios (capital as a % of RWA) effective 1 January each year
comply with the Basel III rules divided by total RWA.
Subordinated debt that complies with Basel I and Basel II rules
16
is included in total capital but is currently subject to regulatory
14.00
14 13.01
phase-out requirements, over a ten-year period, which
12.00 3.25 commenced on 1 January 2013.
12 3.00
2.75
10 2.25
The ratios are measured against internal targets and regulatory
1.88 minimum requirements.
1.50
8
1.25 1.88 2.50
6
4
6.50 6.25 6.00
2
2017 2018 2019
QQCommon equity tier I (CET I) QQAT1

QQConservation buffer QQTier II
1 Graph excludes CCyB and confidential bank-specific pillar 2b capital requirement,

but includes maximum potential D-SIB requirement which is also bank-specific
and, therefore, confidential.
26
CAPITAL MANAGEMENT
The following graph discloses the group’s total capital adequacy RWA history1 (Rbn)
and the components thereof and indicates that the group’s
capital is well above the required level of capital. 2 000
Capital adequacy 1,2 (%)

1 500
20.0
1 000
15.0
500
10.0
2012 2013 2014 2015 2016 2017

5.0 Total assets RWA
1 Banking activities and other banking interests.
2012 2013 2014 2015 2016 2017
QQTier I QQTier II Required capital Maturity profile of the group’s tier II instruments (Rm)
1 Group, including Liberty. 7 000

2 Basel III was implemented on 1 January 2013. RWA and capital adequacy for 2012
are on a pro forma Basel III basis. 6 000
5 000
RWA are calculated in terms of the Banks Act and related 4 000
regulations, which are aligned with Basel III. 3 000
The group’s CET I capital, including unappropriated profits, was 2 000

R129.6 billion as at 31 December 2017 (2016: R122.6 billion).
1 000
The group’s tier I capital, including unappropriated profits, was
R136.3 billion as at 31 December 2017 (2016: R126.2 billion) and
2018 2019 2020 2021 2022
total capital, including unappropriated profits was R153.2 billion
as at 31 December 2017 (2016: R146.3 billion). QQFirst callable date
The group issued its debut Basel III compliant AT1 capital
instrument for R1.7 billion on 30 March 2017, followed by a
second issuance for R1.8 billion on 21 September 2017. The group
has not issued Basel III compliant tier II instruments during the
period under review.
The downgrades to the South African sovereign rating and

consequential downgrades in the credit ratings of South African
banks in the first half of 2017 did not have a material impact on
the group’s capital adequacy ratios, although there was an
increase in market risk RWA. Stress scenarios on capital
adequacy, including the possible impact of further downgrades to
the South African sovereign rating, are performed and assessed
on an ongoing basis.
Standard Bank Group

Capital management Regulatory capital continued
QUALIFYING CAPITAL, EXCLUDING UNAPPROPRIATED PROFITS (BANKING OPERATIONS)

2017 2016
Rm Rm
IFRS ordinary shareholders’ equity 157 020 150 757

Qualifying non-controlling interest 4 892 4 488
Less: regulatory adjustments (32 326) (32 676)
Goodwill (1 904) (2 239)
Other intangible assets (18 603) (19 289)
Shortfall of credit provisions to expected losses (EL) (2 076) (2 118)
Investments in financial entities (9 141) (8 432)
Other adjustments (602) (598)
Less: regulatory exclusions (11 304) (8 168)
CET I capital 118 282 114 401
Qualifying other equity instruments 6 291 3 297
Qualifying non-controlling interest 416 322
Tier I capital 124 989 118 020
Qualifying tier II subordinated debt 14 777 17 773
General allowance for credit impairments 2 173 2 357
Tier II capital 16 950 20 130
Total regulatory capital 141 939 138 150
Total capital requirement 102 884 91 631
Total RWA 957 046 883 179
OV1: BASEL RWA AND ASSOCIATED CAPITAL REQUIREMENTS (BANKING OPERATIONS)

Minimum
capital
RWA requirements1
Table reference 2017 2016 2017
Credit risk (excluding counterparty credit risk (CCR)) 666 422 627 691 71 641
Of which standardised approach2 CR4 267 924 258 526 25 941
Of which internal rating-based (IRB) approach CR6, CR7, CR8 398 498 369 165 45 700
CCR CCR1 24 350 21 184 2 618
Of which standardised approach for CCR 3 424 2 640 368
Of which IRB approach 20 926 18 544 2 250
Equity positions in banking book under
market-based approach CR10 6 154 6 167 662
Securitisation exposures in banking book 747 678 80
Of which IRB approach SEC3 394 228 61
Of which IRB supervisory formula approach SEC3 353 450 19
Market risk 60 021 39 444 6 452
Of which standardised approach MR1 47 217 21 411 5 076
Of which internal model approach (IMA) MR2 12 804 18 033 1 376
Operational risk 158 670 149 163 17 058
Of which standardised approach 91 818 89 971 9 871
Of which advanced measurement approach (AMA) 66 852 59 192 7 187
Amounts below the thresholds for deduction (subject to 250% risk weight) 40 682 38 852 4 373
Total 957 046 883 179 102 884
1 Capital requirement at 10.8% (December 2016: 10.38%) excludes the confidential bank-specific add-ons.
2 Portfolios on the standardised approach relate to the Africa Regions and portfolios for which application to adopt the IMA has not been submitted, or for which an
application has been submitted but approval has not been granted.
28
CAPITAL MANAGEMENT
RWA reconciliation (Rbn) (Banking operations)
1 200
109.2 1.8 (37.2)

1 000 957.0
883.2
800
600
400
200
Dec 2016 Operational Threshold Foreign exchange Dec 2017

RWA growth RWA increase movement RWA
Total capital adequacy ratio movement (%) (Banking operations)
24.0
3.0 (1.5)
20.0
(1.8)
16.6 0.2 (0.5)
16.0
16.0
12.0
8.0
4.0
Dec 2016 Foreign Increase Dividends Movement Other Dec 2017

capital exchange in reserves in RWA movements capital
adequacy impact adequacy
ratio ratio
CAPITAL ADEQUACY RATIOS1

2017 SARB Including Excluding
minimum Internal unappropriated profits unappropriated profits
regulatory target
requirement2 ratios 2017 2016 2017 2016
% % % % % %
Total capital adequacy ratio 10.8 15.0 – 16.0 16.0 16.6 14.8 15.6
Tier I capital adequacy ratio 8.5 12.0 – 13.0 14.2 14.3 13.1 13.4
CET I capital adequacy ratio 7.3 11.0 – 12.5 13.5 13.9 12.4 13.0
1 Group, including Liberty.
2 Excludes confidential bank-specific add-ons.
Standard Bank Group

CAPITAL ADEQUACY RATIOS OF BANKING SUBSIDIARIES

Tier I host Total host 2017 2016
regulatory regulatory
requirements requirements Tier I capital Total capital Tier I capital Total capital
% % % % % %
Standard Bank Group 8.51 10.81 14.2 16.0 14.3 16.6

The Standard Bank of South
Africa Group 8.5 10.8 14.2 16.6 13.7 16.8
Africa Regions
Stanbic Bank Botswana 7.5 15.0 9.8 19.1 10.0 18.0
Stanbic Bank Ghana 10.0 20.0 23.4 14.7 18.6
Stanbic Bank Kenya 10.5 14.5 15.6 17.1 15.4 17.6
Stanbic Bank S.A. (Ivory Coast)5 8.0 >100 >100
Stanbic Bank Tanzania 12.5 14.5 17.0 18.8 19.1 20.5
Stanbic Bank Uganda 8.0 12.0 17.8 20.7 16.6 19.9
Stanbic Bank Zambia 5.0 10.0 16.6 19.1 15.6 18.5
Stanbic Bank Zimbabwe 8.0 12.0 22.0 24.6 20.8 23.5
Stanbic IBTC Bank Nigeria 5.0 10.0 16.2 20.5 13.7 18.3
Standard Bank de Angola 10.0 28.5 33.3 21.6 26.8
Standard Bank Malawi 10.0 15.0 16.8 20.3 19.7 22.0
Standard Bank Mauritius 8.0 10.6 31.4 32.0 32.6 41.4
Standard Bank Mozambique 8.0 18.9 20.4 14.9 17.0
Standard Bank Namibia 7.0 10.0 10.9 13.8 11.5 14.0
Standard Bank RDC
(DRC-Congo)4 5.0 10.0 79.1 92.4 27.2 40.0
Standard Bank Swaziland 4.0 8.0 11.9 14.1 10.8 13.1
Standard Lesotho Bank 4.0 8.0 23.1 16.3 15.3 17.7
Standard Bank International
Standard Bank Isle of Man 8.5 10.0 12.6 13.7 15.7 17.4
Standard Bank Jersey 11.0 14.1 10.9 14.7
Liberty Group Limited
(calculated in terms of the Long-term Insurance Act2)
– capital adequacy ratio – times covered 2.9 2.93
1 Represents 2017 SARB Basel III minimum capital requirements. Excluding confidential bank-specific add-ons.
2 Long-term Insurance Act 52 of 1998.
3 Restated. Refer to page 101.
4 Increase in capital adequacy ratios in anticipation of increased minimum regulatory requirements.
5 Stanbic Bank S.A. (Ivory Coast) commenced operations in July 2017. Capital adequacy ratios are reflective of the start-up stage of the business.
The SARB has not activated a CCyB requirement for banks in South Africa, but the group is subject to CCyB requirements on exposures
in other jurisdictions where these buffers apply from time-to-time.
The proportion of capital held for CCyB requirements in geographies other than South Africa are shown in the table below.
CCYB1 – GEOGRAPHICAL DISTRIBUTION OF CREDIT EXPOSURES USED IN THE COUNTERCYCLICAL

BUFFER (BANKING OPERATIONS)
RWA used in the
computation of the Bank-specific
Countercyclical countercyclical countercyclical Countercyclical
capital buffer rate capital buffer capital buffer rate buffer amount
Geographical breakdown (%)1 (R’000) (%) (R’000)
Hong Kong2 1.25 24 409 0.0001518 1 453

Sweden 2.0 35 480 0.0003530 3 378
Norway 2.0 27 0.0000003 3
1 Introduction of CCyB to the U.K. of 0.5% in June 2018 with an update to 1% in November 2018.
2 Hong Kong CCyB scheduled to increase to 1.875% in January 2018.
The SARB adopted the leverage framework that was issued by the BCBS in January 2014 with formal disclosure requirements
commencing from 1 January 2015. The minimum leverage ratio has been set at 4% by the SARB.
The non-risk-based leverage measure is designed to complement the Basel III risk-based capital framework.
30
CAPITAL MANAGEMENT
LR1 – SUMMARY COMPARISON OF ACCOUNTING ASSETS VS LEVERAGE RATIO EXPOSURE MEASURE
(BANKING OPERATIONS)
2017 20161
Rm Rm
Total consolidated assets as per published financial statements 1 597 968 1 543 758
Adjustment for investments in banking, financial, insurance or commercial entities that are
consolidated for accounting purposes but outside the scope of regulatory consolidation 10 605 10 426
Adjustment for fiduciary assets recognised on the balance sheet pursuant to the operative accounting
framework but excluded from the leverage ratio exposure measure
Adjustments for derivative financial instruments (29 263) (11 105)
Adjustment for securities financing transactions (repos and similar secured lending) 794 2 256
Adjustment for off-balance sheet items (conversion to credit equivalent amounts of off-balance
sheet exposures) 109 106 103 118
Other adjustments (1 688) 5 295
Leverage ratio exposure 1 687 522 1 653 748
LEVERAGE RATIO COMMON DISCLOSURE TABLE (BANKING OPERATIONS)

2017 20161
Rm Rm
On-balance sheet exposures (excluding derivatives and securities financing

transactions (SFTs)) 1 467 667 1 371 690
On-balance sheet exposures (excluding derivatives and SFTs, but including collateral) 1 499 991 1 404 366
Less: asset amounts deducted in determining Basel III tier I capital (32 324) (32 676)
Derivatives exposures 43 365 50 647
Replacement cost associated with all derivatives transactions (where applicable net of eligible cash
variation margin and/or with bilateral netting) 11 449 12 929
Add-on amounts for potential future exposures (PFE) associated with all derivatives transactions 25 176 39 694
Gross-up for derivatives collateral provided where deducted from the balance sheet assets pursuant
to the operative accounting framework
Less: deductions of receivables assets for cash variation margin provided in derivatives transactions (12 550) (12 083)
Less: exempted central counterparty (CCP) leg of client-cleared trade exposures (3 426) (12 047)
Adjusted effective notional amount of written credit derivatives 22 716 22 154
Less: adjusted effective notional offsets and add-on deductions for written credit derivatives
SFT exposures 67 384 128 294
Gross SFT assets (with no recognition of netting), after adjusting for sales accounting transactions
(Netted amounts of cash payables and cash receivables of gross SFT assets) 66 590 126 037
CCR exposure for SFT assets 794 2 257
Other off-balance sheet exposures 109 106 103 117
Off-balance sheet exposure at gross notional amount 310 944 313 791
Less: adjustments for conversion to credit equivalent amounts (201 838) (210 674)
Capital and total exposures
Total exposures 1 687 522 1 653 748
Leverage ratio
Basel III leverage ratio 7.4 7.1
Basel III leverage ratio (including unappropriated profits) 8.1 7.6
Standard Bank Group

RECONCILIATION WITH ANNUAL FINANCIAL STATEMENTS

2017 20161
Rm Rm
Total consolidated assets per published financial statements 1 597 468 1 543 758
Derivative assets as per the statement of financial position (SOFP) (72 629) (61 752)
Security financing transactions per the SOFP (66 590) (126 037)
Total consolidated assets per published financial statements (excluding derivative and
SFT assets) 1 458 749 1 355 969
Gross-up for cash management schemes 30 637 37 971
Adjustment for share of consolidated insurance assets 10 605 10 426
Total on-balance sheet items as per line 1 of common disclosure table 1 499 991 1 404 366
Insurance operations quantitative internal assessments of the group’s business models

are used to assess capital requirements to be held against all
The quarterly and annual returns submitted to the Financial
risks that the group is or may become exposed to, in order to
Services Board (FSB) in terms of the Long-term Insurance Act
meet current and future needs, as well as to assess the group’s
and the Short-term Insurance Act 53 of 1998 (Short-term
resilience under stressed conditions.
Insurance Act) indicated that the capital adequacy ratios were
met throughout 2017.
Banking operations
LIBERTY CAPITAL ADEQUACY RATIO ECONOMIC CAPITAL BY RISK TYPE
2017 2016 2017 2016
Rm Rm
Statutory capital
adequacy ratio Rm 5 378 5 253 Credit risk 73 784 70 680
Equity risk 6 912 6 805
Available statutory
Market risk 1 269 2 092
capital Rm 15 699 15 486 Operational risk 13 133 11 947
Liberty minimum capital Business risk 4 113 3 913
adequacy ratio Interest rate risk in the
coverage ratio (times) 1.5 1.5 banking book 3 908 3 381
Economic capital requirement 103 119 98 818
Actual capital adequacy
ratio coverage ratio (times) 2.9 2.9 Available financial resources 150 726 144 537
Economic capital coverage
STANDARD INSURANCE LIMITED (SIL) ratio (times) 1.46 1.46
REGULATORY CAPITAL ADEQUACY
The economic capital requirement of R103 billion as at
2017 2016 31 December 2017 (2016: R99 billion) is the internal assessment
times times of the amount of capital that is required to support the
covered covered group’s economic risk profile. For statistically quantifiable
potential losses arising from risk types, economic capital
Actual capital adequacy ratio reflects the worst-case loss commensurate with a confidence
coverage ratio 2.2 2.2 level of 99.92%.
Available financial resources refer to capital supply as defined by

ECONOMIC CAPITAL the group for economic capital purposes and includes capital and
Economic capital adequacy is the internal basis for measuring reserve funds after adjusting for certain non-qualifying items.
and reporting all quantifiable risks on a consistent risk-adjusted
basis. The group assesses its economic capital adequacy by Insurance operations
measuring its risk profile under both normal and stressed As prescribed under the anticipated solvency assessment and
conditions. management (SAM) regulatory regime, the assessment of capital
will be on an economic basis for South African insurance entities.
The ICAAP considers the qualitative capital management This will apply to Liberty and SIL. The regulatory capital will be
processes within the organisation and includes the organisation’s the amount of financial resources required to protect against
governance, risk management, capital management and financial economic insolvency under extreme events.
planning standards and frameworks. Furthermore, the
32
CAPITAL MANAGEMENT
Liberty is currently producing SAM assessments in parallel to
those required by the existing regulations and is confident of
transitioning on the effective date of SAM implementation.
The current assessments indicate that the group minimum

capital requirements are well covered under both the existing and
SAM regulations.
RISK-ADJUSTED PERFORMANCE
MEASUREMENT
Risk-adjusted performance measurement (RAPM) maximises
shareholder value by optimally managing financial resources
within the board-approved risk appetite. Capital is centrally
monitored and allocated, based on usage and performance in a
manner that enhances overall group economic profit and ROE.
Business units are held accountable for achieving their RAPM
targets. RAPM is calculated on both regulatory and economic
capital measures.
Return on ordinary equity

(Rm) (%)
200 000 20
160 000 16
120 000 12
80 000 8
40 000 4
2012 2013 2014 2015 2016 2017
QQOrdinary shareholders’ funds (average Rm) ROE (%)
COST OF EQUITY
The group’s rand-based cost of equity (COE) is estimated using
the capital asset pricing model applying estimates of a risk-free
rate at 8.8% (2016: 8.8%), equity risk premium of 6.4%
(2016: 6.5%) and a beta factor of 79.2% (2016: 79.3%). The beta
factor for banking activities is estimated at 80.8% (2016: 81.4%).
The group’s average COE as at 31 December 2017 is 13.9%
(2016: 14.0%).
Standard Bank Group

RISK APPETITE AND

STRESS TESTING
35 OVERVIEW
35 GOVERNANCE
35 RISK APPETITE
36 STRESS TESTING
34
RISK APPETITE AND STRESS TESTING
OVERVIEW The group has adopted the following definitions, where entity
refers to a business line or legal entity within the group, or the
The key to the group’s long-term sustainable growth and group itself:
profitability lies in ensuring that there is a strong link between its •risk appetite: an expression of the amount or type of risk an
risk appetite and its strategy. entity is willing to take in pursuit of its financial and strategic
objectives, reflecting its capacity to sustain losses and
Risk appetite is set, and stress testing activities are undertaken,
continue to meet its obligations as they fall due, under both
at a group level, in business units, in risk types and at a legal
normal and a range of stress conditions
entity level.
•risk appetite trigger: an early warning trigger set at a level
that accounts for the scope and nature of available
GOVERNANCE management actions, and ensures that corrective
management action can take effect and prevent a risk
The primary management level governance committee
tolerance limit breach
overseeing risk appetite and stress testing is the group stress
testing and risk appetite committee. •risk tolerance: the maximum amount of risk an entity is
prepared to tolerate above risk appetite. The metric is referred
The principal governance documents are the risk appetite to as a risk tolerance limit
governance framework and the stress testing governance •risk capacity: the maximum amount of risk the entity is able
framework. to support within its available financial resources
•risk appetite statement (RAS): the documented expression
RISK APPETITE of risk appetite and risk tolerance which have been approved
by the entity’s relevant governance committee. The RAS is
Risk appetite governance framework reviewed and revised, if necessary, on an annual basis
The risk appetite governance framework guides: •risk profile: the risk profile is defined in terms of three
dimensions, namely:
•the setting and cascading of risk appetite by group, business
line, risk type and legal entity – current or forward risk profile
•measurement and methodology – unstressed or stressed risk profile
•governance – pre- or post-management actions.
•monitoring and reporting of the risk profile The following diagram provides a schematic view of the three
•escalation and resolution. levels of risk appetite and the integral role that risk types play in
the process of cascading risk appetite from dimensions such as
regulatory capital, economic capital, stressed earnings and
liquidity to more granular portfolio limits.
RISK APPETITE
Level one Level two Level three
Risk appetite Risk appetite Portfolio limits

dimensions dimensions by risk type by risk type
•regulatory capital •credit and equity risk Credit and equity risk
•economic capital •operational risk •CLR
•stressed earnings •market risk •NPL
•liquidity •interest rate risk •concentrations
•business risk Operational risk
•liquidity risk •operational risk losses % to
total income
Capital demand/earnings at Market risk
risk utilisation per risk type •normal value-at-risk (VaR) and
stressed VaR (SVaR) limits
Interest rate risk
•interest rate sensitivity
Business risk
•cost-to-income ratio
•ROE
•headline earnings
per share (HEPS)
Liquidity risk
•depositor concentration
RAS
Standard Bank Group

Risk appetite and stress testing Risk appetite continued
Risk appetite statement STRESS TESTING

Executive management is responsible for recommending the
group’s RAS, which is then approved by the GRCMC on behalf of Stress testing governance framework
the board. In developing the RAS, executive management Stress testing is a key management tool within the group and is
considers the group’s strategy and the desired balance between used to evaluate the sensitivity of the current and forward risk
risk and return. The GRCMC reviews the group’s current risk profile relative to different levels of risk appetite. Stress testing
profile on a quarterly basis and forward risk profile (both stressed supports a number of business processes, including:
and unstressed) at least annually. •strategic and financial planning
•the ICAAP, including capital planning and management, and
Level one risk appetite dimensions can be either quantitative or
the setting of capital buffers
qualitative.
•liquidity planning and management
Quantitative level one risk appetite dimensions relate to available •informing the setting of risk appetite
financial resources and earnings volatility. The standardised •identifying and proactively mitigating risks through actions
quantitative dimensions used by the group, as well as legal such as reviewing and changing limits, limiting exposures, and
entities and business lines, are: hedging
•stressed earnings •facilitating the development of risk mitigation or contingency
•economic capital plans, including recovery plans, across a range of stressed
•regulatory capital conditions
•liquidity. •supporting communication with internal and external
stakeholders, including industry-wide stress tests performed
The group’s qualitative RAS, set out below, serves as a guide for by the regulator.
embedding the risk appetite framework to guide strategic and
operational decision making across the group. Stress testing within the group is subject to the group’s stress
testing governance framework which sets out the responsibilities
•Capital position: The group aims to have a strong capital for and approaches to stress testing activities. Broadly aligned
adequacy position measured by regulatory and economic and fit-for-purpose stress testing programmes are implemented
capital adequacy ratios. The group manages its capital levels for the group to ensure appropriate coverage of the different
to support business growth, maintain depositor and creditor risks.
confidence, create value for shareholders and ensure
regulatory compliance. Each banking subsidiary must further
comply with regulatory requirements in the countries in which
Stress testing programme
they operate The group’s stress testing programme uses one or a combination
•Funding and liquidity management: The group’s approach of stress testing techniques, including scenario analysis,
to liquidity risk management is governed by prudence and is in sensitivity analysis and reverse stress testing to perform stress
accordance with the applicable laws and regulations and takes testing for different purposes.
into account the competitive environment in which each
banking subsidiary operates. Each banking subsidiary must Groupwide macroeconomic stress testing
manage liquidity risk on a self-sufficient basis Macroeconomic stress testing is conducted across all major risk
•Earnings volatility: The group aims to have sustainable and types on an integrated basis for a range of economic scenarios
well-diversified earning streams in order to minimise earnings varying in severity from mild to very severe but plausible
volatility through business cycles macroeconomic shocks. The impact, after consideration of
•Reputation: The group has no appetite for compromising its mitigating actions, on the group’s income statement, SOFP and
legitimacy or for knowingly engaging in any business, activity the group’s capital demand and supply is measured against the
or relationship which could result in foreseeable reputational group’s risk appetite.
risk or damage to the group
Macroeconomic stress testing for the group and The Standard
•Conduct: The group has no appetite for wilful conduct failures, Bank of South Africa (SBSA) is performed, as a minimum, once a
inappropriate market conduct or knowingly causing a breach year for selected scenarios that are specifically designed by a
of regulatory requirements. The group strives to meet scenario working group targeting the group’s risk profile,
customers’ expectations for efficient and fair engagements by geographical presence and strategy.
doing the right business the right way, thereby upholding the
trust of its customers. In 2017 these scenarios included, among others, the possibility of
the South African sovereign being downgraded, rising geopolitical
Level two risk appetite represents the allocation of level one risk volatility, the slowdown of growth globally as well as the uneasy
appetite to risk types. Specifically, the contribution of individual social and political environment in South Africa. The results
risk types to earnings volatility and overall capital demand (both indicated that the group is well capitalised and able to handle
economic and regulatory) is controlled through triggers and these scenarios.
limits.
Group and SBSA macroeconomic stress testing results are
Level three consists of key metrics used to monitor the portfolio. presented at a board level in order to consider whether the
Portfolio triggers and limits are required to be broadly congruent group’s risk profile is consistent with the group’s risk appetite
with level one and level two triggers and limits. These metrics are buffer. Groupwide macroeconomic stress testing results are
regularly monitored at a risk type level and ensure proactive risk submitted as part of the annual ICAAP.
management.
36
RISK APPETITE AND STRESS TESTING
Additional stress testing
Groupwide macroeconomic stress testing results are
supplemented with additional ad hoc stress testing at the group,
legal entity, business line, sector, or risk type level that may be
required from time-to-time for risk management or planning
purposes. The purpose of this stress testing is to inform
management of risks that may not yet form part of routine stress
testing or where the focus is on a specific portfolio or business
unit. Additional stress testing can take the form of either scenario
analysis or sensitivity analysis.
This type of stress testing will be performed and governed at the

appropriate group, legal entity, business line, or risk type level.
Supervisory stress tests

From time-to-time, a regulator may call for the group or a legal
entity to run a supervisory stress test or common scenario with
prescribed assumptions and methodologies. The purpose of
these stress test requests could be for the regulator to assess the
financial stability of the entire financial sector, or targeted stress
tests where the regulator may have a specific concern regarding
a specific asset class or other potential stress event.
Business model stress testing

Business model stress testing utilises the reverse stress testing
technique to explore vulnerabilities in a particular strategy or
business model. The outcome does not necessarily target
business or bank failure, but rather seeks to inform what could
have a severe impact, given a plausible but in most cases highly
improbable event within a given set of circumstances and
assumptions.
Stress testing for the recovery plan

As part of the annual review of the group’s recovery plan, the
group’s procedures require the execution of stress tests in order
to test the effectiveness of the recovery options proposed in the
recovery plan, and to provide guidance on the selection of early
warning indicators. The range of scenarios that are considered
include both systemic, group-specific and combination events, as
well as fast- and slow-moving scenarios.
Risk type stress testing

Risk type stress tests apply to individual risk types. Risk type
stress testing could take the form of scenario or sensitivity
analysis.
Standard Bank Group

LINKAGES
38
LINKAGES
OVERVIEW
Table LI1 highlights the difference between the accounting and regulatory scopes of consolidation and also provides a mapping of the
in-scope portion of the IFRS financial statements to the Basel III regulatory risk categories.
Table LI2 provides a reconciliation of the in-scope carrying values as included in the IFRS financial statements to the exposure amounts
used for regulatory purposes.
Linkages between financial statements and regulatory exposures

LI1: DIFFERENCES BETWEEN ACCOUNTING AND REGULATORY SCOPE OF CONSOLIDATION1
Carrying
value as Not subject
reported Carrying to capital
in the values Subject Subject Subject Subject requirements
published under scope to the to the to the to the or subject
financial of regulatory credit risk CCR securitisation market risk to deduction
statements2 consolidation3 framework framework framework framework from capital
Rm Rm Rm Rm Rm Rm Rm
Assets
Cash and balances
with central banks 75 310 75 277 75 277
Derivative assets 75 610 72 629 72 629 67 547
Trading assets 160 894 159 798 12 334 26 412 159 798
Pledged assets 20 785 8 879 8 879
Financial
investments 533 314 178 715 162 872 15 842
Current tax assets 612 610 610
Loans and advances 1 048 027 1 048 481 1 006 451 41 562 468
Policyholder assets 7 484
Other assets 22 996 12 339 12 339
Interest in associates
and joint ventures 9 665 22 128 12 988 9 141
Investment property 32 226
Property and
equipment 16 179 12 671 12 671
Goodwill and other
intangible assets 23 329 23 064 23 064
Deferred tax assets 1 497 1 155 1 078 78
Total assets 2 027 928 1 615 746 1 296 620 165 324 468 227 345 32 283
Derivative liabilities 76 896 73 624 73 624 72 416
Trading liabilities 62 855 63 577 63 577
Current tax liabilities 5 107 1 822 1 822
Deposits and debt
funding 1 243 911 1 258 771 9 536 1 258 771
Policyholders’
liabilities 322 918
Subordinated debt 24 289 18 966 18 966
Provisions and other
liabilities 98 428 22 310 22 310
Deferred tax
liabilities 3 507 2 425 2 425
Total liabilities 1 837 911 1 441 495 83 160 135 993 1 304 294
1 The most significant differences between columns a and b of the table are as a result of exclusion of Liberty Holdings, the group’s insurance operations, from regulatory
scope of consolidation.
2 Including Liberty.
3 Refer to the group’s website for reporting framework consolidation differences.
Standard Bank Group

Linkages continued
LI2: SOURCES OF DIFFERENCES BETWEEN REGULATORY EXPOSURE AMOUNTS

AND CARRYING VALUES IN FINANCIAL STATEMENTS
Credit Securiti- Market
risk CCR sation risk
Total framework framework framework framework
Rm Rm Rm Rm Rm
Asset carrying values under scope of regulatory

consolidation 1 595 797 1 296 620 165 324 468 227 345
Liability carrying values under scope of regulatory
consolidation (146 737) (83 160) (135 993)
Total net amount under regulatory scope of
consolidation 1 449 060 1 296 620 82 164 468 91 352
1
Off-balance sheet amounts 317 516 148 242 12 764 3 349
Differences in valuation 2 363 2 363
Differences due to netting (including PFE)2 (14 696) (14 696)
Differences due to the impact of collateral3 (91 139) (2 306) (88 833)
Differences due to PFE4 42 623 42 623
Differences due to considerations of provisions5 20 080 20 080
Exposure amounts considered for
regulatory purposes 1 725 807 1 464 999 34 022 3 817 91 352
Amounts included as follows:
Standardised approach 363 119 CR4, CR5 3 154 CCR3
IRB approach 1 100 429 CR6 30 868 CCR4,CCR3
Equity risk 1 451 CR10
Total 1 464 999 34 022
CCR1
CCR3
1 The off-balance sheet regulatory exposures differ to that reported in the financial statements, since the regulatory exposures include revocable facilities and are subject
to credit conversion factors (CCF) in determining the regulatory exposures.
2 Regulatory netting is not equivalent to offset as applied in the financial statements, since regulatory netting includes netting agreements not meeting the IFRS netting
requirements.
3 CCR exposures relating to resale and repurchase agreements as considered for regulatory purposes are presented after taking into account underlying collateral values.
The IFRS SOFP represents the underlying financing amount, excluding any underlying collateral.
4 CCR exposure considered for regulatory purposes includes an add-on for potential future exposures not included as part of the IFRS SOFP.
5 Specific and general debt provisions are excluded from the exposure considered for regulatory purposes, subject to the credit risk framework, whereas these form part
of the amount reported on the face of the IFRS SOFP.
40
LINKAGES
CREDIT RISK
42 BANKING OPERATIONS
42 Approach to managing and measuring credit risk
42 Governance
43 Credit portfolio analysis
43 Approved regulatory capital approaches
49 Key portfolio models
49 Concentration risk
50 Credit risk mitigation
56 Counterparty credit risk
62 Securitisation
65 INSURANCE OPERATIONS
65 Consolidated mutual funds
65 Credit exposure to debt instruments
65 Reinsurance
65 Impairments – policyholder loans
Standard Bank Group

Credit risk
BANKING OPERATIONS Governance

Credit risk is governed in accordance with the group credit risk
Approach to managing and measuring governance standard and the model risk governance framework.
credit risk
The group credit risk governance standard establishes and
The group’s credit risk is a function of its business model and
defines the principles under which the group is prepared to
arises from wholesale and retail loans and advances,
assume credit risk and the overall framework for the consistent
underwriting and guarantee commitments, as well as from the
and unified governance, identification, measurement,
CCR arising from derivative and securities financing contracts
management and reporting of credit risk in the group. The
entered into with customers and trading counterparties. To the
standard is supported by underlying policies and procedures
extent that equity risk is held on the banking book, it is also
within the business units.
managed under the credit risk governance framework, except in
so far as approval authority rests with ERC.
The group’s credit governance process relies on both individual
responsibility and collective oversight, supported by
The management of credit risk is aligned to the group’s three
comprehensive and independent reporting. This approach
lines of defence framework.
balances strong corporate oversight at a group level, with
Refer to page 24 for the three lines of participation by the senior executives of the group and its
RCM 24 defence model.
business units in all significant risk matters.
Credit risk is managed through the CIB and PBB credit

Credit risk is managed through: governance committees, the group ERC (all subcommittees of
•maintaining a culture of responsible lending and a robust risk GROC) and the intragroup exposure committee (a subcommittee
policy and control framework of group ALCO). These governance committees are key
•identifying, assessing and measuring credit risk across the components of the credit risk management framework. They
group, from an individual facility level through to an aggregate have clearly defined mandates and delegated authorities, which
portfolio level are reviewed regularly. Their mandates include responsibility for
•defining, implementing and continually re-evaluating risk credit concentration risk decision-making and delegation thereof
appetite under actual and stressed conditions to credit officers and subcommittees within defined parameters.
•monitoring the group’s credit risk exposure relative to Key aspects of rating systems and credit risk models are
approved limits approved by the PBB, CIB and group model approval committees,
•ensuring that there is expert scrutiny and approval of credit all of which are mandated by the board as designated
risk and its mitigation independently of the business functions. committees. Regular model validation and reporting to these
committees is undertaken by the independent central validation
A credit portfolio limit framework has been defined to monitor function.
and control the credit risk profile within the group’s approved risk
appetite. All primary lending credit limits are set and exposures
measured on the basis of risk weighting in order to best estimate
exposure at default (EAD).
Pre-settlement CCR inherent in trading book exposures is

measured on a PFE basis, modelled at a defined level of
confidence using approved methodologies and models, and
controlled within explicit approved limits for the counterparties
concerned.
42
CREDIT RISK
Credit portfolio analysis
The credit quality of the group’s on- and off-balance sheet assets is reflected in table CR1 below, through the disclosure of the gross
carrying values of both defaulted and non-defaulted exposures, as well as the net exposures after impairments and allowances. Table
CR2 presents the movement in the balance of defaulted exposures for the reporting period, including loans and debt securities that have
defaulted since the last reporting period, those that have returned to default status and the amounts that have been written off.
CR1: CREDIT QUALITY OF ASSETS (BANKING OPERATIONS)

Gross carrying values of
Non- Allowances/
Defaulted defaulted impair-
exposures exposures Total ments1 Net values
(a) (b) exposure (c) (a+b-c)
Rm Rm Rm Rm Rm
2017
Loans2 34 938 1 078 545 1 113 483 22 366 1 091 117
Debt securities and other investments 78 140 921 140 999 78 140 921
On-balance sheet exposures 35 016 1 219 466 1 254 482 22 444 1 232 038
Off-balance sheet exposures 1 546 299 857 301 403 301 403
Total 36 562 1 519 323 1 555 885 22 444 1 533 441
CR2 AFS
2016
Loans2 34 426 1 004 915 1 039 341 21 793 1 017 548
Debt securities and other investments 155 227 155 227 155 227
On-balance sheet exposures 34 426 1 160 142 1 194 568 21 793 1 172 775
Off-balance sheet exposures 431 288 342 288 773 288 773
Total 34 857 1 448 484 1 483 341 21 793 1 461 548
CR2 AFS
1 As reported in the annual financial statements.
2 Included in loans are placements with central banks outside of South Africa. Placements under resale agreement are included within the CCR framework and excluded
from credit risk.
CR2: CHANGES IN STOCK OF DEFAULTED LOANS AND DEBT SECURITIES (BANKING OPERATIONS)
2017 2016
Rm Rm
Defaulted loans and debt securities at beginning of period 34 857 37 798

Loans and debt securities that have defaulted since the last reporting period 24 036 20 644
Returned to non-defaulted status (12 491) (12 271)
Amounts written off1 (7 794) (8 229)
Other changes (2 046) (3 085)
Defaulted loans and debt securities at end of period 36 562 34 857
CR1 CR1
1 As reported in the annual financial statements.
Approved regulatory capital approaches For bank and certain corporate asset class credit exposures on
the standardised approach the group makes use of the ratings of
The group has approval from the SARB to adopt the AIRB
two regulatory-approved external credit assessment institutions,
approach for most credit portfolios in SBSA. The group has
Fitch and Moody’s.
adopted the standardised approach for its Africa Regions
portfolios and for some of its less material subsidiaries and With respect to mainly sovereign credit exposures subject to the
portfolios. The group has approval from the SARB to adopt either standardised approach (particularly in the Africa Regions)
the market-based or the probability of default (PD)/loss given reference is also made to the export credit ratings issued by the
default (LGD) approaches for material equity portfolios, with the Organisation for Economic Co-operation and Development. The
latter applied to equity held on the banking book. group applies issuer ratings to calculate risk weights and will only
apply an issuer-specific rating in the event that it invests in a
Standardised approach particular issue that has an issue-specific assessment.
The calculation of regulatory capital is based on a risk weighting
and the net counterparty exposures after recognising a limited Regulatory capital for the credit risk arising on the owner-
set of qualifying collateral. The risk weighting is based on the occupied sub-portfolio of the commercial property finance
exposure characteristics and, in the case of corporate, bank and portfolio in South Africa was calculated on the standardised
sovereign exposures, the external agency credit rating of the approach.
counterparty.
Standard Bank Group

Credit risk Banking operations continued
The credit rating scale on page 48 is used for the alignment with the group’s master rating scale. In the case of obligors for which there
are no credit ratings available, exposures are classified as unrated for determining regulatory capital requirements.
The table that follows presents the breakdown of credit risk exposures under the standardised approach by Basel asset class and risk
weight. The total credit exposure amount represents on- and off-balance sheet amounts before application of credit risk mitigation
(CRM) and CCF. The capital requirements calculation is based on the amounts after also considering write-offs and allowances.
CR5: STANDARDISED APPROACH – EXPOSURE BY ASSET CLASSES AND RISK WEIGHTS

Risk weights
0% 10% 20% 35% 40% 50%
2017
Asset classes
Corporate 5 264 102
SME corporate 244
Public sector entities 1 272
Local governments and municipalities 72
Sovereign 39 601 1 477 2 257
Banks 3 218 14 819
Securities firms 4 1
Retail mortgage advances 7 693 192
Retail revolving credit 9
SME retail 107
Other retail 225
Securitisation and re-securitisation exposure
Other assets 43 157 1 321
Total 82 758 6 020 12 957 19 300
2016
Asset classes
Corporate 644 488 7 069 711 1 325
SME corporate 1 721 432 916 808 2 190
Public sector entities 1 958
Local governments and municipalities 62
Sovereign 19 449 2 021 3 416
Banks 3 492 23 201
Securities firms 95
Retail mortgage advances 284 91 2 567 4 327 2 249
Retail revolving credit 1 203
SME retail
Other retail 208
Other assets 49 765 54
Total 69 214 2 649 6 578 10 552 5 846 35 907
44
CREDIT RISK
Risk weights Total credit
exposures
amount
(post-CCF
75% 100% 150% 225% 350% 650% 1 250% Others and post-CRM)
42 396 2 355 50 117

37 955 2 039 40 238
2 393 530 4 195
4 76
77 534 9 954 130 823
18 037
5
8 787 986 17 658
3 862 38 1 3 910
7 084 4 000 157 11 348
15 946 301 4 16 476
25 758 70 236
35 679 191 365 15 040 363 119
(CR4/LI2)
6 362 35 682 418 52 699

5 111 32 969 541 44 688
3 292 5 250
18 80
73 337 98 223
26 693
95
3 335 4 021 1 16 875
17 580 18 783
12 161 1 422 13 583
2 783 2 991
18 360 136 12 284 80 599

47 332 169 101 960 136 12 284 360 559
(CR4/LI2)
Standard Bank Group

Internal ratings-based approach All IRB models are managed under model development and
Under the IRB regulatory capital approaches, the calculation of validation policies that set out the requirements for model
regulatory capital is based on an estimate of EAD and a risk governance structures and processes, and the technical
weighting. The risk weighting is based on asset class, and framework within which model performance and appropriateness
estimates of PD, LGD, and maturity. Under the AIRB approach all is maintained. The models are developed using internal historical
the parameters need to be estimated internally, while only PD is default and recovery data. In low-default portfolios, internal data
estimated internally under the foundation IRB approach. EAD, is supplemented with external benchmarks and studies. Models
LGD and maturity are regulatory-prescribed under the foundation are subjected to validation to demonstrate the reliability of the
IRB approach. model’s output.
Model development is governed by a group model risk Model validation takes place when a model is first designed and
governance framework, which applies to all models used in the annually thereafter, when there are material changes to the
assessment of credit risk, including but not limited to models model or when rating systems are replaced or enhanced. Models
used for the IRB approaches. Credit risk model development is are thus assessed frequently to ensure ongoing appropriateness
conducted within the independent risk function, while validation as business environments and strategic objectives change, and
is independently undertaken by a quantitative analytics function. are recalibrated annually using the most recent internal data. Any
changes to models or to model outputs are controlled through
access rights and are subject to approval at the relevant business
unit or group governance committee.
CR6: IRB – CREDIT RISK EXPOSURES BY PORTFOLIO AND PD RANGE (BANKING OPERATIONS)
TOTAL (ALL PORTFOLIOS)1
Original Off-balance
on-balance sheet EAD post-
sheet gross exposures Average CRM and Average
exposures pre-CCF CCF post-CCF PD
PD scale Rm Rm % Rm %
2017
0.00 to < 0.15 144 735 44 998 59.81 174 055 0.05
0.15 to < 0.25 57 074 36 725 55.35 78 755 0.21
0.25 to < 0.50 173 138 71 144 46.10 207 518 0.39
0.50 to < 0.75 127 043 28 950 44.66 140 580 0.63
0.75 to < 2.50 280 249 39 042 50.81 300 079 1.38
2.50 to < 10.00 122 356 10 993 56.87 128 391 4.32
10.00 to < 100.00 39 952 2 357 49.08 41 869 25.81
100.00 (default) 28 478 1 546 45.52 29 182 100.00
Total 973 025 235 755 50.69 1 100 429 4.69
LI2
2016
0.00 to < 0.15 138 279 45 363 61.14 171 068 0.04
0.15 to < 0.25 73 363 40 337 48.67 94 963 0.21
0.25 to < 0.50 181 091 60 804 50.76 211 894 0.39
0.50 to < 0.75 108 942 28 823 47.02 121 889 0.64
0.75 to < 2.50 237 519 35 719 54.38 252 605 1.39
2.50 to < 10.00 125 350 14 581 55.52 129 398 4.32
10.00 to < 100.00 40 637 1 524 74.26 41 628 26.19
100.00 (default) 28 262 430 50.00 28 477 100.00
Total 933 443 227 581 52.86 1 051 922 4.79
LI2
1 Refer to annexure B for credit risk exposures by portfolio.

2 Represents the number of unique obligors. The total number of unique obligors will not equal the sum of the obligors in the underlying asset classes as reported in
Annexure B since an obligor may be present in more than one asset class.
46
CREDIT RISK
Ongoing overall South African supervisory approval of the Table CR6 provides information on the main parameters used for
approach taken by the group to model its exposure to credit risk the calculation of capital requirements for exposures under the
on the IRB approach, as well as for all credit risk models used for IRB approach. Note the following:
regulatory capital purposes, is obtained primarily by way of an •the original on-balance sheet gross exposure is gross of
annual self-assessment. The assessment addresses all aspects of accounting provisions and does not include the effect of CRM
model design, the rating structure and criteria for ratings, the techniques
assessment horizon, integrity of the rating process, governance
•the off-balance sheet exposure pre-CCF is the exposure value
around rating overrides, maintenance of data, stress tests for
without taking into account accounting provisions, CCF and
capital adequacy, integrity of estimates used and validation of the
the effect of CRM techniques
models.
•average CCF is the EAD post-conversion factor for off-balance
The technical aspects of model usage, development, monitoring sheet exposure to total off-balance sheet exposure pre-CCF
and validation are reviewed by a technical committee. The •average PD and LGD are weighted by EAD
outcomes of model technical discussions are reported to the •average maturity is provided only for those asset classes
relevant model approval committee. where it is used for the RWA calculation and is weighted
by EAD
GIA is responsible, within its regular audits, for expressing an •RWA density is total RWA to EAD post-CRM and post-CCF.
opinion on the extent of compliance with the model risk
governance framework and for reviewing model inputs.
Average Average RWA Impairment

Number LGD maturity RWA density EL provisions
of obligors2 % Years Rm % Rm Rm
190 530 32.79 1.3 17 849 10.25 30

194 981 19.04 2.0 10 490 13.32 31
378 235 24.92 2.0 62 741 30.23 206
348 014 20.60 2.1 38 568 27.43 184
1 400 225 27.62 2.4 132 610 44.19 1 175
1 883 537 35.08 2.2 86 613 67.46 1 973
727 278 31.48 1.8 46 387 110.79 3 349
276 355 34.24 2.1 3 240 11.10 12 875
5 399 155 27.24 1.9 398 498 36.21 19 823 17 701
OV1
CR7
249 250 32.73 1.5 18 908 11.05 37

167 632 23.38 1.8 17 779 18.72 47
405 433 21.43 2.2 52 478 24.77 175
366 569 22.23 2.2 36 595 30.02 172
1 257 689 28.42 2.1 109 642 43.40 1 038
1 921 629 34.27 1.9 85 576 66.13 1 948
628 396 30.88 1.5 46 529 111.77 3 340
290 836 34.45 2.3 1 658 5.82 12 542
5 287 434 27.52 2.0 369 165 35.09 19 299 17 153
OV1
CR7
Standard Bank Group

IRB risk components The group distinguishes between through-the-cycle PDs and
Probability of default point-in-time PDs, and utilises both measures in decision-making,
PD is calculated using actual historical default rates, and in the managing credit risk exposures and measuring impairments
case of retail exposures calibrated to a specific behaviour against credit exposures.
scorecard using a monotonic calibration technique that ensures
a clear ranking of risk by mapping higher scores to lower PDs and The table below describes the internally defined relationship
vice versa. The estimates are adjusted to the long-run average between the group master rating scale, generally accepted
default rate (through-the-cycle) to cater for potential downturn defined investment grades, the group’s credit quality definitions
economic conditions. and external rating scales.
The group uses a 25-point master rating scale to quantify the

credit risk for each borrower (corporate asset classes) or facility
(specialised lending and retail asset classes), as illustrated in the
table below. Ratings are mapped to PDs by means of calibration
formulae that use historical default rates and other data from the
applicable portfolio.
CREDIT RATING SCALES
Group master
rating scale MOODY’S
CREDIT INVESTOR STANDARD
GRADING QUALITY SERVICES & POOR’S FITCH1
1–4 Aaa, Aa1, Aa2, Aa3 AAA, AA+, AA, AA- AAA, AA+, AA, AA-
Investment
5–7 A1, A2, A3 A+, A, A- A+, A, A-
grade
Normal
8 – 12 monitoring Baa1, Baa2, Baa3 BBB+, BBB, BBB- BBB+, BBB, BBB-
13 – 21 Ba1, Ba2, Ba3, BB+, BB, BB-, BB+, BB, BB-,

B1, B2, B3 B+, B, B- B+, B, B-
Sub-investment
grade
22 – 25 Close Caa1, Caa2, CCC+, CCC, CCC+, CCC,
monitoring Caa3, Ca CCC- CCC-
Default Default Default C D D

1 During 2015, Fitch withdrew the FSB registration of their South African subsidiary. Their grades are retained in this table to cater for exposures that still reference Fitch.
Loss given default Expected loss

The LGD is the amount of a counterparty’s obligation to the The IRB EL provides a measure of the value of the through-the-
group that is not expected to be recovered after default and is cycle credit losses that may reasonably be expected to occur
expressed as a percentage of the EAD. LGD measures are a over a 12-month period in the portfolio.
function of customer type, product type, seniority of loan,
country of risk and level of collateralisation. To the extent that IFRS provisions may be insufficient to cover
the EL in the credit portfolio, the difference is deducted from
LGD is calculated using the workout method (discounted cash qualifying capital (referred to as ’shortfall of credit provisions to
flows). Forecasting is performed for accounts that are still in expected losses’ in the group’s qualifying capital reconciliation).
default at the end of the outcome period. LGDs are estimated In its most basic form the EL can be calculated as the product of
based on historical recovery data per category of LGD. A PD, EAD and LGD.
downturn LGD is used in the estimation of the capital charge and
reflects the anticipated recovery rates in a downturn period. Credit conversion factors
The group applies a regulatory-approved CCF to convert undrawn
Exposure at default limits and other non-derivative off-balance sheet exposures to an
EAD captures the potential impact of changes in exposure values, equivalent EAD. The CCF is used to estimate the EAD for
for example: potential drawdowns against unutilised facilities, non-defaulted accounts. A downturn adjustment is made to cater
missed payments, repayments of capital, and potential changes for potential downturn economic conditions.
in CCR positions due to changes in market prices. By using
historical data, it is possible to estimate an account’s average
utilisation of limits, recognising that the exposure value at point
of default may differ to that at the balance sheet date given the
aforementioned reasons.
48
CREDIT RISK
Use of internal estimates Specialised lending’s creditworthiness is assessed on a
The group’s credit risk rating systems and processes differentiate transactional level, rather than on the financial strength of the
and quantify credit risk across counterparties and asset classes. borrower, in so far as the group relies only on repayment from the
Internal risk parameters are used extensively in risk management cash flows generated by the underlying assets financed.
and business processes, including:
•setting risk appetite Retail portfolio
Retail mortgage exposures relate to mortgage loans to individuals
•setting concentration and counterparty limits
and are a combination of both drawn and undrawn EADs.
•credit approval and monitoring
•pricing transactions Qualifying retail revolving exposure (QRRE) relates to current
•determining portfolio impairment provisions accounts, credit cards and revolving personal loans and products,
•calculating economic capital. and includes both drawn and undrawn exposures.
Retail other covers other branch lending and vehicle finance for
Key portfolio models retail, personal, and small and medium enterprise portfolios.
The group makes use of the following key models for its credit Bank lending includes both drawn and undrawn exposures, while
risk regulatory capital purposes: vehicle and asset finance only has drawn exposures.
•credit rating models for corporate exposures, with distinctions
made between South Africa, Africa Regions, small and medium Internally developed behavioural scorecards are used to measure
enterprises (SME) and Standard Bank International the anticipated performance for each account.
•for the CIB portfolio, distinct credit rating models are used for
exposures to banks, sovereigns, local government, brokers, Mapping of the behaviour score to a PD is performed for each
hedge funds, pension funds, asset managers, long- and portfolio using a statistical calibration of portfolio-specific
short-term insurers, property finance (both developer and historical default experience.
investor cash flow) and project finance respectively
The behavioural scorecard PDs are used to determine the
•in the retail and personal lending segments, behavioural portfolio distribution on the master rating scale. Separate LGD
scorecard models are used for retail cheque portfolio, retail models are used for each product portfolio and are based on
SME, card, personal loans, home loans, retail and corporate historical recovery data. EAD is measured as a percentage of the
SMEs, vehicle and asset finance, Blue Banner securitisation credit facility limit and is based on historical averages. EAD is
vehicle RC1 Proprietary Limited, pension-backed lending, estimated per portfolio and per portfolio-specific segment, using
Diners Club S.A. card and access loans. internal historical data on limit utilisation.
PD, EAD and LGD modelling is integral to all of the models and
Equity portfolio
portfolios detailed above.
Equity risk held in the banking book is substantively controlled in
accordance with the credit risk governance standard, except in so
Portfolios far as it is approved and overseen under the mandate of the ERC
Corporate, sovereign and bank portfolios rather than under the normal credit risk delegated authority
Corporate entities include large companies, as well as SMEs that structures.
are managed on a relationship basis or have a combined
exposure to the group of more than R12 million. Corporate Concentration risk
exposures also include specialised lending (project, object and
commodity finance, as well as income-producing real estate), Concentration risk is the risk of loss arising from an excessive
public sector entities and derivative trading counterparties. concentration of exposure to a single counterparty, an industry, a
product, a geography, maturity, or collateral. The group’s credit
Sovereign and bank borrowers include sovereign government risk portfolio is well diversified. The group’s management
entities, central banks, local and provincial government entities, approach relies on the reporting of concentration risk along key
bank and non-bank financial institutions. dimensions, the setting of portfolio limits and stress testing.
The creditworthiness of corporate (excluding specialised The group’s audited annual financial statements include an
lending), sovereign and bank exposures is assessed based on a industry segmental and geographical analysis of gross loans and
detailed individual assessment of the financial strength of the advances and specific credit impairments.
borrower. This quantitative analysis, together with expert
AFS Refer to annexure C in the group’s annual financial statements.
judgement and external rating agency ratings, leads to an
assignment of an internal rating to the entity.
The group’s audited annual financial statements include a

maturity assessment of its financial asset and financial liabilities
on a contractual discounted basis.
AFS Refer to note 25 in the group’s annual financial statements.
Standard Bank Group

RESTRUCTURED EXPOSURES SPLIT BETWEEN IMPAIRED AND NOT IMPAIRED (BANKING OPERATIONS)1
2017 2016
Not Not
impaired Impaired impaired Impaired
Rm Rm Rm Rm
Advances 7 137 941 5 148 737

Total 7 137 941 5 148 737
1 This represents quarterly activity.
Credit risk mitigation For trading and derivatives transactions where collateral support
is considered necessary, the group typically uses recognised and
Wherever warranted, the group will attempt to mitigate credit
enforceable international swaps and derivatives association
risk, including CCR, to any counterparty, transaction, sector, or
agreements (ISDA), with a credit support annexure.
geographic region, so as to achieve the optimal balance between
risk, cost, capital utilisation and reward. Risk mitigation may Netting agreements, such as collateral under the credit support
include the use of collateral, the imposition of financial or annexure of an ISDA agreement, are obtained only where the
behavioural covenants, the acceptance of guarantees from group firstly has a legally enforceable right to offset credit risk by
parents or third parties, the recognition of parental support, and way of such an agreement, and secondly where the group has the
the distribution of risk. intention of utilising such agreement to settle on a net basis.
Collateral, parental guarantees, credit derivatives and on- and Other credit protection terms may be stipulated, such as
off-balance sheet netting are widely used to mitigate credit risk. limitations on the amount of unsecured credit exposure
CRM policies and procedures ensure that risk mitigation acceptable, collateralisation if the mark-to-market credit
techniques are acceptable, used consistently, valued exposure exceeds acceptable limits, and termination of the
appropriately and regularly, and meet the risk requirements of contract if certain credit events occur, for example, downgrade of
operational management for legal, practical and timely the counterparty’s public credit rating.
enforcement. Detailed processes and procedures are in place to
guide each type of mitigation used. Wrong-way risk arises in transactions where the likelihood of
default (the PD) by a counterparty and the size of credit exposure
In the case of collateral where the group has an unassailable legal (as measured by EAD) to that counterparty tend to increase at
title, the group’s policy requires collateral to meet certain criteria the same time. This risk is managed both at an individual
for recognition in LGD modelling, including: counterparty level and at an aggregate portfolio level by limiting
•being readily marketable and liquid exposure to such transactions, taking adverse correlation into
•being legally perfected and enforceable account in the measurement and mitigation of credit exposure
•having a low valuation volatility and increasing oversight and approval levels. The group has no
appetite for wrong-way risk arising where the correlation between
•being readily realisable at minimum expense
EAD and PD is due to a legal, economic, strategic or similar
•having no material correlation to the obligor credit quality
relationship (specific wrong-way risk). General wrong-way risk,
•having an active secondary market for resale. which arises when the EAD and PD for the counterparty is
correlated due to macro factors, is closely managed within
The main types of collateral obtained by the group for its banking existing risk frameworks.
book exposures include:
•mortgage bonds over residential, commercial and industrial To manage actual or potential portfolio risk concentrations in
properties areas of higher credit risk and credit portfolio growth, the group
•cession of book debts implements hedging and other strategies from time-to-time. This
•pledge and cession of financial assets is done at individual counterparty, sub-portfolio and portfolio
levels through the use of syndication, distribution and sale of
•bonds over plant and equipment
assets, asset and portfolio limit management, credit derivatives
•the underlying movable assets financed under leases and and credit protection.
instalment sales.
Reverse repurchase agreements and commodity leases to

customers are collateralised by the underlying assets.
Guarantees and related legal contracts are often required,

particularly in support of credit extension to groups of companies
and weaker obligors. Guarantors include banks, parent
companies, shareholders and associated obligors.
Creditworthiness is established for the guarantor as for other
obligor credit approvals.
50
CREDIT RISK
CR3: CRM TECHNIQUES – OVERVIEW (BANKING OPERATIONS)
Exposures Exposures
Exposures secured by secured by
secured by financial credit
Exposures collateral, Exposures guarantees, Exposures derivatives,
unsecured: Exposures of which secured by of which; secured of which;
carrying Exposures secured by secured financial secured by credit secured
amount1 secured1 Total collateral amount guarantees amount derivatives amount
Rm Rm Rm Rm Rm Rm Rm Rm Rm
2017
Loans 509 160 581 957 1 091 117 563 770 558 392 18 137 16 037 50 50
Debt securities 136 449 4 472 140 921 2 513 2 513 1 959 1 959
Off-balance sheet
exposures 290 621 10 782 301 403 9 220 4 630 1 562 1 292
Total 936 230 597 211 1 533 441 575 503 565 535 21 658 19 288 50 50
Of which
defaulted 1 618 12 500 14 118 12 500 1 424
2
2016
Loans 473 212 544 336 1 017 548 529 894 525 958 10 577 8 654 3 866 2 711
Debt securities 154 618 609 155 227 609 609
Off-balance sheet
exposures 275 333 13 440 288 773 11 582 9 824 1 859 1 859
Total 903 163 558 385 1 461 548 541 476 535 782 13 045 11 122 3 866 2 711
Of which
defaulted 7 876 12 996 20 872 12 996 12 996
1 Exposures are net of impairments.
Standard Bank Group

CR4: STANDARDISED APPROACH – CREDIT RISK EXPOSURE AND CRM EFFECTS (BANKING OPERATIONS)
Exposures Exposures RWA and
pre-CCF and pre-CRM post-CCF and post-CRM RWA density
On-balance Off-balance On-balance Off-balance

sheet sheet sheet sheet RWA
amount amount amount amount RWA density
Asset classes Rm Rm Rm Rm Rm %
2017
Corporate 49 090 23 184 42 195 7 922 47 836 95
SME corporate 36 651 18 322 35 703 4 535 41 094 102
Public sector entities 3 879 595 3 879 316 3 824 91
Local governments and municipalities 78 76 40 53
Sovereign 130 823 130 823 94 478 72
Banks 13 850 11 584 13 835 4 202 8 054 45
Securities firms 5 5 2 40
Retail mortgage advances 17 138 1 344 16 934 724 12 313 70
Retail revolving credit 4 089 692 3 910 3 732 95
SME retail 9 939 6 326 9 466 1 882 13 806 122
Other retail 15 915 3 601 15 520 956 16 722 101
Other assets 70 236 70 236 26 023 38
Total 351 693 65 648 342 582 20 537 267 924 74
Sum of exposures post-CCF and
post-CRM 363 119
LI2 OV1
CR5
2016
Corporate 46 286 19 022 42 254 10 445 45 321 86
SME corporate 43 349 19 793 43 349 594 46 199 105
Public sector entities 4 780 1 335 4 780 470 4 047 77
Sovereign 98 881 14 98 868 77 821 79
Banks 21 431 8 838 21 432 5 261 11 912 45
Securities firms 5 590 5 190 148 76
Retail mortgage advances 16 053 1 446 16 053 822 9 363 55
Retail revolving credit 18 783 2 158 18 783 21 011 112
SME retail 9 558 6 592 9 558 4 025 13 673 101
Other retail 2 564 1 404 2 564 427 2 125 71
Other assets 80 599 80 599 26 864 33
Total 342 369 61 192 338 325 22 234 258 526 72
Sum of exposures post-CCF and
post-CRM 360 559
LI2 OV1
CR5
52
CREDIT RISK
CR7: IRB – EFFECT ON RWA OF CREDIT DERIVATIVES USED AS CRM TECHNIQUES (BANKING OPERATIONS)
2017 2016
Pre-credit Pre-credit1
derivatives Actual derivatives Actual
RWA RWA RWA RWA
Rm Rm Rm Rm
Corporate 128 652 128 563 129 826 129 504

Other asset classes2 269 935 239 661
Specialised lending – high-volatility commercial real estate
(property development) 15 302
Specialised lending – income-producing real estate 5 145 4 306
Specialised lending – project finance 11 891 11 455
SME corporate 13 712 10 310
Sovereign 5 334 4 961
Public sector entities 13 025 6 281
Banks 28 842 16 794
Retail mortgages 91 300 88 535
QRRE 47 680 46 056
Retail – other 19 551 18 236
SME retail 24 255 24 680
Equity 7 265 6 010
Total (all portfolios) 398 498 369 165

OV1 OV1
CR6 CR6
CR8 CR8
2 Other asset classes’ pre-credit derivatives RWA is equivalent to actual RWA.
The table that follows explains the variations in credit RWA under the IRB approach attributable to each of the key risk drivers. Note the
following:
•asset size represents organic changes in the book size and composition
•asset quality represents changes due to changes in borrower risk, such as risk grade migration or similar effects
•foreign exchange movements are changes driven by changes in foreign exchange rates.
CR8: IRB – RWA FLOW STATEMENTS OF CREDIT RISK EXPOSURES (BANKING OPERATIONS)
2017 2016
RWA RWA
amounts amounts
Rm Rm
RWA at beginning of period 369 165 364 351

Asset size 28 708 14 529
Asset quality 9 758 (3 834)
Foreign exchange movements (6 590) (2 631)
Other (2 543) (3 250)
RWA at end of period 398 498 369 165
CR6 CR6
OV1 OV1
CR7 CR7
Standard Bank Group

The table below provides backtesting data to validate the reliability of PD calculations.
Current weighted average PD estimates are determined at the beginning of a 12-month horizon using the calibrated regulatory models.
The models are calibrated to actual long-run default experience to ensure stable regulatory estimates over a complete credit cycle.
The PD estimates would thus tend to underestimate actual default experience at the top of the cycle and overestimate actual default
experience at the bottom of the credit cycle. The average historical default rate is the actual, annual default rate experience, averaged
over a five-year period.
CR9: IRB – BACKTESTING OF PD PER PORTFOLIO (BANKING OPERATIONS)
External rating Weighted Arithmetic average

Portfolio1 PD range equivalent average PD PD by obligors
2017
Bank 0.03%; 10.24% BBB 0.25% 0.34%
Corporate 0.01%; 40.96% BB 0.93% 1.49%
Sovereign 0.01%; 1.81% BB+ 0.05% 0.39%
Corporate specialised lending 0.11%; 14.48% BB+ 0.94% 0.99%
High volatility commercial real estate 0.45%; 3.62% BB 1.41% 1.41%
Income-producing real estate 0.11%; 14.48% BB+ 0.81% 1.00%
Project finance 0.23%; 7.24% BB+ 1.05% 0.87%
Retail mortgages 0.035% – 100% Ba1 3.26% 3.10%
Retail other 0.123% – 100% Ba3 5.02% 9.68%
Retail SME 0.030% – 100% Ba2 2.95% 4.12%
QRRE 0.030% – 100% B1 4.76% 5.48%
2016
Bank 0.03%; 10.24% BBB+ 0.15% 0.2%
Corporate 0.01%; 40.96% BB 0.85% 1.18%
Sovereign 0.01%; 1.81% BB+ 0.04% 0.47%
Corporate specialised lending 0.11%; 14.48% BB+ 1.08% 1.10%
High volatility commercial real estate 0.45%; 3.62% B+ 2.32% 3.02%
Income-producing real estate 0.11%; 14.48% BB+ 1.10% 0.89%
Project finance 0.23%; 7.24% BB 1.21% 0.87%
Retail mortgages 0.035% – 100% Ba1 3.38% 3.20%
Retail other 0.123% – 100% Ba3 4.83% 10.26%
Retail SME 0.030% – 100% Ba2 2.93% 3.92%
QRRE 0.030% – 100% B1 4.78% 5.19%
1 The dimension portfolio includes the following prudential portfolios for the foundation IRB (FIRB) approach:
(i) sovereign; (ii) banks; (iii) corporate; (iv) corporate – specialised lending; (v) equity (PD/LGD method); (vi) purchased receivables, and the following prudential
portfolios for the AIRB approach: (i) sovereign; (ii) banks; (iii) corporate; (iv) corporate – specialised lending; (v) equity (PD/LGD method); (vi) retail – QRRE; (vii) retail –
residential mortgage exposures; (viii) retail – SME; (ix) other retail exposures; and (x) purchased receivables.
• Weighted average PD: excludes defaults and is therefore not the same as CR6
• Arithmetic average PD by obligors: PD within range by number of obligor within the range
• Defaulted obligors in the year: number of defaulted obligors during the year; of which: new obligors defaulted in the year: number of obligors having defaulted during
the last 12-month period that were not funded at the end of the previous financial year
• Average historical annual default rate: the five-year average of the annual default rate (obligors at the beginning of each year that defaulted during that year/total
obligor held at the beginning of the year) is a minimum.
54
CREDIT RISK
Number of obligors
Of which:
End of End of Defaulted obligors new defaulted Average historical
previous year the year in the year obligors in the year annual default rate
282 275 1 0.45%

1 703 1 999 67 17 0.91%
27 34
319 273 13 2 0.97%
7 4 2 1.01%
272 228 9 0.94%
40 41 2 3.15%
550 895 543 117 16 981 13 285 3.75%
356 633 361 469 26 568 24 603 9.95%
616 511 587 126 36 126 32 742 6.02%
4 549 753 4 780 644 242 025 223 033 6.77%
305 282 4 0.20%

1 866 1 703 17 1.59%
25 27
337 319 1.68%
10 7 3.72%
284 272 0.49%
43 40 2.34%
553 327 550 895 18 170 14 363 3.78%
395 085 356 633 27 834 25 697 9.86%
655 786 616 511 50 963 46 504 5.59%
4 665 417 4 549 753 254 401 231 906 6.57%
Standard Bank Group

CR10: IRB EQUITIES UNDER THE SIMPLE RISK WEIGHT METHOD (BANKING OPERATIONS)
On-
balance
sheet Risk
amount weight RWA
Categories Rm % Rm
2017
Exchange-traded equity exposures
Private equity exposures 1 451 400 6 154
Total 1 451 6 154
LI2 OV1
2016
Exchange-traded equity exposures 300
Private equity exposures 1 454 400 6 167
Total 1 454 6 167
LI2 OV1
Counterparty credit risk For trades that are not subject to margining requirements, the
replacement cost is the loss that would occur if a counterparty
The group is exposed to CCR through movements in the fair
were to default and its transactions closed immediately. For
value of securities financing and derivatives contracts. The risk
margined trades, it is the loss that would occur if a counterparty
amounts reflect the aggregate replacement costs that would be
were to default at the current or future date, assuming that the
incurred by the group in the event of counterparties defaulting on
closeout and replacement of transactions occur instantaneously.
their obligations.
However, the close-out of a trade upon a counterparty default
may not be instantaneous. The replacement cost under the
The group’s exposure to CCR is affected by the nature of the
current exposure method is determined by marking contracts
trades, the creditworthiness of the counterparty, and underlying
to market.
netting and collateral arrangements. CCR is measured in PFE
terms and recognised on a net basis where netting agreements
PFE is any potential increase in exposure between the present
are in place and are legally enforceable, or otherwise on a gross
and up to the end of the margin period of risk. The PFE for the
basis. Exposures are generally marked-to-market daily. Cash or
current exposure method is determined by applying a prescribed
near cash collateral is posted where contractually provided for.
add-on factor to the underlying notional amount to determine
the PFE over the life of the contract.
Demand for economic capital, as a risk appetite dimension, is
allocated to risk types (including CCR) in accordance with the
Effective expected positive exposure is the weighted average over
group risk appetite governance framework, and serves as the
time of the effective expected exposure over the first year, or, if all
basis for the setting of internal CCR appetite limits against which
the contracts in the netting set mature before one year, over the
aggregate risk type exposure can be measured.
time period of the longest-maturity contract in the netting set
where the weights are the proportion that an individual expected
CCR, reflecting both pre-settlement and settlement risk, is
exposure represents of the entire time interval.
subjected to explicit credit limits which are formulated and
approved for each counterparty and economic group, with
EAD post-CRM refers to the amount that is relevant for the
specific reference to its credit rating and other credit exposures
capital requirements calculation having applied CRM techniques,
to that counterparty.
credit valuation adjustments (CVA) and specific wrong-way
adjustments.
In the event of a rating downgrade, the collateral that the group
would have to provide is dependent on a number of variables,
including the netting of existing positions and a reduction in the
threshold above which collateral would have to be posted with
counterparties to cover the group’s negative mark-to-market.
With respect to additional collateral that the group may be
required to lodge with trading counterparties in the event of a
rating downgrade, refer to page 78.
56
CREDIT RISK
CCR1: ANALYSIS OF CCR EXPOSURE BY APPROACH (BANKING OPERATIONS)
Alpha
Potential used for
Replacement future computing EAD
cost exposure regulatory post-CRM RWA
Rm Rm EAD Rm Rm
2017
Current exposure method (for derivatives) 73 001 42 623 1.4 28 985 12 563
Comprehensive approach for CRM (for SFTs) 5 037 1 475
Total 73 001 42 623 34 022 14 038
CVA from CCR2 10 132
CCP and default funds from CCR8 179
Total 1.4 24 349
LI2 LI2 OV1
20161
Current exposure method (for derivatives) 61 752 53 787 1.4 35 081 11 605
Comprehensive approach for CRM (for SFTs) 9 120 2 488
Total 61 752 53 787 44 201 14 093
CVA from CCR2 6 827
CCP and default funds from CCR8 264
Total 1.4 21 184
LI2 LI2 OV1
CCR2: CVA CAPITAL CHARGE (BANKING OPERATIONS)

2017 20161
EAD EAD
post-CRM RWA post-CRM RWA
Rm Rm Rm Rm
All portfolios subject to the standardised CVA capital charge 28 985 10 132 33 378 6 827
Total subject to the CVA capital charge 28 985 10 132 33 378 6 827
CCR1 CCR1
Standard Bank Group

CCR3: STANDARDISED APPROACH – CCR EXPOSURES BY REGULATORY PORTFOLIO AND RISK WEIGHTS
Risk weight 0% 10% 20% 50% 75%
2017
Regulatory portfolios
Corporate
SME corporate
Public sector entities
Local governments and municipalities
Sovereign
Banks 323 484
Securities firms 85
Retail exposure
Retail mortgage advances
Retail revolving credit
SME retail
Other retail
Total 323 569
EAD
Total
2016
Regulatory portfolios
Corporate
SME corporate
Local governments and municipalities
Sovereign
Banks 546 151
Retail exposure
Retail mortgage advances
Retail revolving credit
SME retail
Other retail
Total 756 185
EAD
Total
58
CREDIT RISK
Total credit
100% 150% 225% 350% 650% 1 250% Others exposure
1 542 7 1 549
421 421
286 286
807
85
6 6
2 255 7 3 154
LI2
30 868 CCR4/LI2
34 022 CCR1/LI2
1 402 1 402
200 200
5 5
1 1
610 610
237 934
244
2 455 3 396
LI2
40 805 CCR4/LI2
44 201 CCR1/LI2
Standard Bank Group

The table below provides information on all the relevant parameters used for the calculation of CCR capital requirements under the IRB
approach. To note:
•EAD post-CRM is the EAD as calculated under the applicable CCR approach and after applying CRM but gross of accounting
provisions
•number of obligors correspond to the number of individual PDs in a band
•average PD and LGD are weighted by EAD
•RWA density is total RWA to EAD post-CRM
CCR4: IRB – CCR EXPOSURES BY PORTFOLIO AND PD SCALE (TOTAL)1 (BANKING OPERATIONS)
EAD Average Average Average RWA
post-CRM PD Number of LGD maturity RWA density
PD scale Rm % obligors % Years Rm %
2017
0.00 to < 0.15 17 525 0.05 73 37.90 1.6 3 152 17.99
0.15 to < 0.25 2 498 0.22 53 32.33 2.3 862 34.49
0.25 to < 0.50 7 388 0.43 184 40.80 1.7 4 705 63.71
0.50 to < 0.75 1 817 0.64 96 36.80 2.9 1 302 71.63
0.75 to < 2.50 1 398 1.32 154 35.28 2.5 1 137 81.31
2.50 to < 10.00 236 3.18 58 38.84 1.2 251 105.97
10.00 to < 100.00 6 37.10 6 37.58 1.0 13 198.34
100.00 (default) 100.00 2 40.09 1.0 1 531.19
Total 30 868 0.28 626 37.97 1.8 11 423 37.01
CCR3/LI2
2016
0.00 to < 0.15 27 975 0.06 74 39.28 1.6 5 819 0.21
0.15 to < 0.25 6 056 0.18 66 38.74 1.9 2 263 0.37
0.25 to < 0.50 4 382 0.39 171 35.66 1.8 1 870 0.43
0.50 to < 0.75 774 0.64 95 36.44 2.7 511 0.66
0.75 to < 2.50 1 179 1.28 156 44.73 1.7 1 075 0.91
2.50 to < 10.00 439 3.44 65 38.41 1.2 468 1.07
10.00 to < 100.00
100.00 (default)
Total 40 805 0.19 627 39.04 1.70 12 006 0.30
CCR3/LI2
1 Refer to annexure B for exposures by portfolio.
60
CREDIT RISK
Table CCR5 discloses a breakdown of all types of collateral posted or received to support or reduce the counterparty credit risk
exposures related to derivative and securities financing transactions. The total collateral posted or received is reflected.
CCR5: COMPOSITION OF COLLATERAL FOR CCR EXPOSURE1 (BANKING OPERATIONS)

Collateral used in derivatives transactions Collateral used in SFTs
Fair value of Fair value of

collateral received posted collateral Fair value Fair value
of of
Un- Un- collateral posted
Segregated segregated2 Segregated segregated2 received collateral
Rm Rm Rm Rm Rm Rm
2017
Cash – domestic currency 7 924 3 166 34 620 21 531
Cash – other currencies 1 612 8 580 31 946
Domestic sovereign debt 755 8 098 11 215
Other sovereign debt 4 508
Government agency debt 41 38
Corporate bonds 24 807 1 140
Equity securities 794 3 191 5 657
Other collateral 15 240 16 799
Total 11 085 11 746 90 505 88 326
2016
Cash – domestic currency 6 478 2 220 31 455 15 215
Cash – other currencies 2 172 9 863 108 695
Domestic sovereign debt 2 022 1 8 853
Other sovereign debt 53 990
Government agency debt 850
Corporate bonds 55 556 313
Equity securities 576 11 030 8 152
Other collateral 5 807 13 234
Total 11 248 12 083 158 689 154 462
1 Per the requirement of the framework, collateral includes both cash and securities that are subject to the transaction. Collateral items are presented at fair value and
gross of haircuts.
2 Unsegregated refers to collateral not held in a bankruptcy-remote manner.
The table that follows details the group’s exposure to credit derivatives with a distinction made between protection bought and sold.
CCR6: CREDIT DERIVATIVES EXPOSURES (BANKING OPERATIONS)

2017 2016
Protection Protection Protection Protection

bought sold bought sold
Rm Rm Rm Rm
Notionals
Single-name credit default swaps1 5 870 26 698 5 520 36 131
Index credit default swaps 3 060 4 211 4 047 4 926
Total return swaps 2 875 1 014 865 259
Other credit derivatives 24 830 2 411 27 904 4 175
Total notionals 36 635 34 334 38 336 45 491
Fair values
Positive fair value (asset) 432 366 3 456 199
Negative fair value (liability) 669 498 2 595 1 464
Standard Bank Group

CCR8: EXPOSURES TO CENTRAL COUNTERPARTIES (BANKING OPERATIONS)

2017 2016
EAD EAD
(post-CRM) RWA (post-CRM) RWA
Rm Rm Rm Rm
Exposures to qualifying CCPs (total) 13 602 179 23 348 264

Exposures for trades at qualifying CCPs (excluding initial margin
and default fund contributions) of which: 3 400 141 13 079 262
OTC derivatives 2 815 53 1 032 21
Exchange-traded derivatives 585 88 12 047 241
Segregated initial margin
Non-segregated initial margin 10 084 35 10 180
Pre-funded default fund contributions 118 3 89 2
CCR1 CCR1
Securitisation BG 3 (Blue Granite Investments) is established in terms of the

group’s residential mortgage-backed securities master
Securitisation is a transaction whereby the credit risk associated
programme. In this regard, neither the group nor Blue Granite
with an exposure, or pool of exposures, is tranched and passed
Investments:
on to investors, typically through loan notes, and where payments
to investors through the loan notes in the transaction are •have a business relationship with Daily Finance
dependent upon the performance of the exposure or pool of •have knowledge of the services that are offered by Daily
exposures. Finance
•have authorised Daily Finance to use the registration number
A traditional securitisation involves the transfer of the exposures and National Credit Regulators Credit Providers number of
being securitised to a structured entity (SE) which issues Blue Granite Investments
securities. In a synthetic securitisation, the tranching is achieved •have authorised Daily Finance to use Blue Granite Investments’
by the use of credit derivatives and the underlying exposures are common law trade mark Blue Granite.
not removed from the SOFP.
Securitisation achieves the following objectives for investors and
The group uses SEs to securitise customer loans and advances third-party issuers:
that it has originated to diversify its sources of funding for asset
•facilitating non-banks’ access to asset classes traditionally
origination, for capital efficiency purposes and to reduce risk. In
only available to banks
addition, the group plays a secondary role as an investor in
certain third-party securitisation note issuances (SEs established •diversification of investment asset base
by third-parties). •potential yield pick-up for investors or a reduction in funding
costs for issuers (disintermediation of the banking sector).
The following SEs have been established by the group:
Securitisation achieves the following objectives for the group:
•Blue Granite Investments No. 1 (RF) Limited (BG 1)
•Blue Granite Investments No. 2 (RF) Limited (BG 2) •securitisation is used to raise funding and transfer risk out of
the banking system
•the group has originated a number of securitisations of its own
home loan assets. All of these transactions were aimed at
•Siyakha Fund (RF) Limited (Siyakha)
diversifying the bank’s funding base beyond the group’s
•Blue Titanium Conduit (RF) Limited (BTC). normal wholesale deposit base
•the group has always retained the subordinated loans and
Blue Granite Investments consequently transactions have not resulted in a reduction of
On 15 March 2018, the FSB issued a press release warning the the RWA associated with the securitised loans
public to act with caution when dealing with Daily Finance SA •securitisation transactions arranged for third-parties allow the
trading as Blue Granite Investments (Daily Finance) on the basis bank to earn arranging fees, as well as ancillary fee income
that the entity is not authorised, in terms of the Financial from providing banking, back-up servicing, interest rate swaps
Advisory and Intermediary Services Act 2002, to render any and liquidity facilities
financial advice and intermediary services.
•since 2014, the group also makes use of securitisation
structures to provide collateral for the SARB committed
liquidity facility aimed at meeting the new LCR requirements.
In these transactions the notes issued by the SE, as well as the
subordinated loan are retained by SBSA.
62
CREDIT RISK
SEC1: SECURITISATION EXPOSURES IN THE BANKING BOOK (BANKING OPERATIONS)
Bank acts as originator Bank acts as sponsor
Traditional Traditional
Rm Rm
2017
Retail (other) – of which: 50 485 3 818
residential mortgages 50 485 3 061
other retail exposures 288
re-securitisation 469
Wholesale (total) – of which: 1 511
loans to corporates
re-securitisation 1 511
2016
Retail (other) – of which: 19 099 4 492
residential mortgages 19 099 3 562
other retail exposures 204
re-securitisation 726
Wholesale (total) – of which: 2 031
re-securitisation 2 031
Standard Bank Group

For originated and sponsored or administered securitisations For local securitisations in South Africa, Moody’s Investor
consolidated under IFRS (that is, BG 1 – 4, Siyakha and BTC), Services and/or Global Ratings Company act as rating agencies.
intragroup exposures to and between these securitisations have
been eliminated and the underlying assets consolidated in the The transfer of assets by the group to an SE may give rise to the
relevant sections and classes in this report. Only exposures to full or partial derecognition of the financial assets concerned.
securitisations of assets originated by third-parties are disclosed Only in the event that derecognition is achieved are sales and any
below. The approach applied in the calculation of RWA is resultant gains or losses on disposals recognised in the financial
dependent on the group’s approved model for the underlying statements. Where the SEs are consolidated at group level, such
assets and the existence of a rating from an eligible external gains or losses are eliminated.
credit assessment institution.
To date, the group has applied the standardised approach, the

ratings-based approach and the standard formula approach,
where relevant, in the calculation of RWA.
SEC3: SECURITISATION EXPOSURES IN THE BANKING BOOK AND ASSOCIATED REGULATORY CAPITAL
REQUIREMENTS – BANK ACTING AS ORIGINATOR OR AS SPONSOR (BANKING OPERATIONS)
Exposure values RWA
Exposure values (by regulatory (by regulatory Capital charge after
(by RW1 bands) approach) approach) cap
IRB IRB IRB

RBA2 RBA RBA
<20% <50% (inclu- (inclu- (inclu-
<=20% to 50% to 100% ding IRB ding IRB ding IRB
RW RW RW IAA3) SFA4 IAA) SFA IAA) SFA
2017
Total exposures 3 111 706 1 013 2 804 394 353 46 41
Traditional securitisation 3 111 706 1 013 2 804 394 353 46 41
Of which securitisation 3 111 238 1 013 2 336 394 180 46 21
Of which retail underlying 3 111 238 1 013 2 336 394 180 46 21
Of which wholesale
Of which re-securitisation 468 468 173 20
Of which senior
Of which non-senior 468 468 173 20
Synthetic securitisation
Of which securitisation
Of which retail underlying
OV1 OV1
2016
Total exposures 4 094 10 387 881 3 610 228 450 24 47
Traditional securitisation 4 094 10 387 881 3 610 228 450 24 47
Of which securitisation 3 516 10 234 881 2 879 228 219 24 23
Of which retail underlying 3 516 10 234 881 2 879 228 219 24 23
Of which wholesale
Of which re-securitisation 578 153 731 231 24
Of which senior 153 153 121 13
Of which non-senior 578 578 110 11
Synthetic securitisation
Of which securitisation
Of which retail underlying
OV1 OV1
1 Risk weight.
2 Ratings-based approach.
3 Internal assessment approach.
4 Supervisory formula approach.
64
CREDIT RISK
INSURANCE OPERATIONS Reinsurance
Reinsurance is used to manage insurance risk and consequently,
Consolidated mutual funds in the liability valuation process, reinsurance assets are raised for
Liberty invests in mutual funds through which it is also exposed expected recoveries on projected claims. This does not, however,
to the credit risk of the underlying assets in which the mutual discharge Liberty’s liability as primary insurer. In addition,
funds are invested. Liberty’s exposure to mutual funds is reinsurance debtors are raised for specific recoveries on claims
classified at fund level and not at the underlying asset level and, recognised.
although mutual funds are not rated, fund managers are required
to invest in credit assets within the defined parameters stipulated A detailed credit analysis is conducted prior to the appointment
in the fund’s mandate. These rules limit the extent to which fund of reinsurers, as well as an annual analysis thereafter. Cognisance
managers can invest in unlisted and/or unrated credit assets and is also taken of the potential future claims on reinsurers in the
generally restrict funds to the acquisition of investment grade assessment process. Financial position strength, performance,
assets. track record, relative size, ranking within the industry and credit
standing of reinsurers are taken into account when determining
Liberty is exposed to CCR in respect of investment reinsurance the allocation of business to reinsurers. In addition, efforts are
policies, as well as the underlying debt instruments supporting made to appropriately diversify exposure by using several
the valuation of the policy. reinsurers.
Credit exposure to debt instruments Impairments – policyholder loans

Various debt instruments are entered into by Liberty in order to Policyholder loans are impaired when the amount of the loan
match policyholder liabilities and invest surplus shareholder exceeds the policyholder’s investment balance. The loans are
funds. Liberty is primarily exposed to the credit-standing of the recoverable through offset against policyholders’ investment
counterparties that issued these instruments in terms of both balances at policy maturity dates.
default and spread risk.
Liberty is exposed to the credit risk of counterparties with whom

Liberty has hedged out its market risk exposures. This credit
risk is materially mitigated by the use of collateral support
agreements and in terms of ISDA.
Standard Bank Group

DEFINITION
sanction, financial loss or damage to reputation
that the group may suffer as a result of its
failure to comply with laws, regulations, codes
of conduct and standards of good practice
applicable to its financial services activities.
COMPLIANCE
RISK
67 APPROACH TO MANAGING
COMPLIANCE RISK
67 GOVERNANCE
66
COMPLIANCE RISK
APPROACH TO MANAGING embedding good conduct is accentuated and strengthened by
the group’s ethical culture as articulated in the code of ethics and
COMPLIANCE RISK values. Initiatives are aligned to the pending regulatory reforms
that will provide for separate prudential and conduct authorities.
General approach
The compliance function is mandated by the GAC to operate Approach to managing money laundering
independently of business as a second line of defence function, in and terrorist financing
terms of the requirements of the Banks Act and regulations.
The AML and CFT legislative regime provides for a rules-based
The management of compliance risk is standardised across the approach to compliance.
group and is premised on internationally accepted principles of
The South African Financial Intelligence Centre Act has been
compliance risk management for financial service providers and
amended to incorporate a risk-based approach to compliance in
supervisory and client expectations.
relation to the AML/CFT regulatory framework. This includes the
Compliance risk management is a core risk management activity requirement for developing, documenting, maintaining and
overseen by the GCCDO. The GCCDO has unrestricted access to implementing a risk management and compliance programme
the chairman of the GAC and is a standing attendee at GAC that must demonstrate the group’s ability to effectively apply a
meetings. The GCCDO has a functional reporting line to the chief risk-based approach.
executive and is a member of various group management
An implementation programme with an impact analysis that will
committees, including the group executive committee, the group
ensure that the group continues to be aligned with all regulatory
management committee, GROC, and the group social and ethics
requirements is in progress.
committee.
A comprehensive risk management reporting and escalation Approach to sanctions management

procedure requires compliance executives to report on the status The group actively manages the legal, regulatory and reputational
of compliance risk management in the group to the GCCDO, who risk presented by persons and entities subject to embargoes or
escalates significant matters to relevant management and sanctions imposed by competent authorities. The sanctions
independent board committees. These matters include key surveillance capability continues to be enhanced to meet
regulatory interaction and legislative developments, as well as supervisory expectations.
significant compliance initiatives and current and developing
compliance risks and exposures. The group sanctions and client risk review committee, supported
by the group sanctions desk, is responsible for providing advice
Attention to the group’s technological capability, including and decisions on sanctions-related matters in a fluid sanctions
coverage and surveillance capability in all jurisdictions, is key to environment.
supporting both regulatory requirements and supervisory and
client expectations. To this end, there is a constant focus on
ensuring that systems are fit for purpose.
Approach to anti-bribery and corruption
management
There is also a key focus on compulsory compliance training, ABC risk within the group is managed in accordance with the
which has become principle-based and for which a digitised Organisation for Economic Co-operation and Development’s
system has been developed. Guidance for Multinational Enterprises. Oversight of anti-bribery
and corruption is provided through the bribery and corruption
The monitoring of compliance with laws, rules and regulations
review committee.
has been enhanced by the implementation of a standardised
approach across the group, which includes a central monitoring Specialised training was developed for areas that are perceived
function, business-specific and specialised monitoring functions, as being more susceptible to bribery and corruption risk. An
and includes routine monitoring conducted by compliance anti-bribery and corruption risk assessment for the group was
officers within business. initiated during 2017 and will inform any necessary
enhancements to the programme.
The group privacy office resides within group compliance and
manages compliance with the recently promulgated Protection
of Personal Information Act. The privacy officer demonstrates to Approach to health, safety and
the board that data privacy risk is continually monitored and environmental risk management
mitigated, and that breaches identified are reported to regulators Any risks to the health and safety of employees and stakeholders
in accordance with jurisdictional data privacy requirements. resulting from hazards in the workplace and/or potential
exposure to occupational illness, as well as the group’s exposure
Board members, executive management and employees are
to the risk of impacting directly on the environment through our
made aware of their regulatory and legislative responsibilities
business, are managed by the health, safety, and environmental
through advice provided by group compliance, reporting, formal
risk management team and are supported by executive
training, awareness sessions or face-to-face training.
management accountability structures.
The relationship with the group’s primary regulator, the SARB, is
based on mutual trust with an emphasis on regular and GOVERNANCE
transparent communication.
The primary management level governance committee
overseeing compliance risk is the group compliance committee.
Approach to conduct risk Compliance is also represented on, and submits reports to,
The group continues to build on its client-centric culture and various group management and board committees, all of which
conduct strategy to deliver fair client outcomes, for which board facilitate awareness of compliance risk-related matters. The
and executive management are accountable. The ongoing principal governance document is the group compliance risk
utilisation of data analytics has enhanced the group’s ability to governance standard, supported by the compliance risk
proactively identify, manage, minimise and mitigate conduct risks management framework, which underpins accountability and
that may arise from our business activities. The process of control frameworks.
Standard Bank Group
COUNTRY
RISK
COUNTRY RISK
69 GOVERNANCE
69 APPROVED REGULATORY CAPITAL
APPROACHES
70 COUNTRY RISK PORTFOLIO
CHARACTERISTICS AND METRICS
68
COUNTRY RISK
APPROACH TO MANAGING GOVERNANCE
COUNTRY RISK The primary management level governance committee
overseeing this risk type is the group country risk management
All countries to which the group is exposed are reviewed at least committee.
annually. Internal rating models are employed to determine
ratings for jurisdiction, sovereign and transfer and convertibility The principal governance document is the country risk
risk. In determining the ratings, extensive use is made of the governance standard.
group’s network of operations, country visits and external
information sources. These ratings are also a key input into the
group’s credit rating models. APPROVED REGULATORY
The model inputs are continuously updated to reflect economic
CAPITAL APPROACHES
and political changes in countries. The model outputs are internal There are no regulatory capital requirements for country risk.
risk grades that are calibrated to a jurisdiction risk grade from
aaa to d, as well as sovereign risk grade, and transfer and Country risk is, however, incorporated into regulatory capital for
convertibility risk grade (SB) from SB01 to SB25. Countries with credit in the IRB approaches through the jurisdiction risk and
sovereign/jurisdiction risk ratings weaker than SB07/a, referred transfer and convertibility risk ratings’ impact on credit grades.
to as medium- and high-risk countries, are subject to more
detailed analysis and monitoring.
Country risk is mitigated through a number of methods,

including:
•political and commercial risk insurance
•co-financing with multilateral institutions
•structures to mitigate transfer and convertibility risk such as
collection, collateral and margining deposits outside the
jurisdiction in question.
Standard Bank Group

Country risk continued
COUNTRY RISK PORTFOLIO CHARACTERISTICS AND METRICS

The risk distribution of cross-border country risk exposures is weighted towards European, Asian and North American low-risk countries,
as well as sub-Saharan African medium- and high-risk countries.
COUNTRY RISK EXPOSURE BY REGION AND RISK GRADE

Sub- Middle East
Saharan Latin and North
Africa Asia Australasia Europe America North Africa America
% % % % % % %
2017
Risk grade
SB01 – SB07 0.58 23.97 1.40 26.04 1.63 10.71
SB08 – SB11 4.61 0.92 0.15
SB12 – SB14 8.01 0.71 0.17
SB15 – SB17 15.91
SB18 – SB21 0.95 0.33
SB22+ 3.91
20161
Risk grade
SB01 – SB07 0.80 26.63 1.12 19.67 2.04 4.92
SB08 – SB11 5.65 0.29 1.15
SB12 – SB14 9.17 0.12
SB15 – SB17 21.56
SB18 – SB21 4.63 0.56 0.80
SB22+ 0.89
Medium- and high-risk country exposure by region (%)
18
15
12
SB08-SB11 SB12-SB14 SB15-SB17 SB18-SB21 SB22+

QQSub-Saharan Africa QQAsia
QQLatin America QQMiddle East and North Africa
Exposure to the top five medium- and high-risk countries is shown together with comparatives in the graph on the following page.
These exposures are in line with the group’s growth strategy, which is focused on Africa.
70
COUNTRY RISK
Top five medium- and high-risk country EAD (USDm)
2 000
1 750
1 500
1 250
1 000
750
500
250
Nigeria Ghana Kenya Mozambique Zambia
QQ2017 QQ2016
Medium- and high-risk country EAD concentration by country ceiling (%)
30
25
20
15
10
SB08 SB09 SB10 SB11 SB12 SB13 SB14 SB15 SB16 SB17 SB18 SB19 SB20 SB21 SB22+
QQ2017 QQ20161
Standard Bank Group

FUNDING AND
LIQUIDITY RISK
73 Approach to managing liquidity risk
74 Governance
74 Liquidity characteristics and metrics
77 The group’s credit ratings
78 Conduits
78 Long-term insurance
78 Short-term insurance
72
FUNDING AND LIQUIDITY RISK
BANKING OPERATIONS geographies across both the corporate and retail sectors to
ensure that payment obligations can be met by the group’s legal
Approach to managing liquidity risk entities, under both normal and stressed conditions and that
regulatory minimum requirements are met at all times. This is
The nature of the group’s banking and trading activities gives rise achieved through a combination of maintaining adequate liquidity
to continuous exposure to liquidity risk. Liquidity risk may arise buffers, to ensure that cash flow requirements can be met, and
where counterparties, who provide the group with short-term ensuring that the group’s SOFP is structurally sound and
funding, withdraw or do not roll over that funding, or normally supportive of the group’s strategy. Liquidity risk is managed on a
liquid assets become illiquid as a result of a generalised consistent basis across the group’s banking subsidiaries, allowing
disruption in asset markets. for local requirements. Liquidity risk management ensures that
the group has the appropriate amount, diversification and tenor
The group manages liquidity in accordance with applicable of funding and liquidity to support its asset base at all times.
regulations and within the group’s risk appetite framework.
The group’s liquidity risk management governance framework The group manages liquidity risk as three interrelated pillars,
supports the measurement and management of liquidity, in all which are aligned to the Basel III liquidity requirements.
LIQUIDITY MANAGEMENT CATEGORIES
TACTICAL (SHORT-TERM) STRUCTURAL (LONG-TERM) CONTINGENCY LIQUIDITY RISK

LIQUIDITY RISK MANAGEMENT LIQUIDITY RISK MANAGEMENT MANAGEMENT
•manage intra-day liquidity positions •ensure a structurally sound SOFP •monitor and manage early warning
•monitor interbank and repo •identify and manage structural liquidity indicators
shortage levels liquidity mismatches •establish and maintain contingency
•monitor daily cash flow requirements •determine and apply behavioural funding plans
•manage short-term cash flows profiling •undertake regular liquidity stress
•manage daily foreign currency liquidity •manage long-term cash flows testing and scenario analysis
•set deposit rates in accordance with •preserve a diversified funding base •convene liquidity crisis management
structural and contingent liquidity •inform term funding requirements committees, if needed
requirements as informed by ALCO. •assess foreign currency liquidity •set liquidity buffer levels in accordance
exposures with anticipated stress events
•establish liquidity risk appetite •advise on the diversification of liquidity
buffer portfolios
•ensure appropriate transfer pricing of
liquidity costs •ensure compliance with Basel III LCR.
•ensure compliance with Basel III NSFR
with effect from January 2018.
The funding and liquidity risk disclosure is based on Basel III The group exceeded the 80% minimum phase-in requirement
principles, including behavioural profiling methods and for 2017 with a ratio of 135.1% (2016: 117.1%).
assumptions, as well as phasing-in requirements where applicable.
The group successfully managed the balance sheet structure and
The LCR is a metric introduced by the BCBS to measure a bank’s achieved NSFR compliance with effect from 1 January 2018
ability to manage a sustained outflow of customer funds in an within specified risk appetite and regulatory requirements. This
acute stress event over a 30-day period. The ratio is calculated metric is designed to ensure that the majority of term assets are
by taking the group’s high-quality liquid assets (HQLA) and funded by stable sources, such as capital, term borrowings or
dividing it by net cash outflows. The minimum regulatory LCR other stable funds.
requirement for 2017 was 80%, increasing by 10% annually to
reach 100% by 1 January 2019.
BASEL III IMPLEMENTATION TIMELINE (MINIMUM STANDARD)

2017 2018 2019
LCR 80% 90% 100%

Liquidity
NSFR 100% 100%
Standard Bank Group

Funding and liquidity risk Banking operations continued
Governance
The primary governance committee overseeing liquidity risk is the group ALCO. ALCOs have been established in each of the group’s
banking subsidiaries and manage in-country liquidity risk.
The principal governance documents are the liquidity risk governance standard and model risk governance framework.
Liquidity characteristics and metrics

OVERVIEW OF LIQUIDITY AND FUNDING METRICS
2017 2016
Total contingent liquidity (Rbn) 322.3 335.9

Eligible Basel III LCR HQLA (Rbn) 251.3 220.4
Managed liquidity (Rbn) 71.0 115.5
Total contingent liquidity as a % of funding-related liabilities (%) 25.2 26.9
Single depositor (%) 1.7 2.4
Top 10 depositors (%) 7.6 9.5
Basel III LCR (92 day average %) 135.1 117.1
Minimum regulatory LCR requirement (%) 80 70
Contingency liquidity risk management Liquidity stress testing and scenario analysis
Contingency funding plans Stress testing and scenario analysis are based on hypothetical
Contingency funding plans are designed to protect stakeholder and historical events. These are conducted on the group’s
interests and maintain market confidence in the event of a funding profiles and liquidity positions. The crisis impact is
liquidity crisis. The plans incorporate an early warning indicator typically measured over a 30 calendar-day period as this is
process supported by clear crisis response strategies. Early considered the most crucial time horizon for a liquidity event.
warning indicators cover bank-specific and systemic crises and This measurement period is also consistent with the Basel III
are monitored according to assigned frequencies and tolerance LCR requirements.
levels.
Anticipated on- and off-balance sheet cash flows are subjected to
Crisis response strategies are formulated for the relevant crisis a variety of bank-specific and systemic stresses and scenarios to
management structures and address internal and external evaluate the impact of unlikely but plausible events on liquidity
communications and escalation processes, liquidity generation positions. The results are assessed against the liquidity buffer
management actions and operations, and heightened and and contingency funding plans to provide assurance as to the
supplementary information requirements to address the crisis group’s ability to maintain sufficient liquidity under adverse
event. The updating of contingency funding plans, while conditions.
considering budget forecasting, continues to be a focus area for
the asset liability management teams across the group. Internal stress testing metrics are supplemented with the
regulatory Basel III LCR in monitoring the group’s ability to
The group, in line with the SARB’s requirements, updates and survive severe stress scenarios.
submits its recovery and resolution plans to the SARB on an
annual basis. The group’s recovery plan incorporates the The Basel III LCR analysis that follows includes banking and/or
contingent liquidity funding plan in addition to the focus given to deposit taking entities and represents an aggregation of the
capital planning and business continuity planning. relevant individual net cash outflows and HQLA portfolios. These
results reflect the simple average of 92 days of daily observations
over the quarter ended 31 December 2017 and the simple
average of the three month-end data points for the quarter
ended 31 December 2016.
74
LCR
20171 20162
Total Total Total Total

unweighted3 weighted4 unweighted3 weighted4
value value value value
(average) (average) (average) (average)
Rm Rm Rm Rm
HQLA
Total HQLA 240 935 208 656
Cash outflows 1 393 532 338 822 1 319 414 362 115
Retail deposits and deposits from small business customers, of
which: 428 381 31 784 345 433 29 263
5
Stable deposits 14 425 721 8 482 424
Less stable deposits5 413 956 31 063 336 951 28 839
Unsecured wholesale funding, of which: 538 457 266 296 555 618 293 451
Operational deposits (all counterparties) and deposits
in networks of cooperative banks 165 342 41 336 152 696 38 174
Non-operational deposits (all counterparties) 372 884 224 729 402 822 255 177
Unsecured debt 231 231 100 100
Secured wholesale funding 2 11
Additional requirements 107 747 26 684 115 915 24 234
Outflows related to derivative exposures and other
collateral requirements 14 151 14 142 26 307 12 448
Outflows related to loss of funding on debt products 3 012 3 012 2 995 2 995
Credit and liquidity facilities 90 584 9 530 86 613 8 791
Other contractual funding obligations 2 273 2 273 4 228 4 228
Other contingent funding obligations 316 674 11 783 298 220 10 928
Cash inflows 202 554 160 485 227 530 183 984
Secured lending 22 799 15 349 41 428 32 444

Inflows from fully performing exposures 156 857 128 645 161 855 134 955
Other cash inflows 22 898 16 491 24 247 16 585
Total Total
adjusted value6 adjusted value6
Rm Rm
Total HQLA 240 935 208 656

Total net cash outflows 178 337 178 131
Liquidity coverage ratio (%) 135.1% 117.1%
1 Simple average of 92 days of daily observations over the quarter ended 31 December 2017 for SBSA, SBSA Isle of Man branch, Stanbic Bank Ghana, Stanbic Bank
Uganda, Standard Bank Isle of Man Limited and Standard Bank Jersey Limited and the simple average of three month-end data points ended 31 December 2017 for
the other Africa Regions banking entities.
2 The simple average of the month-end values at 31 October 2016, 30 November 2016 and 31 December 2016.
3 Unweighted value represents the outstanding balances maturing or callable within 30 days (for inflows and outflows).
4 Total weighted value is calculated after the application of respective haircuts (for HQLA) or inflow and outflow rates (for inflows and outflows).
6 Adjusted value calculated after the application of both (i) haircuts and inflow and outflow rates; and (ii) any applicable caps (i.e. cap on level 2B and level 2 assets for
HQLA and cap on inflows).
Standard Bank Group

Funding and liquidity risk Banking operations continued
The group seeks to exceed the minimum LCR requirement with a The graph that follows shows the group’s cumulative maturity
sufficient buffer to allow for funding flow volatility as determined mismatch between assets and liabilities for the 0 to 12 months
by its internal liquidity risk appetite. A buffer is maintained above maturity bucket, after applying behavioural profiling. The
the minimum regulatory requirement to cater for balance sheet cumulative maturity is expressed as a percentage of the group’s
and market volatility. total funding-related liabilities.
Total contingent liquidity Expected aggregate cash outflows are subtracted from expected
Portfolios of marketable and liquid instruments to meet aggregate cash inflows. These mismatches are monitored on a
regulatory and internal stress testing requirements are regular basis with active management intervention, if potential
maintained as protection against unforeseen disruptions in cash risk appetite breaches are evidenced. Liquidity transfer
flows. These portfolios are managed within ALCO-defined limits restrictions across the group are considered as part of the
on the basis of diversification and liquidity. prudent liquidity risk management assumptions that are
followed.
The table below provides a breakdown of the group’s liquid
and marketable instruments as at 31 December 2017 and The group’s cumulative liquidity mismatch remains within
31 December 2016. Eligible Basel III LCR HQLA are defined liquidity risk appetite and is well positioned for NSFR compliance
according to the BCBS January 2013 LCR and liquidity risk with effect from January 2018.
monitoring tools framework. Managed liquidity represents
unencumbered marketable instruments other than eligible While following a consistent approach to liquidity risk
Basel III LCR HQLA (excluding trading assets) which would be management in respect of the foreign currency component of the
able to provide sources of liquidity in a stress scenario. SOFP, specific indicators are observed in order to monitor
changes in market liquidity, as well as the impacts on liquidity as
TOTAL CONTINGENT LIQUIDITY a result of movements in exchange rates.
2017 2016 Behaviourally adjusted cumulative liquidity mismatch

Rbn Rbn (% of funding-related liabilities)
1
Eligible LCR HQLA comprising: 251.3 220.4 8
Notes and coins 18.3 19.6 6

Balances with central banks 38.8 38.1
Government bonds and bills 149.1 146.0 4
Other eligible assets 45.1 16.7
2
Managed liquidity 71.0 115.5
Total contingent liquidity 322.3 335.9
Total contingent liquidity as a % of (2)
funding-related liabilities 25.2% 26.9%
(4)
1 Eligible LCR HQLA considers any liquid transfer restrictions that will inhibit the
transfer across jurisdictions. (6)
0–7 0–1 0–3 0–6 0 – 12
days month months months months
Liquid assets held remain adequate to meet all internal stress
testing and regulatory requirements. QQ2017 QQ2016
Structural liquidity mismatch Funding activities

Maturity analysis of financial liabilities using Funding markets are evaluated on an ongoing basis to ensure
behavioural profiling appropriate group funding strategies are executed depending on
With actual cash flows typically varying significantly from the the market, competitive and regulatory environment. The group
contractual position, behavioural profiling is applied to assets, continues to focus on building its deposit base as a key
liabilities and off-balance sheet commitments, as well as to component of the group’s funding mix. Deposits sourced from
certain liquid assets. Behavioural profiling assigns probable South Africa and other major jurisdictions in the Africa Regions,
maturities based on historical customer behaviour. This is used Isle of Man and Jersey provide diversity of stable funding sources
to identify significant additional sources of structural liquidity in for the group.
the form of core deposits, such as current and savings accounts,
which exhibit stable behaviour despite being repayable on Primary funding sources are in the form of deposits across a
demand or at short notice. spectrum of retail and wholesale clients, as well as loan and debt
capital markets across the group. Total funding-related liabilities
In order to highlight potential risks within the group’s defined increased from R1 251 billion as at 31 December 2016 to
liquidity risk thresholds, structural liquidity mismatch analyses R1 277 billion as at 31 December 2017.
are performed regularly to anticipate the mismatch between
payment profiles of SOFP items.
76
Funding diversification by product (%) from increased demand for bank term issuance. Cost of liquidity
in money markets measured by the 12-month NCD cost traded in
a tight range during 2017. Marginal widening of term funding
spreads was experienced in the final quarter driven largely by
political risk and market credit events.
2017 2016
SBSA 12- and 60-month liquidity spread (bps)
180
160
140
2017 2016
Call deposits 25 24 120
Term deposits 19 19 100
Current accounts 17 16
Cash management deposits 13 13 80
Deposits from banks and central banks1 7 10 60
Negotiable certificates of deposits 11 10
40
Senior and subordinated debt 6 6
Savings accounts 2 2 20
FUNDING-RELATED LIABILITIES COMPOSITION1 Dec Dec Dec Dec Dec Dec

2012 2013 2014 2015 2016 2017
2017 2016 — 12-month NCD — 60-month NCD
Rbn Rbn
Corporate funding 391 387 The group’s credit ratings

Retail deposits2 343 321 The group’s ability to access funding at cost-effective levels is
Institutional funding 296 286 dependent on maintaining or improving the borrowing entity’s
Interbank funding 60 78 credit rating.
Government and parastatals 72 66
Senior debt 58 49 The following table provides a summary of the major credit
Term loan funding 32 41 ratings for the group and its principal operating subsidiary, SBSA,
Subordinated debt issued 19 22 as at 31 December 2017.
Other liabilities to the public 6 1
Total funding-related liabilities 1 277 1 251
CREDIT RATINGS
1 Composition aligned to Basel III liquidity classifications.
2
LONG-TERM FITCH
Comprises individual and small business customers.
Group issuer default rating BB+
Concentration risk limits are used within the group to ensure that
funding diversification is maintained across products, sectors, SBSA foreign currency issuer default rating BB+
geographic regions and counterparties.
South African sovereign foreign currency BB+
DEPOSITOR CONCENTRATION issuer default rating
2017 2016
% %
LONG-TERM MOODY’S
Single depositor (limit 10%) 1.7 2.4
Top 10 depositors (limit 20%) 7.6 9.5 Group issuer rating Ba1
SBSA foreign currency deposit rating Baa3

A component of the group’s funding strategy is to ensure that
sufficient contractual term funding is raised in support of term South African sovereign foreign currency Baa3
lending and to ensure adherence to the structural mismatch rating
tolerance limits and appetite guidelines.
The group successfully increased the longer-term funding during Credit ratings for SBSA are dependent on multiple factors,
2017, raising R32.4 billion through a combination of senior debt including the South African sovereign rating, capital adequacy
and syndicated loans. An additional R24.6 billion was raised levels, quality of earnings, credit exposure, the credit risk
through NCDs in excess of 12 months. The group issued governance framework and funding diversification. These
R3.5 billion of Basel III compliant AT1 bond instruments in 2017, parameters and their possible impact on the borrowing entity’s
the proceeds of which have been invested as AT1 in SBSA. credit rating are monitored closely and incorporated into the
group’s liquidity risk management and contingency planning
The graph that follows is a representation of the market cost of considerations.
liquidity, which is measured as the spread paid on NCDs relative
to the prevailing reference rate. The graph is based on actively- The foreign and local currency ratings downgrades in the first
issued money market instruments by banks, namely 12- and half of 2017 have had a more benign impact than previously
60-month NCDs. For the period under review, market cost of anticipated on the availability and cost of foreign currency
liquidity compressed in the 60-month tenor, as banks benefited funding. This was largely due to the supportive global liquidity
Standard Bank Group

Funding and liquidity risk Governance continued
environment for emerging markets. The group continues to

monitor the implications of further South African sovereign credit
rating agency downgrades for both local and foreign currency
which could have a more significant impact on the group’s access
and cost of foreign currency liquidity sources.
A rating downgrade would reduce the thresholds above which

collateral must be posted with counterparties to cover the
group’s negative mark-to-market on derivative contracts. These
are managed within the liquidity management pillar. The potential
cumulative impact on additional collateral requirements is
contained in the table below.
1, 2 AND 3 NOTCH RATING DOWNGRADES

2017 2016
Rm Rm
Impact on the group’s liquidity

of a collateral call linked to
downgrading by
1 notch 430 398
2 notch 430 535
3 notch 430 535
Conduits
The group provides standby liquidity facilities to two conduits,
namely BTC and Thekwini Warehouse Conduit.
These facilities, which totalled R4.9 billion in 2017

(2016: R5.6 billion), had not been drawn on.
The liquidity risk associated with these facilities is managed

in accordance with the group’s overall liquidity position and
represents less than 2% of the group’s total liquidity (2016: 2%).
The liquidity facilities are included in both the group’s structural
liquidity mismatch, as well as in liquidity risk stress testing.
INSURANCE OPERATIONS
Long-term insurance
Refer to annexure C of the AFS for Liberty’s liquidity risk
disclosures.
Short-term insurance
SIL’s investments are made considering the nature, term and
uncertainty of its liabilities. SIL manages its liquidity risk in
accordance with its risk appetite statement. This covers
monitoring available liquid assets against immediate expenses
such as operational expenses, technical provisions for claims
outstanding and any outstanding reinsurance premium. SIL also
includes the impact of unexpected losses from several
catastrophic events in its liquidity risk management. SIL manages
liquidity risk on a stand-alone basis such that no reliance is
placed on the group to provide contingent funding to the
insurance entity.
78
MARKET RISK
80 Approved regulatory capital
approaches
80 Governance
80 Trading book market risk
83 Post-employment obligation risk
83 Long-term insurance
85 Short-term insurance
Standard Bank Group

Market risk continued
BANKING OPERATIONS
Approved regulatory capital approaches
The group has approval from the SARB to adopt the internal models approach for most asset classes and across most market variables
in SBSA with the balance on the standardised model.
For material equity portfolios, the group has approval from the SARB to adopt either the market-based or PD/LGD approach.
There are no regulatory capital requirements for interest rate risk in the banking book (IRRBB), structural foreign exchange exposures or
own equity-linked transactions. The group does not apply the incremental risk charge or comprehensive risk capital charge approach.
Governance
The governance management level committees overseeing market risk are group ALCO.
The principal governance documents are the market risk governance standard and the model risk governance framework.
The group’s key market risks are:

•trading book market risk
•IRRBB*
•equity risk in the banking book*
•foreign currency risk*
•own equity-linked transactions*
•post-employment obligation risk.
* Refer to annexure C of the group’s annual
AFS financial statements for disclosure.
Trading book market risk

Definition
Trading book market risk is represented by financial instruments, including commodities, held in the trading book, arising out of normal
global markets’ trading activity.
MR1: MARKET RISK UNDER STANDARDISED APPROACH

2017 2016
RWA RWA
Rm Rm
Outright products 45 651 20 124

Interest rate risk (general and specific) 44 188 18 809
Equity risk (general and specific) 30 65
Foreign exchange risk 1 384 1 199
Commodity risk 49 51
Options 1 566 1 287

Delta-plus method 1 566 1 287
Total 47 217 21 411

OV1 OV1
80
MARKET RISK
MR2: RWA FLOW STATEMENTS OF MARKET RISK EXPOSURES UNDER IMA
Total
VaR SVaR RWA
Rm Rm Rm
RWA December 2016 8 610 9 423 18 033

Movement in risk levels (4 264) (965) (5 229)
RWA December 2017 4 346 8 458 12 804
OV1
RWA September 2016 6 849 8 294 15 143
Movement in risk levels 1 714 1 123 2 837
Model updates/changes 47 6 53
RWA December 2016 8 610 9 423 18 033
OV1
Approach to managing market risk in the Daily losses exceeding the VaR are likely to occur, on average,
trading book 13 times in every 250 days.
The group’s policy is that all trading activities are undertaken
SVaR uses a similar methodology to VaR, but is based on a
within the group’s global markets’ operations.
251-day period of financial stress which is reviewed quarterly and
assumes a ten-day holding period and a worst case loss. The
The market risk functions are independent of the group’s trading
ten-day period is based on the average expected time to reduce
operations and are accountable to the relevant legal entity
positions. The period of stress for SBSA is currently the
ALCOs. ALCOs have a reporting line into group ALCO, a
2008/2009 financial crises while, for other markets, more recent
subcommittee of GROC.
stress periods are used.
All VaR and SVaR limits require prior approval from the respective
Where the group has received internal model approval, the
entity ALCOs. The market risk functions have the authority to set
market risk regulatory capital requirement is based on VaR and
these limits at a lower level.
SVaR, both of which use a confidence level of 99% and a ten-day
Exposures and excesses are monitored and reported daily. Where holding period.
breaches in VaR or SVaR limits occur, actions are taken by market
Limitations of historical VaR are acknowledged globally
risk functions to bring exposures back in line with approved
and include:
market risk appetite, with such breaches being reported to
management and entity ALCOs. •the use of historical data as a proxy for estimating future
events may not encompass all potential events, particularly
Measurement those which are extreme in nature
The techniques used to measure and control trading book •the use of a one-day holding period assumes that all positions
market risk and trading volatility include VaR and SVaR, stop-loss can be liquidated or the risk offset in one day. This will usually
triggers, stress tests, backtesting and specific business unit and not fully reflect the market risk arising at times of severe
product controls. illiquidity, when a one-day holding period may be insufficient to
liquidate or hedge all positions fully
VaR and SVaR •the use of a 95% confidence level, by definition, does not take
The group uses the historical VaR and SVaR approach to quantify into account losses that might occur beyond this level of
market risk under normal and stressed conditions. confidence.
For risk management purposes VaR is based on 251 days of VaR is calculated on the basis of exposures outstanding at the
unweighted recent historical data updated at least monthly, a close of business and, therefore, does not necessarily reflect
holding period of one day and a confidence level of 95%. The intra-day exposures. VaR is unlikely to reflect loss potential on
historical VaR results are calculated in four steps: exposures that only arise under significant market movements.
•calculate 250 daily market price movements based on 251
Trading book credit risk
days’ historical data. Absolute movements are used for interest
rates and volatility movements; relative for spot, equities, Credit issuer risk is assumed in the trading book by virtue of
credit spreads, and commodity prices normal trading activity, and is managed according to the group’s
market risk governance standard. These exposures arise from,
•calculate hypothetical daily profit or loss for each day using
among others, trading in debt securities issued by corporate and
these daily market price movements
government entities, as well as trading credit derivative
•aggregate all hypothetical profits or losses for day one across transactions with other banks and corporate clients.
all positions, giving daily hypothetical profit or loss, and then
repeat for all other days The credit spread risk is incorporated into the daily price
•VaR is the 95th percentile selected from the 250 days of daily movements used to compute VaR and SVaR mentioned above.
hypothetical total profit or loss.
Standard Bank Group

Market risk Banking operations continued
The VaR models used for credit issue risk are only intended to Backtesting
capture the risk presented by historical day-to-day market The group backtests its VaR models to verify the predictive ability
movements, and, therefore, do not take into account of the VaR calculations and ensure the appropriateness of the
instantaneous or jump to default risk. Issuer risk is incorporated models within the inherent limitations of VaR.
in the standardised approach interest rate risk charge for SBSA.
Backtesting compares the daily hypothetical profits and losses
Stop-loss triggers under the one-day buy and hold assumption to the prior day’s
Stop-loss triggers are used to protect the profitability of the calculated VaR. In addition, VaR is tested by changing various
trading desks, and are monitored by market risk on a daily basis. model parameters, such as confidence intervals and observation
The triggers constrain cumulative or daily trading losses through periods to test the effectiveness of hedges and risk-mitigation
acting as a prompt to review or close-out positions. instruments.
Stress tests Refer to the graph below for the results of the group’s
Stress testing provides an indication of the potential losses that backtesting for 2017. The volatility in hypothetical profit in
could occur under extreme but plausible market conditions, May 2017 is largely as a result of the devaluation of the
including where longer holding periods may be required to exit Nigerian naira and introduction of the Nigerian autonomous
positions. Stress tests comprise individual market risk factor foreign exchange fixing rate.
testing, combinations of market factors per trading desk and
combinations of trading desks using a range of historical, Regulators categorise a VaR model as green, amber or red and
hypothetical and Monte Carlo simulations. Daily losses assign regulatory capital multipliers based on this categorisation.
experienced during the period under review, did not exceed the A green model is consistent with a satisfactory VaR model and is
maximum tolerable losses as represented by the group’s stress achieved for models that have four or less backtesting exceptions
scenario limits. in a 12-month period at 99% VaR. All of the group’s approved
models were assigned green status for the period under review
(2016: green).
Five exceptions occurred in 2017 (2016: nine) for 95% VaR and
one exception (2016: one) for 99% VaR.
Backtesting: hypothetical income of trading units and VaR

Rm
300
250
200
150
100
50
0
( 50)
(100)
January 2017 December 2017
QQHypothetical income 95% VaR (including diversification benefits) 99% VaR (including diversification benefits)
Specific business unit and product controls MR3: IMA VALUES FOR TRADING PORTFOLIOS
Other market risk limits and controls specific to individual
business units include permissible instruments, concentration of 2017 2016
exposures, gap limits, maximum tenor, stop-loss triggers, price Rm Rm
validation and balance sheet substantiation.
VaR (ten-day 99%)
Maximum value 278 314
Trading book portfolio characteristics
Average value 135 147
VaR for the period under review Minimum value 57 74
Trading book market risk exposures arise mainly from residual Period end 63 262
exposures from client transactions and limited trading for the
group’s own account. In general, the group’s trading desks have SVaR (ten-day 99%)
run similar levels of market risk throughout 2017 when compared Maximum value 361 361
to 2016 aggregate normal VaR, and similar levels when compared Average value 207 187
to aggregate SVaR. Minimum value 78 98
Period end 201 275
82
MARKET RISK
Analysis of trading profit
The graph that follows shows the distribution of daily trading income for the period ended 31 December 2017. It captures trading volatility
and shows the number of days in which the group’s trading-related revenues fell within particular ranges. The distribution is skewed
favourably to the profit side.
For the period under review, trading profit was positive for 250 out of 259 days (2016: 242 out of 260 days) on an aggregated global
basis.
Distribution of daily trading income (Rm)
140
120
100
Frequency of days
80
60
40
20
<(30) (30) to 0 0 to 30 30 to 60 60 to 90 >90
QQ2017 QQ2016
Post-employment obligation risk Liberty’s shareholders are exposed to the categories of market
risk, arising predominantly from:
The group operates both defined contribution plans and defined
benefit plans, with the majority of its employees participating in •the long-term policyholder asset/liability mismatch risk. This
defined contribution plans. The group’s defined benefit pension occurs if Liberty’s property and financial assets do not move in
and healthcare provider schemes for past and certain current the same direction or by the same magnitude as the
employees create post-employment obligations. Post-employment obligations arising under its insurance and investment
obligation risk arises from the requirement to contribute as an contracts despite the controls and hedging strategies
employer to an under-funded defined benefit plan. employed
•exposure to management fee revenues not already recognised
The group mitigates these risks through independent asset in the negative rand reserves1
managers and independent asset and liability management •financial assets forming Liberty’s capital base (also referred to
advisors for material funds. Potential residual risks which may as shareholders’ equity), including currency risks on capital
impact the group are managed within the group asset and liability invested outside South Africa
management process. Refer to note 45 in the annual financial •financial assets held to back liabilities other than long-term
statements for more detail on the group’s post-employment policyholder liabilities.
obligation risk.
The market risk associated with assets backing long-term
INSURANCE OPERATIONS policyholder investment-linked liabilities, including discretionary
participation features is largely borne by the policyholders.
Long-term insurance However, poor performance on policyholder funds can lead to
reputational damage and subsequently, to increased policyholder
For management purposes, Liberty’s market risk is split into the
withdrawals and a reduction in new business volumes.
following three categories:
•market risks to which Liberty wishes to maintain exposure on a Shareholder investment portfolio
long-term strategic basis: these include market risks arising
Liberty recognises the importance of investing its capital base,
from assets within the shareholder investment portfolio which
namely the shareholder funds, in a diversified portfolio of
is managed by LibFin Investments
financial assets.
•market risks to which Liberty does not wish to maintain
exposure on a long-term strategic basis as they are not The Liberty board approves the long-term asset mix of the
expected to provide an adequate return on economic capital portfolio. The long-term asset mix, also known as the strategic
over time, may be mitigated, either through improved product asset allocation is defined on a through-the-cycle basis and aims
design or through open market activity to maximise after-tax returns for a level of risk consistent with
•market risks to which Liberty does not wish to maintain the group’s risk appetite statement. In determining the strategic
exposure but where Liberty is unable to adequately and/or asset allocation, consideration is given to the risk capacity
economically mitigate these risks through hedging. In certain already utilised by Liberty’s core business activities, as well as to
instances, these market risks are second order risks resulting liquidity, regulatory and/or operational constraints.
from, for example, liquidity risks or reputational risks. While
these risks cannot necessarily be hedged, they are identified, 1 Negative rand reserves are negative liabilities (within long-term policyholder
measured and monitored as far as possible. liabilities) and policyholder assets arising when the discounted value of
expected future inflows exceeds the discounted value of expected future
outflows.
Standard Bank Group

Market risk Insurance operations continued
LibFin is responsible for implementing the investment strategy activity may in certain cases mitigate risk in one dimension while
and monitoring performance with oversight from group risk resulting in increased risk in others. In recognition of these
functions and ultimately the Liberty board. The implementation unintended consequences, the impact of hedging decisions is
of the investment strategy is in part achieved through the assessed across all dimensions prior to transacting. Post-
mandating of STANLIB and other asset managers. Tactical asset transacting, hedge effectiveness is monitored closely by Liberty’s
allocation is primarily performed by STANLIB within a mandate market risk team.
approved by the Liberty board.
The nature of the existing business results in certain risks being
The typical asset classes included in this portfolio are equities, difficult to hedge, such as long-dated implied volatility exposures,
fixed income, property and cash, both in local and foreign movements in long-dated interest rates and correlation risks. It is
currency. Allocations are also made to alternative asset classes in not possible to entirely hedge these risks and, hence, some
search of yield and diversification benefits. As a result, the residual unhedged risks and associated volatility remain. In such
portfolio is exposed to currency movements, as well as market instances limits are imposed on the magnitude of risk accepted.
movements in the underlying asset classes. In addition, capital is held against unhedgeable risks.
In the short-term, market movements may contribute to some Foreign currency risk
earnings volatility. The diversified nature of the portfolio should, Offshore assets are held in policyholders’ portfolios to match the
however, serve to minimise the overall impact on earnings. corresponding liabilities. Liberty is exposed to currency risk
through minimum investment return guarantees issued on
Asset liability management portfolio contracts invested in offshore portfolios and related mismatches,
Liberty has chosen to mitigate a number of market risk as well as through the 90/10 fee exposure and management fees.
exposures, arising from asset/liability mismatches, to which it In addition, some of the shareholder capital base is invested in
does not wish to be exposed on a long-term strategic basis. offshore assets, including subsidiaries in the Africa Regions.
The decision to hedge these risks is based on the following Investment guarantees have not been offered on new business
factors: invested in offshore portfolios since 2005. The rand-denominated
•continuing to assume these market risks may result in Liberty value of management fees derived from these contracts is
operating outside of its risk appetite subject to currency risk. Strengthening of the rand against the
•there is a liquid and tradable market in which to hedge these offshore currencies reduces the rand value of management fees
market risks on offshore portfolios and increases the liability in respect of
rand-denominated minimum investment return guarantees
•these market risks are capital intensive and over time have the
on this business. The weakening of the rand will have the
potential to reduce shareholders’ returns on capital unless
opposite effect.
actively managed
•some of the risks (for instance, those which arise from selling The gross exposure to foreign-denominated financial
investment guarantees) are asymmetric in nature, and could instruments expressed in rand (converted at closing rates)
compromise Liberty’s solvency in severe market conditions. as at 31 December 2017 is R74.6 billion (2016: R84.4 billion).
It is not practical to isolate foreign currency assets contained
Risk mitigation is achieved through a dynamic hedging within rand-denominated mutual funds (which are not
programme, managed by LibFin. The hedging programme aims subsidiaries) and investment policies.
to manage the risks within the group’s agreed risk appetite
framework through the use of best practice market risk
Property market risk
management techniques.
Liberty is exposed to tenant default, depressed rental markets
The exposures which are included in this hedging programme and unlet space within its investment property portfolio affecting
include the following: property values and rental income. The managed diversity of
the property portfolio and the existence of multi-tenanted
•embedded derivatives provided in contracted policies, for buildings significantly reduce the exposure to this risk. As at
example, minimum investment return guarantees and 31 December 2017, the proportion of unlet space in the property
guaranteed annuity options portfolio was 7% (2016: 5%).
•the interest rate exposure from writing guaranteed immediate
annuities, deferred annuities and guaranteed investment plans Property market risk also arises with respect to shareholder
•guaranteed index trackers exposures to investment guarantees and negative rand reserves.
•negative rand reserves.
Derivative financial instruments and risk mitigation
These risks are managed in the asset and liability management Certain Liberty entities are party to contracts for derivative
portfolio using a variety of hedging instruments available in the financial instruments, mainly entered into as part of the dynamic
market. hedging strategy used to manage asset-liability mismatches and
to facilitate investment portfolio optimisation. Instruments used
In some instances, reducing exposure to undesirable risks may to mitigate risks such as equity, interest rate and currency risk
result in increased exposure to other risks. In addition to this, as include vanilla futures, options, swaps, swaptions and forward
the risk appetite limits cover different dimensions, hedging exchange contracts.
84
MARKET RISK
Derivative financial instruments give rise to credit default and
operational risk, both of which are managed appropriately.
Derivative financial instruments are either traded on a regulated
exchange, for example, the South African Futures Exchange
(SAFEX), or negotiated over-the-counter (OTC) as a direct
arrangement between two counterparties. Instruments traded on
SAFEX are margined and SAFEX is the counterparty to each and
every trade. OTC instruments are only entered into with
appropriately approved counterparties and are entered into in
terms of signed ISDAs and collateral support agreements with
each counterparty.
Short-term insurance
Market risk arises from investments in cash, corporate money
market and collective investment schemes. It is not as material
for the short-term insurance business as it is in the group context
due to the nature of SIL’s liabilities, where larger portions of
investments are in cash and bond-type investments.
Management of the investment portfolio is outsourced to

investment managers within the group, with target returns,
portfolio limits and capital preservation requirements specified in
the mandate. The mandate and performance of investments
relative to the insurance entity’s budget and risk appetite is
reviewed and monitored by the insurance entity’s investment
committee.
Standard Bank Group

INSURANCE
RISK
87 OVERVIEW
87 LONG-TERM INSURANCE RISK
87 Overview
87 Approach to managing long-term
insurance risks
87 Long-term insurance risk subtypes
88 SHORT-TERM INSURANCE RISK
88 Overview
88 Approach to managing short-term
insurance risk
88 Short-term insurance risk subtypes
86
INSURANCE RISK
OVERVIEW Risk management post-implementation of
products and of in-force policies
Insurance risk arises due to uncertainty regarding the timing and
The ongoing management of insurance risk, once the risk has
amount of future cash flows from insurance contracts. This could
been contracted, includes the management of costs, premium
be due to variations in mortality, morbidity, policyholder
adjustments where permitted and appropriate, and management
behaviour or expense experience in the case of life products, and
strategies to encourage customers to retain their contracts; and
claims incidence, claim severity or expense experience in the
careful follow up on disability claims and annuitant deaths.
case of short-term insurance products.
Investigations are conducted at least annually on all significant
Insurance risk applies to the long-term insurance operations
insurance risks to ascertain the extent of deviations from
housed in Liberty and the short-term insurance operations
assumptions and their financial impacts. If the investigations
housed in Liberty Africa, Liberty Health and SIL.
indicate that these deviations are likely to persist in future, the
assumptions will be adjusted accordingly for the subsequent
LONG-TERM INSURANCE RISK measurement of policyholder contract values. Furthermore, any
deviations that are likely to persist are also used to inform the
Overview product development and pricing of new and existing products.
The management and staff in all business units accepting
insurance risk are responsible for the day-to-day identification, Insurance risks are assessed and reviewed against the group’s
analysis, pricing, monitoring and management of insurance risk. risk appetite and risk target. Mitigating actions are developed for
It is also management’s responsibility to report any material any risks that fall outside of management’s assessment of risk
insurance risks, risk events and issues identified to senior appetite in order to reduce the level of risk to within the approved
management through certain predefined escalation procedures. tolerance limits.
Liberty’s statutory actuaries, the group insurance risk Long-term insurance risk subtypes
department and the heads of risk in the business units provide
independent oversight of compliance with Liberty’s risk
Policyholder behaviour risk
management policies and procedures, and the effectiveness of Policyholder behaviour risk is the risk of adverse financial impact
Liberty’s insurance risk management processes. caused by actual policyholders’ behaviour deviating from
expected policyholders’ behaviour, mainly due to:
Approach to managing long-term •regulatory and law changes (including taxation)
•changes in economic conditions
insurance risks
•sales practices
Risk management takes place prior to the acceptance of risks
•competitor behaviour
through product development, pricing processes and at the point
of sale. Risks continue to be managed through the measurement, •policy conditions and practices
monitoring and treatment of risks once the risks are contracted. •policyholders’ perceptions.
Risk management through product development, Policyholder behaviour risk, in particular withdrawal risk, remains
significant with the experience being volatile and linked in part to
pricing and at the point of sale
the economic cycle. This risk is managed through frequent
The product development and pricing process defines the terms
monitoring of experience and actively driving retention initiatives
and conditions on which the group is willing to accept risks. Once
in areas exhibiting deteriorating experience. A focus on being
a policy has been sold, the group is placed on risk for the
customer centric, including listening to customers to understand
duration of the contract and the group cannot unilaterally change
the drivers of the experience, enables appropriate actions to
the terms and conditions of the policy except where the policy
be taken.
allows for rate reviews. It is for these reasons that risks need to
be carefully assessed and appropriately mitigated before a
Underwriting risks
product is launched and before new policies are accepted onto
the group’s balance sheet. The product development and Underwriting risks are the risks that future demographic or
approval process ensures that: claims incidence experience will exceed the allowance for
expected demographic or claims incidence experience, as
•risks inherent in new products are identified and quantified determined through provisions, pricing, risk measures and value
•sensitivity tests are performed to enhance the understanding measures. Underwriting risks include, among others, mortality,
of the risks and appropriateness of mitigating actions morbidity and longevity risks.
•pricing is adequate for the risk undertaken
•product design takes account of various factors, including the Liberty views these underwriting risks as risks that are core to
size and timing of fees and charges, appropriate levels of their business. Liberty uses its specialist skills (with assistance
minimum premiums, commission structures and policy terms from reinsurers where considered necessary) to enhance risk
and conditions selection for the assessment, pricing and management of these
•the group makes use of reinsurance to reduce its exposures to risks to generate favourable shareholder returns. These risks are
some insurance risks diversified by exposure across many different lives, geographies,
and product types and will generally be retained if they are within
•customers’ needs and expectations will be met by the product
risk appetite.
•the controls required to provide the product within risk
appetite are identified and established
•post-implementation reviews are performed to ensure that
intended outcomes are realised and to determine if any further
action is required.
Standard Bank Group

Insurance risk Long-term insurance risk continued
Mortality and morbidity risk Liberty manages the expense and new business risk by:
Mortality risk is the risk of an adverse financial impact due to •regularly monitoring actual expenses against the budgeted
actual mortality (death) claims being higher than anticipated. expenses
Morbidity risk is the risk of an adverse financial impact due to •regularly monitoring new business volumes and mix
policyholder health-related (disablement and dread disease) •regularly monitoring withdrawal rates, including lapses
claims being higher than expected.
•implementing cost control measures in the event of expenses
exceeding budget or of significant unplanned reductions in the
Liberty has a range of standard processes and procedures in
number of in-force policies.
place to manage mortality and morbidity risk, including
differentiating by the individual characteristics, right of review of
Even though expense risk does not give rise to large capital
premiums, underwriting at inception, medical tests, and use of
requirements, the management of expense risk is core to the
experienced reinsurers and claims assessors.
business. The expenses that the group expects to incur on
policies are allowed for in product pricing. If the expenses
These risks will generally be retained. Mortality and morbidity
expected to be incurred are considerably higher than those of
risk give rise to significant economic capital requirements
other insurers offering competing products, the ability of the
particularly due to potential catastrophic events. Since it is
group to sell business on a profitable basis will be impaired. This
difficult to obtain reinsurance for certain catastrophic events on
not only has capital implications, but can also affect the group’s
reasonable terms, the mortality and morbidity economic capital
ability to function as a going concern in the long term.
requirements are likely to remain significant.
Longevity risk SHORT-TERM INSURANCE RISK

Longevity risk is the risk of an adverse financial impact due to
actual annuitant mortality being lower than anticipated, that is, Overview
annuitants living longer than expected. For life annuities, the loss SIL writes mainly property, motor, accident and health insurance
arises as a result of the group having undertaken to make regular on a countrywide basis within South Africa. Approximately 70%
payments to policyholders for their remaining lives, and possibly of the total gross written premium is property insurance which
to the policyholders’ spouses for their remaining lives. indemnifies, subject to any limits or excesses, the policyholder
against loss or damage to their own property and business
The most significant risks on these liabilities are continued interruption arising from this damage.
medical advances and improvements in social conditions that
lead to longevity improvements being better than initially Liberty writes medical expense insurance through Total Health
expected. Liberty manages the longevity risk by: Trust Limited to government employees and corporate
•annually monitoring the actual longevity experience and customers in Nigeria. Medical expense cover is also provided via
identifying trends over time subsidiary Liberty Health Holdings (Pty) Limited, to customers in
22 African countries.
•making allowance for future mortality rates falling in the
pricing of new business and the measurement of policyholder
contract values. This allowance will be based on the trends Approach to managing short-term insurance
identified in experience investigations and external data risk
•regularly verifying annuitants are still alive. Short-term insurance risk is managed through various control
processes, including risk rating pricing, underwriting conditions,
Expense expectation and new business risk product design, efficient and effective claims management
Expense expectation risk is the risk of an adverse financial processes, fraud risk management and reinsurance controls.
impact due to the timing or amount of administration expenses
incurred, or both, differing from those expected, e.g. the actual The principal governance document is the group’s short-term
cost per policy differs from that assumed in the pricing or insurance risk governance standard. The insurance entity
valuation basis. manages risk through the consideration of trigger conditions that
result in the review of its risk strategy. This considers the nature,
New business risk is the risk of an adverse financial impact due scale and complexity of the entity’s risks. Risk appetite metrics
to the actual volume, mix and/or quality of new business and stress/scenario testing form part of risk management
deviating from that expected in calculating expected financial practices to better understand and manage the threats and
outcomes. New business strain is included in this risk type. opportunities the business faces.
Allowance is made for expected future maintenance expenses in Short-term insurance risk types
the measurement of long-term policyholder contract values
using a cost per policy methodology. These expected expenses The underwriting strategy seeks diversity to ensure a balanced
are dependent on estimates of the number of in-force and new portfolio and is based on a large portfolio of similar risks over a
business policies. As a result, the risk of expense loss arises due large geographical area. This strategy is cascaded down to
to expenses increasing by more than expected, as well as from individual underwriters through detailed underwriting authorities
the number of in-force and/or new business policies being less that set out the limits that any one underwriter can write by line
than expected. size, class of business, territory and industry in order to enforce
appropriate risk selection within the portfolio.
88
INSURANCE RISK
The key risks associated with short-term insurance are Short-term insurance operations are impacted by adverse
underwriting risk, competitor risk and claims experience risk economic conditions which could lead to lower new business
(including the variable incidence of natural disasters). Property take-up rates, higher than budgeted cancellation rates and fraud.
is subject to a number of risks, including theft, fire, business The potential for fraudulent behaviour is also very high. New
interruptions and weather. business and lapse rates are budgeted each year and monitored
on a monthly basis. These rates are reported and compared to
For property classes of business there is a significant budget figures.
geographical concentration of risk such that external factors, like
adverse weather conditions, may adversely impact upon a large Catastrophe risk
proportion of a particular geographical portion of the company’s The risk of adverse financial impact due to a single event or
property risks. Claim inducing perils such as storms, floods, series of events of major magnitude, usually over a short period
subsidence, fires, explosions and rising crime levels will occur on (often 72 hours), leads to a significant deviation in actual claims
a regional basis, meaning that SIL has to manage its geographical from the total expected claims.
risk dispersion carefully.
Claims incidence risk
The greatest likelihood of significant losses to the group arises
from catastrophic events such as flood, storm or earthquake This is the risk of loss in excess of what has been priced for,
damage. To mitigate this risk, the insurance entity buys arising from accident, fire and theft on short-term insurance
reinsurance across a diversified panel of multiple third-party business.
reinsurers, each participating on different structures according to
On certain types of business, for example, third-party liability
their own risk tolerance. Reinsurance protects the insurance
claims, the claim distribution is longer tailed. This means that the
entity from downside risk from individual large claims, several
final cost of the claim is only known many years into the future.
accumulations of claims and catastrophic claims such as hail
The risk here is that the group reserves inadequately for this
damage and earthquakes.
ultimate claims cost.
Risk and catastrophe reinsurance
Expense risk
The business reinsures a portion of the risks it underwrites in
This is the risk of an adverse financial impact due to the timing
order to control its exposure to losses and protect capital
and/or amount of expenses incurred, or both differing from those
resources. For example, excess of loss reinsurance and
expected in administering policies, e.g. assumed in the pricing
catastrophe reinsurance protect against major losses on high
basis or actual cost per policy.
sums insured and major natural disasters respectively. The key
natural disasters affecting the business includes hail and water
The expenses that the group is expected to incur on policies are
damage, which has impacted South Africa more regularly over
allowed for in product pricing. If the expenses expected to be
the last few years, as well as the potential of earthquake damage,
incurred are considerably higher than those of insurers offering
which is, however, a more remote risk.
competing products, the group’s ability to sell business on a
profitable basis will be restricted. This does not only have capital
Policyholder behaviour risk implications, but can also affect the group’s short-term insurance
Policyholder behaviour risk is the risk of loss arising due to actual operations ability to function as a going concern in the long term.
policyholders discontinuing their insurance policies earlier or
more frequently than expected. This may arise due to a change in New business risk
economic conditions and/or inconsistent policy practices,
This is the risk of an adverse financial impact due to the actual
regulatory and tax changes, selling practices and policyholder
volume and/or quality of new business deviating from the
perceptions.
expected volume and/or quality.
The primary policyholder behaviour risk is persistency risk, which
arises due to policyholders cancelling insurance cover on
short-term insurance business. This could lead to a reduction in
premium income, an increase in the expense ratio and a
reduction on the return on capital.
Standard Bank Group

OPERATIONAL
RISK
OPERATIONAL RISK
93 INSURANCE COVER
93 GOVERNANCE
93 APPROVED REGULATORY CAPITAL
APPROACH
93 OPERATIONAL RISK SUBTYPES
93 Cyber risk
93 Information risk
94 Financial crime risk
94 Technology risk
94 Model risk
94 Tax risk
95 Legal risk
95 Environmental and social risk
90
OPERATIONAL RISK
APPROACH TO MANAGING The core capabilities of operational risk ensure alignment and
integration across:
OPERATIONAL RISK •developing and maintaining the operational risk governance
The group recognises that operational risk exists in the natural framework
course of business activity and adheres to the group’s •facilitating the business’s adoption of the operational risk
operational risk governance framework, which sets out the framework
minimum standards for operational risk management adopted •regulatory oversight
across the group. This framework aligns to the group’s strategy •monitoring and assurance
by demonstrating that the purpose of operational risk •reporting
management is not to eliminate all risks, which is not •challenging the risk profile and providing guidance and advice
economically viable, but rather to enable management to weigh as thought leaders.
the payoff between risk and reward. The framework also ensures
that adequate and consistent governance is in place, guiding The operational risk management function analyses root causes
management to avoid unacceptable risks such as: of internal incidents and events to allow for the implementation
•breaking the law and recommendation of controls to curb future threats. These
•damaging the group’s reputation analyses are followed by self-assessments and risk-focused
•disrupting services to customers reviews, where an independent team provides objective
monitoring and assessment of the adequacy and effectiveness
•wilful conduct failures
encompassing the implementation of the operational risk
•inappropriate market conduct governance framework. The function also plays a role in
•knowingly breaching regulatory requirements influencing risk decision-making and implementing of risk
•causing environmental damage. controls, which results in acceptance, mitigation, or avoidance of
risk. The function also provides an assessment of regulatory
The group’s approach to managing operational risk is to adopt requirements that need to be implemented within embedded
fit-for-purpose operational risk practices that assist line operational risk management functions to ensure regulatory
management in understanding their residual risk and managing compliance.
their risk profile within risk appetite. The management of
operational risk primarily resides in first line, supported by Individual teams are dedicated to each business line and report
second line with dedicated centres of excellence. The operational to the respective PBB and CIB CRO with a functional reporting
risk management function forms part of the second line of line to the group head of operational risk management. The
defence and is an independent area, reporting to the group CRO. group function provides dedicated teams to corporate functions
such as finance, IT and human capital. These teams work
The framework ensures that those banking entities adopting the alongside their corporate functions and facilitate the adoption of
AMA or the standardised approach for regulatory capital the operational risk governance framework. As part of the second
purposes can meet the relevant regulatory criteria. The AMA line of defence, they also monitor and challenge management in
capital is currently estimated twice per year. The AMA capital respect of their operational risk profile.
model is validated by an independent model validation team and
approved for ongoing use by the PBB, CIB and group model Business continuity management is a process that identifies
approval committees. potential operational disruptions and provides a basis for
planning for the mitigation of the negative impact from such
disruptions. In addition, it promotes operational resilience and
ensures an effective response that safeguards the interests of
both the group and its stakeholders. The group’s business
continuity management framework encompasses emergency
response preparedness and crisis management capabilities to
manage the business through a crisis to full recovery. The group’s
business continuity capabilities are evaluated by testing business
continuity plans and conducting crisis simulations.
Standard Bank Group

Operational risk Approach to managing operational risk continued
Operational risk subtypes are

managed and overseen by Cyber risk may arise as a result of the
specialist functions. CYBER disclosure, modification, destruction or theft of
These subtypes include: RISK information stored, or transmitted on systems or
networks, or from the unavailability of the
transaction site, systems or networks.
Information risk is the risk of accidental or

intentional unauthorised use, modification, INFORMATION
disclosure or destruction of information RISK
resources, which would compromise the
confidentiality, integrity or availability of
information assets and business information
assets.
Financial crime risk is defined as the risk of
FINANCIAL economic loss, reputational risk and regulatory
CRIME
sanction arising from any type of financial
RISK
crime against the group. Financial crime
includes fraud, theft, money laundering, bribery,
corruption, violent crime and misconduct by
staff, customers, suppliers, business partners,
Technology risk encompasses both technology stakeholders and third-parties.
risk and technology change risk. Technology risk TECHNOLOGY
refers to the risk associated with the use, RISK
ownership, operation, involvement, influence and
adoption of technology within the group.
It consists of technology-related events and
conditions that could potentially impact the
business. Technology change risk refers to the risk Model risk arises from potential weaknesses in
arising from changes, updates or alterations made MODEL a model that is used in the measurement, pricing
to the IT infrastructure, systems or applications RISK and management of risk. These weaknesses
that could affect service reliability and availability. include incorrect assumptions, incomplete
information, inaccurate implementation, limited
model understanding, inappropriate use or
inappropriate methodologies leading to incorrect
Tax risk is the possibility of suffering conclusions by the user.
unexpected loss, financial or otherwise, as a TAX
result of the application of tax systems, whether RISK
in legislative systems, rulings or practices,
applicable to the entire spectrum of taxes and
other fiscal imposts to which the group is
subject.
Legal risk is defined as the exposure to adverse
LEGAL consequences, attendant upon non-compliance
RISK with legal or statutory responsibilities and/or
legal rights not being binding or enforceable.
Environmental risk is described as a measure

of the potential threats to the environment that
lending or financial services activities may have.
ENVIRONMENTAL
It combines the probability that events will cause AND SOCIAL
or lead to the degradation of the environment RISK
and the magnitude of the degradation.
Environmental risk includes risks related to or
resulting from climate change, human activities
or from natural processes that are disturbed by
changes in natural cycles.
COMPLIANCE sanction, financial loss or damage to reputation
Social risk consists of risks to people, their RISK that the group may suffer as a result of its failure
livelihoods, health and welfare, socioeconomic to comply with laws, regulations, codes of
development, social cohesion and the ability to conduct and standards of good practice
adapt to changing circumstances. applicable to its financial services activities.
66 more information
The following risk types are part of the •physical assets risk RCM –67 on pages 66 –67.
extended operational risk taxonomy •human capital risk
and are considered for capital •accounting and financial risk.
allocation in the ICAAP process:
92
OPERATIONAL RISK
INSURANCE COVER activity, and in South Africa the largest breach of confidential
records (an estimated 63 million records) was reported as a
The group buys insurance to mitigate operational risk. This cover result of a property company failing to secure its website.
is reviewed on an annual basis. The group insurance committee
oversees a substantial insurance programme designed to protect The escalation in the scale and sophistication of cyber crime is
the group against loss resulting from its business activities. amplified by the growing digitisation of businesses and the
complexity of running ageing systems.
The principal insurance policies in place are the group crime and
professional indemnity, and group directors’ and officers’ liability The group is cognisant of the mounting risk posed by cyber
policies. In addition, the group has fixed assets and liabilities crime and significant investments are made to enhance security
coverage in respect of office premises and business contents, capabilities and accelerate its strategic directives. Cyber risk
third-party liability for visitors to the group’s premises, and receives extensive focus at every level of the organisation across
employer’s liability. The group’s business travel policy provides various governance and management committees. Financial
cover for group staff while travelling on behalf of the group. services remain the most targeted sector from a cyber crime
perspective and, consistent with this trend, a number of attempts
were successfully mitigated without any impact to the group’s
GOVERNANCE operations or customers. Many of these incidents were prevented
The primary management level governance committees as a direct result of the advanced cyber defence capabilities
overseeing operational risk are GROC and the group operational introduced in 2016 and 2017.
risk committee. The primary governance documents are the
operational risk governance framework, and the operational risk Financial institutions in particular are vulnerable to distributed
governance standard. denial of service (DDOS) attacks. The group has activated a
DDOS mitigation service provided by our internet service
Operational risk subtypes report to various governance provider, that is capable of mitigating the majority of DDOS
committees and have governance documents applicable to each attack types, allowing our services, like internet banking, to
risk subtype. remain usable during an attack.
The group has also implemented several advanced endpoint

APPROVED REGULATORY security controls that mitigate the risk of commodity
CAPITAL APPROACH ransomware. These controls include an enterprise detection and
response tool that is capable of detecting advanced malware and
The group has approval from the SARB to use the AMA for SBSA containing infections across the organisation.
and the standardised approach for all other legal entities. In 2017,
the BCBS released the final regulations for the new standardised It is expected that banking regulators across most territories will
approach to be used for the calculation of operational risk issue cyber regulations in the coming year. In 2017, the SARB
regulatory capital, which is due to take effect from issued guidelines to banks to ensure that they are developing
1 January 2022. resilient systems that can recover quickly in the event of a cyber
incident. Other regulators on the continent are following suit, with
The group will maintain its current approved regulatory capital the Kenyan Central Bank issuing similar guidelines.
approach until the transition date. Furthermore, alternative
capital approaches, including calculation and allocation Increased collaboration across the sector and authorities is
methodologies, to be used in a post-AMA regime will be explored. assisting with the combating of cyber risks in order to strengthen
resilience. Cyber security awareness messages are regularly sent
to customers with helpful security advice and, through industry-
OPERATIONAL RISK SUBTYPES driven initiatives, the group has contributed to increasing
Cyber risk awareness on topics that are relevant at an industry level.
2017 saw a continued focus on improving cyber security The global shortage of cyber security skills is well documented
capabilities. and, in an attempt to reduce this shortage, graduate staff will be
taken through a specialised development programme.
In response to the growing volume and sophistication of cyber
crime incidents and attacks, the group has developed a IT cyber
security strategy which is centred around the four key pillars of
Information risk
governance, culture, capability and community, all of which are In 2017 the group experienced no material exposures as a result
crucial for an effective cyber defence strategy. of information breaches. Prevention and proactive detection
mechanisms, which are at the forefront of the group’s strategic
Cyber crime includes cyber fraud, data theft, extortion initiatives, coupled with clear governance, standards and
(ransomware) and malicious business disruption. Many frameworks has contributed towards the protection of the
industries and organisations globally experienced high-profile group’s information and reputation.
cyber crimes in 2017, including healthcare in the UK, a credit
bureau in the USA and financial services in the East. Breaches of
confidential records often lead to an increase in cyber crime
Standard Bank Group

Operational risk Operational risk subtypes continued
With the aim of ensuring that information is secure and Technology risk
customers are consistently educated, targeted awareness
Stability continued to improve in 2017 with a significant decline in
campaigns driving risk-conscious behaviour, improved third-
the volume of high-priority incidents. This can be attributed to
party management, behavioural analytics capabilities and
the executive focus being placed on all dimensions of IT and the
research on trending information risk topics were introduced
management of risks associated with incidents, which also
during 2017.
minimises customer impact. Given the nature and scale of the
group’s business, some interruption is inevitable and IT incidents
Financial crime risk and downtime cannot be completely avoided.
The cost of financial crime is staggering. Each year, tech-savvy
perpetrators defraud banks of more than $50 billion. As Management focus and capability is placed on the ability to
customers, regulators, and the financial industry have gained predict, prevent, detect and rapidly respond to, and manage the
familiarity with various forms of financial crime, the group has risks associated with incidents. For Africa Regions there has been
seen that the underlying risk of financial crimes not only includes a substantial decrease in incidents related directly to applications
the direct action taken by criminals, but also includes the cost of but network links remain a primary challenge.
deterrence, detection, and resolution.
The implementation of the core banking system has been
Credit card fraud is plaguing the industry and the rifest method is completed in target entities within the approved scope and
‘card not present’ fraud. The growing popularity of e-commerce budget. The core banking modernisation programme across the
transactional volumes also provides the ideal opportunity for continent has proved invaluable in mitigating operational risks
criminals to siphon or breach sensitive card data. The group associated with non-standardised legacy platforms. As the group
continuously strives to maintain a balance between the customer continues to augment the technology stack, a portion of
experience and anti-fraud measures by analysing data to investment will always be reserved for security and stability.
establish behaviour towards predicting, preventing, detecting and
responding rapidly to changes in the card fraud threat landscape. Complexity has been identified as a key factor driving many of
the top risks and can negatively impact the achievement of
In 2017 the group introduced new technology and processes to strategic objectives. In order to reduce the risks and continue to
enable detection, monitoring and intervention, to known threats improve customer and staff experience, simplification has been
and fraudulent activities on customers’ accounts, both in South incorporated as one of the group’s key strategic themes.
Africa and in the Africa Regions. To ensure that responses to
fraud incidents are efficient and in near-real time, fraud response Model risk
centres in South Africa, Swaziland, Botswana, Uganda, Ghana,
Model risk is mitigated through the following principles:
Namibia, Lesotho and Zimbabwe were introduced, with a
co-location of multi-disciplinary teams made up of members •fit-for-purpose governance
from the fraud and security value chain. •maintaining a pool of skilled and experienced technical
specialists
The popularity of the online and application banking channels •robust model-related processes.
has contributed towards the prevalence of phishing attacks
industrywide. The group introduced phishing detection and To give effect to these principles, model risk is governed by the
malware detection capabilities in Africa Regions countries to model risk governance framework. This framework defines model
detect compromised cards on phishing sites and account risk, the scope of models, documentation needs, model
takeover. Additionally, malware detection and remediation materiality considerations, high-level model development
solution, which removes malware from infected machines, are requirements, validation requirements, usage and monitoring
available to customers. requirements, the governance and approval processes, and the
roles and responsibilities across the three lines of defence. Model
Phishing site attacks targeting Standard Bank clients reduced risk leverages the operational risk framework.
significantly in 2017, down 53% from 2016. This reduction has
seen a corresponding reduction in the number of online banking In 2017, there were no material exposures related to model risk.
fraud incidents reported over the same period, down 48% from
2016. The decrease in phishing attacks and online fraud incidents Tax risk
is largely due to the implementation of new prevention and
The group’s approach to tax risk is governed by the GAC-
detection controls.
approved tax risk control framework, which includes the tax
The organisation continues to operate with a zero tolerance for strategy and governance standard, supported by policies dealing
employee misconduct and independently investigates all with specific aspects of tax risk such as transfer pricing, indirect
allegations of employee misconduct. Employees are also taxes, withholding taxes and remuneration-related taxes.
provided with ongoing awareness and training and are provided
with the appropriate tools for escalating and reporting
misconduct anonymously.
94
OPERATIONAL RISK
In 2017, the group was exposed to transfer pricing risk, as well Initiatives in 2018 include implementing an electronic litigation
as increased levels of tax assessments raised in Nigeria. A management system to assist with oversight and management of
consistent approach to responding to transfer pricing queries litigation risk.
was coordinated to mitigate the exposure. An overarching tax risk
management strategy will be developed for Nigeria during 2018. Environmental and social risk
Certain aspects of the Africa Regions tax calculations and Environmental and social risk assessment and management
consolidations have been automated to reduce manual deals with two aspects:
intervention and resultant risk. •indirect risk: the environmental and social risks which occur
as a result of our lending or financial services activities
From an industry perspective, the group has been involved in •direct risk: these include our direct environmental and social
various successful lobbying efforts with tax regulators benefiting impact, such as our waste management and the use of energy
the group. and water within group facilities.
Legal risk All financial institutions are exposed to some level of

environmental and social risk through their clients/investees. If
Management of this risk entails constant monitoring of new laws,
left unmanaged, these risks can lead to a decline in the financial
monitoring of changes in existing laws, monitoring of changes in
institution’s reputational image, incur costly litigation and/or loss
interpretations of existing laws by appropriate authorities and
of revenue. The group is not exempt from these exposures, with
ensuring that all obligations imposed by such laws are discharged
the following two key exposures recorded for 2017:
and all rights acquired are valid, binding and enforceable. This
applies to the full scope of group activities and may also include •Allegations of human rights violations and environmental
others acting on behalf of the group. non-compliance were raised by the surrounding communities
of a mining operation in Africa. Lenders (in consultation with
The group has processes and controls in place to identify, the group’s mining client) engaged a consultant to undertake a
manage and mitigate its legal risks. comprehensive review of progress made against an agreed
environmental and social corrective action plan. The report
Generally, legal risk is managed in the first instance by lawyers in proposed a remediation plan, which has since been adopted,
the group company concerned with oversight, coordination and and progress will be monitored.
training provided/facilitated by the group’s legal teams. In •The group experienced negative press and civil society
matters where legal risk is considered material at a group level, campaigns relating to its consideration of financing coal-fired
the legal resources of the group are actively involved to assist the power projects, which has led to the group imposing its own
local legal teams in managing legal risk. Group legal policies and standards when considering such projects.
standards are approved at group level and implemented in the
Africa Regions by the local legal teams. Documentation To mitigate and manage additional exposures, the group has
templates are, when appropriate, standardised in the Africa implemented a new environmental and social risk governance
Regions, as are the legal execution and delivery of products. In standard, developed to establish an overall environmental and
addition, where the group commences business in new social risk management framework for the consistent
geographies, the group legal teams provide more support while identification, measurement and management of environmental
local legal capacity is added. and social risks and opportunities across the group. The current
policy was updated in line with the group standard to define the
In 2017, SBSA was exposed to the South African Competition environmental and social risk framework and its implementation.
Commission complaint alleging that SBSA had colluded with An exceptions list was also developed, which includes global
17 other banks in the trading of USD/ZAR currency pairs over the exclusions and regional restrictions.
period 2007 to 2013. An internal investigation was conducted and
no evidence was found to support the allegation. Based upon
independent legal advice SBSA believes that the evidence made
available by the Competition Commission does not substantiate
the collusion that it contends. Furthermore, the amount of any
penalty, if SBSA’s defence is not successful, would not be
material.
Based on legal assessment, the group believes that none of the

legal claims in the Africa Regions are likely to be materially
determined against the group. Litigation claims currently against
the Africa Regions has significantly reduced from 2016, mainly
due to claims being successfully defended and from the positive
effect of currency changes.
Standard Bank Group

BUSINESS
RISK
96
BUSINESS RISK
Business risk includes strategic risk. Strategic risk is the risk that •stakeholder management to ensure favourable outcomes from
the group’s future business plans and strategies may be external factors beyond the group’s control
inadequate to prevent financial loss or protect the group’s •monitoring the profitability of product lines and customer
competitive position and shareholder returns. The group’s segments
business plans and strategies are discussed and approved by •maintaining tight control over the group’s cost base, including
executive management and the board and, where appropriate, the management of its cost-to-income ratio, which allows for
subjected to stress tests. early intervention and management action to reduce costs
•being alert and responsive to changes in market forces
Business risk is usually caused by the following:
•a strong focus in the budgeting process on achieving headline
•inflexible cost structures
earnings growth while containing cost growth; and building
•market-driven pressures, such as decreased demand, contingency plans into the budget that allow for costs to be
increased competition or cost increases significantly reduced in the event that expected revenues do
•group-specific causes, such as a poor choice of strategy, not materialise
reputational damage or the decision to absorb costs or losses •increasing the ratio of variable costs to fixed costs which
to preserve reputation. creates flexibility to reduce costs during an economic
downturn
The group mitigates business risk in a number of ways, including:
•stress testing techniques applied to assess the resilience of
•performing extensive due diligence during the investment the group’s planned earnings under macroeconomic downturn
appraisal process, in particular for new acquisitions and joint conditions.
ventures
•detailed analysis of the business case for, and financial, The primary governance committee for overseeing this risk is the
operational and reputational risks associated with, disposals group ALCO.
•the application of new product processes per business line
through which the risks and mitigating controls for new and
amended products and services are evaluated
Standard Bank Group

REPUTATIONAL
RISK
98
REPUTATIONAL RISK
Reputation is defined as what stakeholders say and think about reputational impact of such events or developments. Crisis
the group, including its staff, customers and clients, investors, management teams are in place both at executive and business
counterparties, regulators, policymakers, and society at large. line level. This includes ensuring that the group’s perspective is
Analysts, journalists, academics and opinion leaders also fairly represented in the media. In addition, more attention is
determine the group’s reputation. The group’s reputation can be being paid to leveraging opportunities to proactively bolster the
harmed from an actual or perceived failure to fulfil the group’s reputation among influential stakeholders through
expectations of our stakeholders due to a specific incident or programmes, including stakeholder engagement, advocacy,
from repeated breaches of trust. sponsorships, and corporate social initiatives.
Reputational harm can adversely affect the group’s ability to The principal governance document is the reputational risk
maintain existing business, generate new business relationships, governance standard and the group’s qualitative RAS includes a
access capital, enter new markets, and secure regulatory licences statement on reputation.
and approvals.
The newly established supplier risk management committee
Safeguarding and proactively managing the group’s reputation ensures enhanced due diligence for the suppliers that the group
is of paramount importance. There is growing awareness of deals with. In this regard, matters such as participation in
reputational risks arising from compliance breaches, social financial crime or in activities that could cause reputational
and environmental considerations, as well as from ethical damage to the group are considered. This committee considers
considerations linked to countries, clients and sectors. new relationships, as well as relationships where the risk profile
of the supplier changed.
The group is increasingly managing reputational risk from a
tactical and reactive perspective, as well as from a strategic and The group’s code of ethics is an important reference point for all
proactive perspective. In respect to crisis response, the group’s staff. The group ethics officer and group chief executive are the
crisis management processes are designed to minimise the formal custodians of the code of ethics.
Standard Bank Group

RESTATEMENTS
100
RESTATEMENTS
CAPITAL ADEQUACY RATIOS OF CCR1: ANALYSIS OF CCR EXPOSURE
BANKING SUBSIDIARIES BY APPROACH AND CCR2: CVA CAPITAL
The capital adequacy ratio for 2016 was restated to align to CHARGE
Liberty’s disclosure. Figures have been reclassified to take into account CCR8
Refer to page 30. CCP and default funds
RCM 30
Refer to page 57.
RCM 57
SUMMARY COMPARISON OF CCR6: CREDIT DERIVATIVES

ACCOUNTING ASSETS VS LEVERAGE EXPOSURES
RATIO EXPOSURE MEASURE, COMMON Index credit default swaps for 2016 are separately disclosed
DISCLOSURE TABLE AND to bring the disclosure in line with 2017.
RECONCILIATION WITH ANNUAL RCM 61

Refer to page 61.
FINANCIAL STATEMENTS
The 2016 reported figures were restated to give effect to the
further clarity provided by the BCBS on the treatment of
insurance entities outside the scope of regulatory
consolidation.
Refer to
RCM 31–
32 pages 31 –32.
CR3: CRM TECHNIQUES COUNTRY RISK

The amounts presented for 2016 have been restated to Medium- and high-risk country EAD concentration
ensure that amounts secured by more than one CRM by country ceiling and country risk exposure by region and
technique are only disclosed as secured in one of the risk grade 2016 figures have been restated to exclude
categories. This ensures that overcollateralisation is not cross-border exposure to South Africa.
reflected in the tables.
Refer to
Refer to page 51. RCM 70–
71 page 70 – 71.
RCM 51
CR7: IRB – EFFECT ON RWA OF CREDIT LIQUIDITY COVERAGE RATIO

DERIVATIVES USED AS CRM The 2016 stable deposits have been restated to exclude the
depositor compensation scheme for Wealth International
TECHNIQUES which was previously classified as less stable deposits.
The 2016 disclosure quantified the impact of other CRM
techniques in addition to credit derivatives. The 2016 figures Refer to page 75.
have been restated to consider the RWA impact of credit RCM 75
derivatives only.
Refer to page 53.
RCM 53
Standard Bank Group

ANNEXURE A – REGULATORY AND LEGISLATIVE

DEVELOPMENTS IMPACTING THE GROUP
The impact of new regulatory standards that have been Regulations developed over the past number of years can be
developed by international standard setting bodies and classified into three main categories:
regulators in the wake of the global financial crisis is significant •conduct and culture
for financial institutions. Different regulatory regimes apply in the
•resolvability
countries in which the group operates, but there is commonality
•financial sustainability.
in many of the focus areas.
In line with the international regulatory agenda, South Africa is
The group continues to take a strategic approach to its internal
adopting Twin Peaks in the form of the Financial Sector
regulatory response in order to efficiently and effectively deal
Regulation Act, which establishes two new regulatory authorities,
with the breadth and complexity of emerging regulations. This
namely the Prudential Authority and the Financial Sector
ensures that the group entities are appropriately positioned
Conduct Authority, with the SARB playing the role of the
within the context of the new regulations and are able to deliver
Resolution Authority. The diagram below provides a view of the
the best client outcomes.
regulatory changes across the three main categories.
SUSTAINABLE BUSINESS MODEL
Conduct and culture

Resolvability Financial sustainability
(Financial Sector
(Resolution Authority) (Prudential Authority)
Conduct Authority)
Conduct and culture Resolvability Profitability
Focus on: •meet all legislative require- ROE more than covers the cost
•customer fairness ments for resolution of equity
•market integrity •credible and effective •profitable business lines
•consumer empowerment resolution funding plans •cost control.
•executive and board •facilitate resolution planning
accountability by the authorities
•bias and conflicts of interest •legal and operational
•fees structure Capital and liquidity
•transparency •continuity of critical economic
•transformation. functions and of the services
that support them •meet all regulatory capital
•sufficient loss absorbing leverage and liquidity
capacity. requirements
Enabling policy and legislation
•meet internally assessed
capital and liquidity require-
ments
•Financial Sector Regulation Enabling regulations •capital and liquidity planning
Act •ability to access equity and
•Insurance Act additional funding as and
•Conduct of Financial •higher loss absorbing capacity when required.
Institutions Bill requirements (D-SIB), total
•Retail Distribution Review loss absorbing capacity
•National Credit Amendment •recovery and resolution plans
Bill. •South African resolution Enabling regulations
framework and standards
•resolvability assessment
•structural reform. •capital quality and buffers
•range of risks assessed:
IRRBB, fundamental review of
the trading book (FRTB),
securitisations, credit risk
approaches, implications of
output floors and CVA
•LCR and NSFR
•leverage ratio
•SAM
•OTC derivatives.
102
The key regulations that have been finalised over the past year, as well as the regulations that are expected to be finalised in the short
term are outlined below.
BASEL
In response to the financial crisis, the BCBS introduced a range of reforms which were designed to enhance the resilience of the banking
system against shocks.
During November 2014, the BCBS issued its work programme aimed at addressing excessive variability in banks’ regulatory capital
ratios. In December 2017, the BCBS finalised these post-crisis regulatory reforms. The revisions seek to restore credibility in the
calculation of RWA and improve the comparability of banks’ capital ratios.
Refer to the table below for an overview of the Basel III regulatory reforms, as well as the remaining/outstanding key aspects under
consideration by the BCBS.
RECENT BASEL REGULATORY DEVELOPMENTS
Credit risk –
Credit risk –
standardised
IRB
approach
•generally, the
revisions •new and/or increased input floors for PDs and LGDs, for both corporate
and retail exposures
introduce more
risk-sensitive, •removal of the conservative IRB scaling factor of 1.06
granular, and •greater specification of parameter estimation practices to reduce RWA
detailed variability
approaches, •the revised scope of IRB approaches for asset classes are outline below.
including, for
example: Current SBSA Basel III available
– for residential Asset class approach approaches
FINALISED
and commercial
real estate •Large and mid-sized •AIRB •FIRB, standardised
corporates approach
– for unrated
exposures to •Banks* and other •AIRB •FIRB, standardised
banks and financial institutions approach
corporates
•Equities •Market-based •Standardised
•recalibration of approach approach
risk weighting for
rated exposures •Specialised lending •AIRB •AIRB, FIRB, slotting,
•separate standardised
approach.
treatment for
covered bonds, * Requirement for claims to domestic public sector enterprises that are not treated as
specialised exposures to sovereigns under the standardised approach are to be treated like banks and
lending and thus be risk-weighted using the FIRB rules.
exposures to
SMEs.
CVA risk capital charge

The revised CVA framework is aimed at enhancing risk sensitivity, strengthening robustness and
improving consistency.
Standard Bank Group

Annexure A – Regulatory and legislative developments impacting the group continued
RECENT BASEL REGULATORY DEVELOPMENTS CONTINUED
Operational risk –
Market risk – FRTB
standardised approach
•revised boundary of the trading and banking

books and firmer approval of internal models The new standardised approach for operational risk
determines a bank’s operational risk capital
•sensitivity-based analysis (forms the new
requirements based on two components: (i) a
standardised approach) also serves as
measure of a bank’s income; and (ii) a measure of a
a floor for the IMA bank’s historical losses. Conceptually, it assumes:
•IMA with expected shortfall based on stressed
calibration as a key metric, and considering
product-specific liquidity horizon. (i) that operational risk increases at an increasing rate
with a bank’s income
FINALISED
(ii) banks which have experienced greater operational

risk losses historically are assumed to be more likely to
experience operational risk losses in the future.
Capital output floor

•the revisions replace the existing capital floor with a more robust, risk sensitive output floor based on
the revised standardised approaches
•total RWA using IMA has a floor calculated by a percentage of RWA as determined through the standardised
approaches
•introduction of the capital output floor in 2022 via a phase-in approach over five years; 2022: 50.0%,
2023: 55.0%, 2024: 60.0%, 2025: 65.0%, 2026: 70.0% and 2027: 72.5%.
Leverage
•definition for derivatives and off-balance sheet items
•introduction of a G-SIB buffer.
Regulatory treatment of sovereign exposures (discussion paper)

The BCBS released a discussion paper on the regulatory treatment of sovereign exposures for comment
on 7 December 2017. The discussion paper proposes, among other things, to remove the:
•current national discretion that allows a preferential risk weight for certain sovereign exposures
OUTSTANDING
•option to apply the AIRB approach for sovereign exposures.
Enhanced disclosure requirements

•phase 1 of the disclosure requirements focused on credit risk, market risk, CCR, equity risk and securitisation.
•in March 2017 the BCBS issued a standard setting out phase 2 disclosure requirements, including changes
to format and frequency. These enhancements included the introduction of a dashboard of a bank’s key
prudential position, a requirement for the geographical distribution of credit exposures used in the
countercyclical buffer and enhanced liquidity requirements
•phase 3 focuses on disclosure requirements for standardised approach RWA to benchmark internally modelled
capital requirements; asset encumbrance; operational risk; and disclosure requirements arising from recent
policy reforms.
104
OTC DERIVATIVES RECOVERY AND RESOLUTION
The Financial Markets Act (FMA) regulatory reform framework PLANNING
consists of regulations and board notices. Local banks, including
SBSA, are working closely with the National Treasury (NT), the Recovery and resolution planning topics under discussion by the
SARB and the local FSB to ensure that the FMA regulations and global FSB include:
board notices meet the objectives set by the Group of Twenty •operationalising bail-in
(G20) leaders, are harmonised in so far as is possible with the •funding in resolution
frameworks being implemented in other G20 countries, and does •valuation in resolution
not impede on the ability of local counterparts to continue to
•operational continuity.
hedge risk effectively and efficiently with local and/or offshore
counterparts. The FMA regulations will introduce a requirement South Africa is in the process of adopting the global FSB
for standardised OTC derivatives transactions to be cleared standards for the effective management of institutions under
through a CCP, and for non-cleared transactions to become severe circumstances that could affect the stability of the
subject to bilateral exchange of initial and variation margin, financial system. These guidelines require the development of
together with the application of additional risk mitigation recovery and resolution plans, another form of proactive planning
techniques (including portfolio reconciliation and portfolio within the risk management framework and is described in the
compression). diagram below. With recovery planning widely adopted, the South
African regulatory focus has shifted to resolution planning.
LEVELS OF STRESS
Recovery Resolution
The recovery plans for systemically important In the event that these actions prove
institutions proactively identify management unsuccessful, the resolution plan sets out
actions which can be adopted during periods the approach to resolve the entity in an
of severe stress to restore their financial orderly manner while minimising the impact
POINT OF RESOLUTION
strength and viability. on its stakeholders.
The group’s approach The group’s approach
The group’s integrated recovery plan was Multiple regulatory authorities across home
developed to provide a valuable tool to and host jurisdictions in the group are in the
management and the board to manage the process of defining their countries’
implications of severe stress and proactively resolution frameworks. These resolution
addresses potential hurdles in effecting these frameworks will address the global topics of
actions. The group is obtaining similar resolution authority mandate, tools available
benefits from planning for the stability of its under resolution such as bail-in, the creditor
subsidiaries under severe conditions and hierarchy and enabling mechanisms.
through the rollout of the development of
subsidiary recovery plans.
A view on As part of improving financial stability and in line with international developments,
recovery and five out of 18 regulators from the group’s host countries have issued draft guidelines
resolution or requirements for banks in their respective jurisdictions to develop recovery plans.
planning in the The regulatory requirements are aligned to the FSB’s key attributes of effective
Africa Regions resolution regimes for financial institutions.
Where host country requirements are not yet defined, subsidiaries develop their
recovery plans in line with group standards. Both the group and its banking
subsidiaries have obtained value in understanding their core business lines and
critical functions and from proactively identifying plausible recovery actions.
Standard Bank Group

Annexure A – Regulatory and legislative developments impacting the group continued
FINTECH REGULATIONS Insurance

Recently technology driven innovation in the financial services The Insurance Act
industry, or ‘fintech’, has attracted increasing attention. Sizeable The Insurance Act has been signed into law by the president
investments have been made by banks and venture capital funds, and is expected to be effective from 1 July 2018.
indicating the expectations for substantial change. Against this
backdrop, the FSB and BCBS have set up task groups to consider Solvency assessment and management
the potential implications of this development from an industry, The SAM implementation date will coincide with the
regulatory and financial stability perspective. The international effective date of the Insurance Act which is now expected to be
standard setting bodies have provided high-level 1 July 2018.
recommendations for both the supervisors and the industry to
mitigate and manage any new risks through enhanced risk Amendments to Regulations to the Insurance Act
management, monitoring processes and upskilling of resources. and policyholder protection rules
The amendments to the regulations to the Insurance Act and the
SOUTH AFRICA policyholder protection rules were published in December 2017.
These changes take effect on different dates over the next two
Twin Peaks regulatory framework years (as from 1 January 2018) and capture a number of
The Financial Sector Regulation Act was approved in 2017, and is initiatives that have been in development over the last number of
to be adopted in 2018. The Twin Peaks system consists of a years, for example, new caps on charges on causal events,
Prudential Authority focused on the safety and soundness of changes in maximum commission payable on consumer credit
financial institutions, and a Financial Sector Conduct Authority insurance products and elements of the retail distribution review.
focused on the manner in which financial institutions conduct
their business, market integrity, the fair treatment of customers The conduct-related pieces of legislation in the Insurance Act will
and financial education. The Act will be implemented in two be replaced by the Conduct of Financial Institutions Act, the first
stages: draft of which is expected towards the end of 2018.
•phase one: establishes the two regulatory authorities to
harmonise the various sub-sectoral legislation AFRICA REGIONS
•phase two: aligns existing legislation into prudential and The regulatory landscape in the group’s Africa Regions has seen
market conduct standards across the sector, and defines new an increase in capital requirements from many of the local
legislation where appropriate. regulators, indicating a more focused, risk averse view on
banking regulations with continued strategy around building
Prudential regulation financial institutions that will have a positive impact on the
The South African prudential regulation framework is aligned to economic development of the societies in which they operate.
the G20 international regulatory standards. Refer to the Basel Banking regulators have also strengthened corporate governance
section on page 103 for an overview of the most pertinent rules, updated banking laws and implemented measures to
prudential developments. mitigate risk.
The increased regulatory focus on building stable, sound,

Market conduct transparent financial institutions has, however, not curbed the
The market conduct policy framework sets out proposals to declining rate of correspondent banking relationships. The reason
reform the regulatory system for the financial sector. for the termination of these correspondent banking relationships
has been observed to be mainly due to risk of regulatory
The new Financial Sector Conduct Authority, which will come into sanctions, cost of regulatory compliance, risk appetite and
effect when the Financial Sector Regulation Act is implemented, increased due diligence requirements.
will streamline the supervision and regulation of conduct,
including the system of licensing, supervision, enforcement, With the African continent said to be among the emerging
customer complaints, appeal mechanism and customer advice market regions worst affected by the decline in correspondent
and education. The underpinning legislation for the conduct banking according to the International Monetary Fund, regional
authority, the draft Conduct of Financial Institutions Bill, is banks are seen to feature more prominently on the financial
expected to be released for comment in 2018. services landscape in Africa. Regional banks now become
essential to continue the drive for connectedness and thereby
In line with this strategy, the SARB’s review of the National financial inclusion of the continent into the global economy, as
Payment System Act will result in, among other outcomes, the banks worldwide find it more efficient in maintaining
incorporation of conduct reforms that will be applicable to relationships with fewer groups present across numerous
payment service providers. countries in the African continent.
Consumer credit More than 300 regulatory developments with an impact on the
The National Credit Amendment Act was amended in 2017 and is group were issued in the Africa Regions in 2017. In recent years,
being debated in Parliament this year. Proposed changes include there has also been a significant increase in the frequency and
activities to assist over-indebted low-income customers through intensity of regulatory inspections observed in the Africa Regions.
debt relief measures, and mechanisms to allow the National More than 50 regulatory inspections were performed in 2017.
Credit Regulator to penalise reckless lenders more directly. The
Most jurisdictions on the African continent have exchange control
group is engaging with policymakers and lawmakers on the Bill.
regulations with varying degrees of restrictions. In most cases,
regulators have detailed requirements for approval and
supporting documentation for imports and exports.
106
Intense regulatory scrutiny by local regulators and regional and
global bodies has been observed on AML and CTF in 2017 and
this is expected to continue in 2018. Enhancements to legal
frameworks and enforcement mechanisms are anticipated.
Regulators have exerted pressure on financial organisations to
enhance transaction monitoring and reporting abilities and have
issued fines where these have been deemed inadequate.
Several regulators issued consumer protection legislation aimed

at aligning requirements to international best practice.
Protectionist regulation with respect to banking fees and interest
charged on products and services continues to receive regulatory
focus. This has manifested through regulatory inquiries
undertaken and efforts made by regulators to enhance consumer
literacy through the development of a credit website aimed at
providing information on the total cost of credit with various
disclosure tools. Regulatory scrutiny on the management of
customer complaints has also been noted.
Protecting personal information has increasingly become more

difficult in the era of interconnectivity, the internet, and big data.
Data protection legislation can therefore go a long way in aiding
appropriate and responsible use of personal information. There is
also international regulatory focus on data protection that has
been observed across the African continent.
IFRS
The group is actively preparing for the adoption of new IFRS
accounting developments, some of which are effective from
1 January 2018.
These include:
•IFRS 9 – Financial Instruments, effective 1 January 2018
•IFRS 15 – Revenue from Contracts with Customers, effective
1 January 2018
•IFRS 16 – Leases, effective 1 January 2019
•IFRS 17 – Insurance Contracts, effective 1 January 2021
For further information regarding these and other accounting
AFS developments, please refer to annexure F – detailed
accounting policies in the group’s AFS.
Standard Bank Group

ANNEXURE B – BASEL PILLAR 3 CREDIT TABLES
CR6: IRB – CREDIT RISK EXPOSURES BY PORTFOLIO AND PD RANGE (BANKING OPERATIONS)1
Refer to page 46 – 47 for the total of the following asset classes.
Corporates
2017
0.00 to < 0.15 18 117 12 033 43.47 23 403 0.08
0.15 to < 0.25 34 760 15 078 44.24 41 536 0.22
0.25 to < 0.50 82 151 54 091 43.74 106 153 0.39
0.50 to < 0.75 39 161 12 237 46.03 44 943 0.64
0.75 to < 2.50 60 760 15 262 48.79 68 549 1.35
2.50 to < 10.00 10 885 3 015 59.07 12 701 3.77
10.00 to < 100.00 2 053 1 201 44.06 2 615 15.88
100.00 (default) 2 401 1 546 45.52 3 105 100.00
Subtotal 250 288 114 463 44.97 303 005 1.89
2016
0.00 to < 0.15 10 796 10 580 45.80 18 700 0.09
0.15 to < 0.25 40 465 13 430 43.06 47 939 0.22
0.25 to < 0.50 85 036 46 696 47.75 107 542 0.39
0.50 to < 0.75 38 963 18 756 46.23 47 136 0.64
0.75 to < 2.50 49 490 16 472 48.87 57 155 1.38
2.50 to < 10.00 14 488 5 488 52.90 14 324 3.81
10.00 to < 100.00 2 453 330 73.88 2 710 17.26
100.00 (default) 2 724 430 50.00 2 939 100.00
Subtotal 244 415 112 182 47.29 298 445 1.87
Specialised lending – high volatility commercial real estate (property development)
2017
0.00 to < 0.15
0.15 to < 0.25
0.25 to < 0.50
0.50 to < 0.75
0.75 to < 2.50 30 30 1.41
2.50 to < 10.00
10.00 to < 100.00
100.00 (default) 1 1 100.00
Subtotal 31 31 3.85
2016
0.00 to < 0.15
0.15 to < 0.25
0.25 to < 0.50 75 75 0.45
0.50 to < 0.75
0.75 to < 2.50 11 11 0.90
2.50 to < 10.00 388 388 3.58
10.00 to < 100.00
100.00 (default) 39 39 100.00
Subtotal 513 513 10.40
1 Refer to page 47 for an explanation of the items included in this analysis.
108
Average Average RWA
Number LGD maturity RWA density EL Provisions
of obligors % Years Rm % Rm Rm
203 32.59 1.60 3 722 15.90 6

209 18.09 2.10 7 041 16.95 16
536 24.65 2.00 34 953 32.93 102
349 24.82 1.90 19 085 42.46 71
10 493 30.84 1.90 46 337 67.60 281
354 34.15 1.60 13 232 104.18 167
82 31.38 1.70 3 884 148.53 135
164 43.01 1.30 309 9.96 2 204
12 390 26.43 1.90 128 563 42.43 2 982 3 365
112 32.80 1.90 3 463 18.52 5

179 21.18 1.90 9 597 20.02 22
545 23.90 2.10 35 199 32.73 101
292 27.27 1.90 21 844 46.34 82
1 619 30.81 1.90 39 785 69.61 248
3 582 33.65 1.60 14 713 102.72 190
84 37.07 1.50 4 843 178.71 184
536 35.97 1.30 218 7.42 2 044
6 949 26.58 1.90 129 662 43.45 2 876 2 512
Average Average RWA

3 23.24 2.00 15 48.93
1 14.11 5.00
4 23.02 2.10 15 47.71
1 8.92 1.00 10 13.23
2 10.71 1.00 2 21.53

3 25.63 1.00 289 74.65 3
2 15.21 5.00 26
8 22.07 1.30 301 58.87 29 28
Standard Bank Group

Annexure B – Basel pillar 3 credit tables continued
CR6: IRB – CREDIT RISK EXPOSURES BY PORTFOLIO AND PD RANGE (BANKING OPERATIONS)1 CONTINUED
Specialised lending – income-producing real estate
2017
0.00 to < 0.15 3 3 0.11
0.15 to < 0.25 635 635 0.21
0.25 to < 0.50 6 452 2 309 40 7 364 0.43
0.50 to < 0.75 2 951 2 950 0.64
0.75 to < 2.50 5 509 83 59 5 559 1.07
2.50 to < 10.00 1 082 1 082 3.10
10.00 to < 100.00 8 8 28.96
100.00 (default) 23 23 100.00
Subtotal 16 663 2 392 39.97 17 624 0.97
2016
0.00 to < 0.15 2 2 0.11
0.15 to < 0.25 382 382 0.20
0.25 to < 0.50 5 600 19 100.00 5 620 0.43
0.50 to < 0.75 3 422 44 99.07 3 465 0.64
0.75 to < 2.50 5 080 5 98.10 5 085 1.16
2.50 to < 10.00 937 937 3.57
10.00 to < 100.00 9 9 20.40
100.00 (default) 31 31 100.00
Subtotal 15 463 68 99.26 15 531 1.11
Specialised lending – project finance
2017
0.00 to < 0.15
0.15 to < 0.25 1 515 533 54 1 803 0.23
0.25 to < 0.50 4 125 214 71 4 277 0.37
0.50 to < 0.75 5 431 150 49 5 505 0.64
0.75 to < 2.50 5 184 533 90 5 664 1.15
2.50 to < 10.00 2 326 2 326 3.63
10.00 to < 100.00
100.00 (default) 709 709 100.00
Subtotal 19 290 1 430 65.40 20 284 4.51
2016
0.00 to < 0.15
0.15 to < 0.25 367 367 0.23
0.25 to < 0.50 5 502 319 64.80 5 709 0.42
0.50 to < 0.75 4 035 68 50.00 4 069 0.64
0.75 to < 2.50 5 283 870 68.96 5 882 1.36
2.50 to < 10.00 1 933 1 933 4.46
10.00 to < 100.00
100.00 (default) 759 759 100.00
Subtotal 17 879 1 257 66.50 18 719 5.21
110
Average Average RWA
10 5.00 1.0 2.41

52 10.69 3.1 75 11.82
168 13.15 2.8 1 559 21.17 4
145 14.07 2.5 727 24.66 3
194 16.91 2.7 2 094 37.66 10
57 20.51 2.2 642 59.35 7
1 8.04 3.4 4 48.65
7 17.59 4.7 44 192.11 5
634 14.85 2.70 5 145 29.19 29 81
10 5.19 1.4 2.87

75 8.09 2.6 32 8.28
197 12.36 2.7 1 059 18.85 3
167 12.99 2.7 810 23.37 3
193 15.93 2.3 1 732 34.10 10
75 22.10 2.3 653 69.64 8
3 8.21 3.9 5 49.06
9 18.33 2.8 14 43.34 10
729 14.16 2.5 4 305 27.72 34 26
Average Average RWA

2 22.00 2.9 473 26.21 1

13 20.00 4.7 1 682 39.33 3
8 22.00 4.4 2 785 50.59 8
13 26.00 4.8 4 294 75.79 17
3 35.00 4.5 2 657 114.25 29
2 37.00 4.7 427

41 24.72 4.5 11 891 58.62 485 520
1 17.09 4.7 100 27.25

14 21.73 4.6 2 539 44.47 5
8 22.73 4.5 2 144 52.69 6
10 28.11 4.3 4 392 74.67 23
5 19.68 3.4 1 356 70.15 16
2 37.23 5.0 924 121.74 350

40 24.28 4.4 11 455 61.19 400 382
Standard Bank Group

CR6: IRB – CREDIT RISK EXPOSURES BY PORTFOLIO AND PD RANGE (BANKING OPERATIONS) 1 CONTINUED
SME corporate
2017
0.00 to < 0.15 588 64 74 650 0.10
0.15 to < 0.25 2 523 127 74 2 643 0.22
0.25 to < 0.50 1 922 348 73 2 242 0.34
0.50 to < 0.75 8 192 369 71 8 486 0.63
0.75 to < 2.50 13 455 749 65 14 009 1.39
2.50 to < 10.00 5 441 379 66 5 719 4.14
10.00 to < 100.00 779 25 70 798 18.01
100.00 (default) 779 50 779 100.00
Subtotal 33 679 2 061 68.47 35 326 4.03
2016
0.00 to < 0.15 645 80 70.68 1 514 0.07
0.15 to < 0.25 2 675 131 74.63 3 053 0.17
0.25 to < 0.50 2 719 565 72.41 2 400 0.36
0.50 to < 0.75 5 369 246 63.08 5 539 0.64
0.75 to < 2.50 12 276 930 65.24 12 729 1.28
2.50 to < 10.00 2 197 344 63.59 2 437 4.40
10.00 to < 100.00 595 23 70.83 616 11.32
100.00 (default) 469 50.00 469 100.00
Subtotal 26 945 2 319 67.25 28 757 2.99
Securities firms
2017
0.00 to < 0.15 373 90 100.00 463 0.07
0.15 to < 0.25
0.25 to < 0.50 113 42.24 48 0.36
0.50 to < 0.75
0.75 to < 2.50 1 39.50 1.81
2.50 to < 10.00 1 1 6.47
10.00 to < 100.00
100.00 (default)
Subtotal 374 204 56.65 512 0.11
2016
0.00 to < 0.15 380 380 0.08
0.15 to < 0.25 133 167 30.22 201 0.23
0.25 to < 0.50 15 3 50.00 16 0.32
0.50 to < 0.75
0.75 to < 2.50 7 1 99.43 7 1.76
2.50 to < 10.00
10.00 to < 100.00
100.00 (default)
Subtotal 535 171 30.88 604 0.16
112
Average Average RWA
29 26 2.0 116 17.78

32 17 1.2 361 13.65 1
88 26 1.9 695 31.07 3
142 16 2.0 2 134 25.15 8
521 17 2.2 4 756 33.95 36
288 28 2.1 4 570 79.91 70
32 31 2.1 1 041 130.40 50
33 33 2.2 39 4.95 509
1 165 19.88 2.0 13 712 38.82 677 664
29 35.14 1.8 224 14.80

39 28.00 1.4 581 19.03 1
109 29.17 1.7 817 34.04 3
52 12.49 2.2 1 084 19.57 4
286 20.12 2.1 5 204 40.88 35
99 24.89 2.0 1 710 70.17 29
23 28.31 1.7 690 112.01 20
17 29.64 3.0 261
654 21.77 2.0 10 310 35.85 353 327
Average Average RWA

12 40.11 1.8 118 25.39
5 40.09 1.1 26 54.08
1 40.09 1.0 87.33

2 29.54 0.9 1 102.37
20 40.09 1.7 145 28.23 37
13 40.57 1.0 75 19.80

8 40.09 1.0 80 40.04
10 40.09 1.0 7 39.40
29 39.73 1.0 6 87.64
60 40.39 1.0 168 27.84
Standard Bank Group

Sovereign
2017
0.00 to < 0.15 73 620 12 26.59 73 623 0.01
0.15 to < 0.25 30.33 0.21
0.25 to < 0.50 2 307 15 11.63 2 310 0.45
0.50 to < 0.75 2 46 29.94 16 0.61
0.75 to < 2.50 1 926 14 35.60 1 927 0.95
2.50 to < 10.00 6 24 26.81 10 9.23
10.00 to < 100.00 21 14 38.37 21 30.20
100.00 (default) 4 4 100.00
Subtotal 77 886 125 25.30 77 911 0.06
2016
0.00 to < 0.15 80 631 3 53.67 82 357 0.01
0.15 to < 0.25
0.25 to < 0.50 2 591 19 13.64 2 594 0.45
0.50 to < 0.75 12 10.14 1 0.67
0.75 to < 2.50 2 608 323 51.32 1 040 1.10
2.50 to < 10.00 18 16 37.97 19 4.73
10.00 to < 100.00 21 17 42.16 22 21.54
100.00 (default) 3 3 100.00
Subtotal 85 872 390 50.04 86 036 0.05
2017
0.00 to < 0.15 4 348 4 348 0.02
0.15 to < 0.25 1 237 99.85 1 236 0.23
0.25 to < 0.50 842 2 994 38.12 1 986 0.34
0.50 to < 0.75 4 582 6 214 39.13 7 014 0.64
0.75 to < 2.50 11 216 2 751 62.32 12 939 1.67
2.50 to < 10.00 560 4 16.79 560 5.13
10.00 to < 100.00 4 345 43.47 152 10.52
100.00 (default) 100.00
Subtotal 21 552 13 545 44.84 28 235 1.12
2016
0.00 to < 0.15 9 747 5 891 42.53 12 236 0.02
0.15 to < 0.25 2 784 1 818 33.10 3 395 0.22
0.25 to < 0.50 6 611 543 41.64 6 816 0.40
0.50 to < 0.75 8 18.49 2 0.66
0.75 to < 2.50 18 7 39.23 20 1.28
2.50 to < 10.00 641 9 72.67 642 3.62
10.00 to < 100.00 5 1 39.40 5 22.19
100.00 (default)
Subtotal 19 806 8 277 41.55 23 116 0.27
114
Average Average RWA
6 29.16 1.5 2 759 3.75 3

3 37.01 1.0 26.90
7 34.97 1.0 940 40.68 4
8 29.00 1.1 7 40.16
8 45.99 1.3 1 566 81.26 9
8 37.66 1.0 14 150.52
15 37.66 1.0 43 204.62 2
5 37.66 1.0 5 127.38 1
60 29.75 1.4 5 334 6.85 19 364
7 28.67 1.4 2 917 3.54 3
9 34.97 1.0 1 054 40.68 4

5 32.61 1.0 1 54.37
12 49.34 1.0 909 87.42 6
6 32.61 1.0 22 115.22
13 32.61 1.0 42 192.20 2
7 32.61 1.0 3 101.64 1
59 29.11 1.4 4 948 5.75 16 11
Average Average RWA

1 28.94 3.2 503 11.57

5 13.18 2.1 166 13.41
10 27.96 2.1 703 35.40 3
8 26.29 1.5 2 861 40.79 12
8 22.45 3.6 8 434 65.18 48
9 10.49 1.0 185 32.96 3
12 26.59 1.2 173 113.53 4
2 37.66 1.0 127.38
55 24.17 2.8 13 025 46.13 70 134
8 30.57 2.8 3 612 29.52 11

11 26.29 2.9 884 26.05 3
19 18.55 3.0 1 575 23.10 3
8 26.22 2.0 1 45.51
46 25.07 2.4 11 52.47
60 24.16 1.0 189 29.40 3
41 32.61 1.0 9 198.89
(1)
192 26.21 2.8 6 281 27.17 20 6
Standard Bank Group

Local government and municipalities
2017
0.00 to < 0.15 205 205 0.14
0.15 to < 0.25 3 75.00 3 0.21
0.25 to < 0.50 45 1 9.73 45 0.42
0.50 to < 0.75 391 391 0.64
0.75 to < 2.50 1 442 500 39.50 1 639 1.85
2.50 to < 10.00 13 1 9.74 13 4.33
10.00 to < 100.00 2 2 11.70
100.00 (default) 100.00
Subtotal 2 098 505 39.22 2 298 1.49
2016
0.00 to < 0.15 67 67 0.12
0.15 to < 0.25 2 3 75.00 5 0.23
0.25 to < 0.50 51 700 39.45 329 0.32
0.50 to < 0.75 1 123 199 54.00 1 230 0.64
0.75 to < 2.50 206 72 73.51 277 1.26
2.50 to < 10.00 459 68.59 459 2.85
10.00 to < 100.00 20 20 11.46
100.00 (default) 1 1 100.00
Subtotal 1 929 974 45.06 2 388 1.21
Banks
2017
0.00 to < 0.15 42 676 5 633 95.44 48 053 0.07
0.15 to < 0.25 539 272 83.95 768 0.17
0.25 to < 0.50 19 841 76 68.65 19 893 0.45
0.50 to < 0.75 2 52 96.55 52 0.64
0.75 to < 2.50 4 960 956 27.63 5 224 1.37
2.50 to < 10.00 226 63 93.79 285 2.57
10.00 to < 100.00 10.24
100.00 (default) 100.00
Subtotal 68 244 7 052 71.11 74 275 0.27
2016
0.00 to < 0.15 32 774 6 691 87.74 38 645 0.08
0.15 to < 0.25 9 133 593 95.87 9 701 0.21
0.25 to < 0.50 839 311 55.94 1 011 0.33
0.50 to < 0.75 21 25 87.91 43 0.64
0.75 to < 2.50 3 654 407 23.60 3 750 1.48
2.50 to < 10.00 685 793 20.51 848 2.58
10.00 to < 100.00 14 99.76 14 10.26
100.00 (default) 22 22 100.00
Subtotal 47 128 8 834 78.19 54 034 0.29
116
Average Average RWA
15 30.69 1.0 85 41.51

3 30.69 1.0 1 22.29
10 26.31 2.6 18 40.17
6 26.28 4.3 241 61.58 1
36 26.97 1.9 1 418 86.51 9
6 22.05 1.8 8 65.04
2 30.69 1.0 4 168.29
2 37.58 1.0 125.87
80 27.15 2.2 1 775 77.23 10 10
19 33.09 1.0 27 40.69

6 29.81 1.5 1 23.35
17 21.47 1.1 69 20.94
6 22.90 3.6 610 49.51 2
42 29.51 2.2 172 62.20 1
20 33.12 1.0 564 122.97 4
8 24.86 2.3 24 116.59 1
3 32.70 1.0 1 85.08
121 25.76 2.5 1 468 61.46 8 6
Average Average RWA

98 40.30 1 9 184 19.11 14

20 42.96 1 249 32.43 1
24 45.93 1 14 032 70.54 41
6 47.04 1 34 65.81
33 49.28 1 5 036 96.40 35
13 43.16 1 306 107.27 3
1 55.44 1 1 231.77
1 61.93 5
196 42.49 1.1 28 842 38.83 94 392
103 40.54 1.0 7 658 19.82 12

24 43.81 1.1 4 199 43.28 9
47 44.97 1.0 579 57.27 2
9 47.04 1.0 29 67.79
57 49.51 1.0 3 740 99.73 26
23 26.71 1.0 558 65.80 6
8 55.41 1.0 37 270.50 1
2 60.16 4.8 22
273 41.63 1.0 16 800 31.09 78 58
Standard Bank Group

Retail mortgages
2017
0.00 to < 0.15 2 075 17 801 58.32 12 455 0.11
0.15 to < 0.25 14 479 15 201 62.46 23 974 0.20
0.25 to < 0.50 42 662 5 468 69.11 46 444 0.39
0.50 to < 0.75 61 251 1 645 102.94 62 949 0.63
0.75 to < 2.50 118 891 483 148.05 119 687 1.31
2.50 to < 10.00 50 728 114 118.01 50 888 4.17
10.00 to < 100.00 23 053 2 122.18 23 057 28.01
100.00 (default) 14 316 14 316 100.00
Subtotal 327 455 40 714 62.83 353 770 7.09
2016
0.00 to < 0.15 881 12 805 43.48 6 452 0.12
0.15 to < 0.25 14 597 20 199 45.21 23 744 0.19
0.25 to < 0.50 60 590 5 931 62.21 64 293 0.39
0.50 to < 0.75 51 075 776 124.11 52 051 0.65
0.75 to < 2.50 101 134 339 148.39 101 083 1.35
2.50 to < 10.00 53 908 116 104.76 54 067 4.21
10.00 to < 100.00 24 196 5 84.30 24 201 27.83
100.00 (default) 13 417 13 417 100.00
Subtotal 319 798 40 171 47.47 339 308 7.20
2 Average maturity years have not been provided since it has not been used in the RWA calculation.
QRRE
2017
0.00 to < 0.15 318 3 990 96.90 4 184 0.11
0.15 to < 0.25 528 2 228 90.35 2 536 0.19
0.25 to < 0.50 1 110 2 507 84.33 3 204 0.35
0.50 to < 0.75 1 906 6 832 39.21 4 250 0.67
0.75 to < 2.50 19 844 14 870 50.66 26 144 1.60
2.50 to < 10.00 28 193 4 736 82.77 30 861 4.44
10.00 to < 100.00 6 484 535 86.16 7 309 26.22
100.00 (default) 6 092 6 092 100.00
Subtotal 64 475 35 698 56.96 84 580 11.64
2016
0.00 to < 0.15 249 4 122 98.63 4 317 0.10
0.15 to < 0.25 398 1 978 89.82 2 173 0.20
0.25 to < 0.50 948 2 493 81.83 2 964 0.35
0.50 to < 0.75 2 008 7 324 35.59 4 470 0.66
0.75 to < 2.50 18 863 13 564 57.32 24 921 1.58
2.50 to < 10.00 29 076 4 828 74.68 31 727 4.59
10.00 to < 100.00 6 102 821 89.04 6 693 26.95
100.00 (default) 6 490 6 490 100.00
Subtotal 64 134 35 130 64.34 83 755 12.17
118
Average Average RWA
Number LGD maturity2 RWA density EL Provisions
44 190 12.27 400 3.21 2

56 144 12.58 1 302 5.43 6
101 475 11.98 3 822 8.23 22
98 585 13.49 8 228 13.07 54
154 693 16.08 30 165 25.20 255
79 544 16.62 26 016 51.12 350
39 940 16.38 21 051 91.30 1 085
24 147 16.76 316 2.21 3 738
598 718 14.84 91 300 25.81 5 512 5 276
35 217 11.91 214 3.32 1

66 039 12.20 1 181 4.97 6
132 399 12.28 5 453 8.48 31
79 635 13.97 7 219 13.87 47
136 123 15.81 25 418 25.15 216
88 433 16.10 26 898 49.75 366
43 735 16.11 21 749 89.87 1 112
23 318 16.92 403 3.00 3 422
604 899 14.64 88 535 26.09 5 201 4 510
Average Average RWA

131 291 58.21 166 3.96 3

82 418 59.10 165 6.49 3
185 708 59.54 336 10.51 7
229 453 64.04 810 19.06 18
1 090 808 65.99 9 850 37.68 276
1 620 769 64.76 23 133 74.96 877
552 380 62.71 11 868 162.38 1 213
214 140 64.22 1 352 22.19 3 879
4 106 967 64.20 47 680 56.37 6 276 4 234
143 012 59.18 165 3.82 3

72 514 59.03 144 6.63 3
211 038 59.62 316 10.66 6
269 524 64.16 842 18.84 19
951 445 65.51 9 254 37.13 259
1 635 229 63.86 23 919 75.39 916
454 687 65.15 11 354 169.64 1 179
225 553 64.15 62 0.96 4 205
3 963 002 63.98 46 056 54.99 6 590 5 979
Standard Bank Group

Retail – other
2017
0.00 to < 0.15 38 25 109.21 65 0.13
0.15 to < 0.25 132 8 114.50 142 0.18
0.25 to < 0.50 3 472 21 117.55 3 497 0.28
0.50 to < 0.75 666 21 113.57 690 0.63
0.75 to < 2.50 16 340 47 75.93 16 375 1.63
2.50 to < 10.00 14 970 29 111.48 15 004 5.14
10.00 to < 100.00 4 321 18.08 4 322 22.20
100.00 (default) 1 797 1 797 100.00
Subtotal 41 736 151 98.30 41 892 9.09
2016
0.00 to < 0.15 10 2 119.62 13 0.14
0.15 to < 0.25 128 9 117.04 138 0.20
0.25 to < 0.50 2 409 32 112.85 2 446 0.34
0.50 to < 0.75 494 11 112.75 506 0.64
0.75 to < 2.50 17 652 79 100.98 17 733 1.61
2.50 to < 10.00 12 476 51 112.14 12 533 4.69
10.00 to < 100.00 3 726 118.90 3 726 24.39
100.00 (default) 1 782 1 782 100.00
Subtotal 38 677 184 107.82 38 877 9.20
SME retail
2017
0.00 to < 0.15 2 306 5 350 79.01 6 535 0.07
0.15 to < 0.25 1 963 2 038 74.58 3 479 0.19
0.25 to < 0.50 7 614 2 987 63.07 9 460 0.40
0.50 to < 0.75 2 398 1 384 60.46 3 224 0.59
0.75 to < 2.50 19 813 2 793 58.63 21 454 1.39
2.50 to < 10.00 7 345 2 628 34.52 8 361 4.82
10.00 to < 100.00 3 226 235 39.91 3 584 24.81
100.00 (default) 2 278 2 278 100.00
Subtotal 46 943 17 415 59.04 58 375 6.74
2016
0.00 to < 0.15 2 097 5 189 82.53 6 385 0.07
0.15 to < 0.25 2 208 2 009 78.30 3 774 0.20
0.25 to < 0.50 7 822 3 173 63.89 9 796 0.40
0.50 to < 0.75 2 179 1 354 70.14 3 124 0.59
0.75 to < 2.50 20 648 2 650 63.51 22 323 1.37
2.50 to < 10.00 7 537 2 936 32.66 8 477 4.77
10.00 to < 100.00 3 510 313 36.76 3 612 25.03
100.00 (default) 2 447 2 447 100.00
Subtotal 48 448 17 624 65.76 59 938 6.89
120
Average Average RWA
148 34.35 7 10.90

639 9.91 6 4.11
1 438 26.16 489 13.98 3
4 056 30.25 180 26.03 1
93 885 27.91 5 880 35.91 79
105 540 34.91 8 242 54.93 277
92 895 47.34 4 482 103.72 447
30 813 40.41 265 14.75 809
329 414 32.80 19 551 46.67 1 616 991
161 25.35 1 8.40

599 12.49 7 5.42
1 397 26.13 390 15.94 2
2 624 30.43 134 26.48 1
99 242 28.96 6 571 37.06 87
98 407 36.03 7 025 56.05 220
92 136 48.46 4 106 110.20 440
31 157 41.06 2 0.08 837
325 723 33.44 18 236 46.91 1 587 1 395
Average Average RWA

20 453 44.09 571 8.74 2

57 553 44.49 651 18.70 3
93 880 38.98 2 430 25.70 14
21 101 41.84 1 125 34.89 8
117 737 38.52 9 903 46.16 115
125 481 44.04 5 712 68.32 176
58 678 46.19 3 833 106.95 413
14 984 44.75 30 1.30 1 303
509 867 41.26 24 255 41.55 2 034 1 557
75 932 43.87 552 8.65 2

30 259 42.29 684 18.12 3
66 413 38.78 2 511 25.63 15
19 306 43.14 1 124 35.98 8
129 231 39.05 10 424 46.70 120
143 895 43.28 5 684 67.05 172
54 831 43.93 3 670 101.61 401
18 128 43.75 31 1.27 1 294
537 995 41.02 24 680 41.18 2 015 1 830
Standard Bank Group

Equity
2017
0.00 to < 0.15 68 68 0.11
0.15 to < 0.25
0.25 to < 0.50 595 595 0.39
0.50 to < 0.75 110 110 0.64
0.75 to < 2.50 879 879 0.95
2.50 to < 10.00 580 580 2.56
10.00 to < 100.00 1 1 28.96
100.00 (default) 78 78 100.00
Subtotal 2 311 2 311 4.53
2016
0.00 to < 0.15
0.15 to < 0.25 91 91 0.16
0.25 to < 0.50 283 283 0.32
0.50 to < 0.75 253 253 0.64
0.75 to < 2.50 589 589 1.38
2.50 to < 10.00 607 607 2.62
10.00 to < 100.00
100.00 (default) 78 78 100.00
Subtotal 1 901 1 901 5.51
122
Average Average RWA
1 90.00 5.0 218 318.00
3 90.00 5.0 1 056 177.52

3 90.00 5.0 351 318.00
4 90.00 5.0 2 862 325.59 5
2 90.00 5.0 1 895 327.09 14
1 90.00 5.0 3 573.24
2 90.00 5.0 880 1 125.00
16 90.00 5.0 7 265 314.37 19 76
1 90.00 5.0 289 318.00

1 90.00 5.0 900 318.02
3 90.00 5.0 753 297.63
4 90.00 5.0 2 022 343.29 7
5 90.00 5.0 1 996 328.83 15
2 90.00 5.0 70
16 90.00 5.0 5 960 313.52 92 76
Standard Bank Group

CCR4: IRB – CCR EXPOSURES BY PORTFOLIO AND PD SCALE (BANKING OPERATIONS)

Refer to page 46 for the total of the following asset classes.
Corporate

2017
0.00 to < 0.15 493 0.09 13 30.31 1.5 89 18.11
0.15 to < 0.25 1 714 0.22 48 32.03 1.2 454 26.48
0.25 to < 0.50 1 867 0.39 149 34.62 1.5 819 43.86
0.50 to < 0.75 1 061 0.64 72 38.45 2.6 765 72.08
0.75 to < 2.50 574 1.26 115 39.06 1.5 480 83.66
2.50 to < 10.00 217 3.01 43 39.22 1.1 228 105.19
10.00 to < 100.00 6 38.70 3 37.80 1.0 13 202.29
100.00 (default) 100 2 40.09 1.0 1 531.19
Subtotal 5 932 0.59 445 34.80 1.6 2 849 48.03
2016
0.00 to < 0.15 410 0.08 17 34.35 1.1 61 0.15
0.15 to < 0.25 2 428 0.20 47 34.24 1.9 733 0.30
0.25 to < 0.50 3 385 0.40 157 35.28 1.5 1 337 0.39
0.50 to < 0.75 705 0.64 83 36.38 2.7 465 0.66
0.75 to < 2.50 336 1.32 117 38.55 1.6 281 0.84
2.50 to < 10.00 390 3.42 51 38.48 1.2 424 1.09
10.00 to < 100.00
100.00 (default)
Subtotal 7 654 0.58 472 35.32 1.8 3 301 0.49
SME Corporate

2017
0.00 to < 0.15 42 0.08 1 40.09 5.0 15 36.22
0.15 to < 0.25 14 0.23 1 43.89 5.0 8 57.77
0.25 to < 0.50 36 0.32 3 40.09 1.0 14 38.96
0.50 to < 0.75 69 0.64 8 40.09 2.4 44 64.01
0.75 to < 2.50 33 1.14 11 41.36 2.6 32 95.62
2.50 to < 10.00 6 4.17 6 30.62 1.0 5 82.34
10.00 to < 100.00 10.24 1 40.09 1.0 145.79
100.00 (default)
Subtotal 200 0.63 31 40.30 2.9 118 59.06
2016
0.00 to < 0.15 151 0.09 2 40.09 4.2 49 0.32
0.15 to < 0.25 258 0.16 3 40.27 1.2 70 0.27
0.25 to < 0.50 130 0.40 2 40.09 1.0 57 0.44
0.50 to < 0.75 56 0.64 7 34.73 3.6 37 0.66
0.75 to < 2.50 167 1.27 19 39.48 4.5 156 0.93
2.50 to < 10.00 43 3.62 9 39.49 1.0 39 0.91
10.00 to < 100.00
100.00 (default)
Subtotal 805 0.64 42 39.62 2.6 408 0.51
124
Securities firm

2017
0.00 to < 0.15 6 449 0.05 12 38.98 1.1 1 004 15.57
0.15 to < 0.25 0.23 2 40.09 1.0 30.70
0.25 to < 0.50 1 171 0.45 8 39.07 1.0 696 59.45
0.50 to < 0.75 4 0.64 3 38.65 1.0 3 69.97
0.75 to < 2.50
2.50 to < 10.00 2.56 2 31.11 1.0 76.28
10.00 to < 100.00
100.00 (default)
Subtotal 7 624 0.12 27 38.99 1.1 1 703 22.34
2016
0.00 to < 0.15 8 011 0.07 10 40.42 1.6 1 891 0.24
0.15 to < 0.25 478 0.16 8 42.80 1.2 178 0.70
0.25 to < 0.50 285 0.32 4 40.09 1.0 143 0.50
0.50 to < 0.75 0.64 1 40.09 1.0
0.75 to < 2.50 1 1.81 4 40.09 1.0 1 1.00
2.50 to < 10.00
10.00 to < 100.00
100.00 (default)
Subtotal 8 775 0.09 27 40.55 1.50 2 213 0.25
Sovereign

2017
0.00 to < 0.15 1 538 0.01 2 28.13 1.0 36 2.30
0.15 to < 0.25 770 0.23 1 32.77 4.6 400 51.89
0.25 to < 0.50
0.50 to < 0.75
0.75 to < 2.50 1 0.90 1 26.29 4.1 67.36
2.50 to < 10.00
10.00 to < 100.00
100.00 (default)
Subtotal 2 309 0.08 4 29.67 2.2 436 18.87
2016
0.00 to < 0.15 1 471 0.01 2 27.78 1.1 35 0.02
0.15 to < 0.25 517 0.23 1 32.77 4.9 281 0.54
0.25 to < 0.50
0.50 to < 0.75
0.75 to < 2.50
2.50 to < 10.00
10.00 to < 100.00
100.00 (default)
Subtotal 1 988 0.07 3 29.07 2.10 316 0.16
Standard Bank Group

CCR4: IRB – CCR EXPOSURES BY PORTFOLIO AND PD SCALE (BANKING OPERATIONS) CONTINUED

2017
0.00 to < 0.15
0.15 to < 0.25 0.23 1 26.29 1.0 20.13
0.25 to < 0.50 987 0.42 4 42.54 3.1 717 72.82
0.50 to < 0.75 131 0.64 2 26.29 1.6 54 41.11
0.75 to < 2.50 318 1.80 3 26.29 2.5 220 68.94
2.50 to < 10.00 4 5.12 2 26.29 1.0 4 82.44
10.00 to < 100.00 10.24 1 26.29 1.0 109.91
100.00 (default)
Subtotal 1 440 0.76 13 37.41 2.8 995 69.10
2016
0.00 to < 0.15
0.15 to < 0.25 33 0.23 4 26.29 3.7 12 0.36
0.25 to < 0.50 408 0.24 3 28.61 3.3 202 0.50
0.50 to < 0.75
0.75 to < 2.50
2.50 to < 10.00 6 3.62 1 26.29 1.0 5 0.83
10.00 to < 100.00
100.00 (default)
Subtotal 447 0.45 8 28.41 3.30 219 0.49
Specialised lending – project finance

2017
0.00 to < 0.15
0.15 to < 0.25
0.25 to < 0.50 197 0.36 13 18.56 4.3 68 34.74
0.50 to < 0.75 438 0.64 6 32.75 4.7 354 80.85
0.75 to < 2.50 335 1.06 6 31.29 4.8 279 83.13
2.50 to < 10.00 5 7.24 1 33.18 5.0 8 156.66
10.00 to < 100.00
100.00 (default)
Subtotal 975 0.76 26 29.38 4.6 709 72.71
1 2016 numbers were not available and have therefore not been shown here.
126
Banks

2017
0.00 to < 0.15 9 003 0.05 45 39.21 2.0 2 008 22.31
0.15 to < 0.25
0.25 to < 0.50 3 130 0.45 7 45.98 1.4 2 391 76.39
0.50 to < 0.75 114 0.64 5 47.04 1.5 82 71.85
0.75 to < 2.50 137 1.14 18 48.75 1.0 126 92.42
2.50 to < 10.00 4 3.98 4 52.43 1.0 6 148.92
10.00 to < 100.00 10.24 1 55.44 1.0 270.59
100.00 (default)
Subtotal 12 388 0.17 80 41.10 1.8 4 613 37.23
2016
0.00 to < 0.15 17 932 0.06 43 39.81 1.6 3 783 0.21
0.15 to < 0.25 2 342 0.16 3 43.89 1.5 989 0.42
0.25 to < 0.50 174 0.37 5 45.35 2.6 131 0.75
0.50 to < 0.75 13 0.64 4 47.04 1.0 9 0.69
0.75 to < 2.50 675 1.27 16 49.11 1.0 637 0.94
2.50 to < 10.00 3.31 4 51.85 1.0 1.38
10.00 to < 100.00
100.00 (default)
Subtotal 21 136 0.11 75 40.61 1.60 5 549 0.26
Standard Bank Group

ANNEXURE C – COMPOSITION OF CAPITAL1
2017 2016
Basel III Basel III
Rm Rm
CET I capital 118 282 114 401

Instruments and reserves
CET I capital before regulatory adjustments 150 608 142 589
Directly issued qualifying common share capital plus related stock surplus 18 063 17 960
Retained earnings 133 486 124 446
Accumulated other comprehensive income (and other reserves) (5 833) 183
Directly issued capital subject to phase-out from CET I
(only applicable to non-joint stock companies)
Public sector capital injections grandfathered until 1 January 2018
Common share capital issued by subsidiaries and held by third-parties
(amount allowed in group CET I) 4 892 4 488
Regulatory adjustments
Less: total regulatory adjustments to CET I (32 326) (32 676)
Prudential valuation adjustments (51) (40)
Goodwill (net of related tax liability) (1 904) (2 239)
Other intangibles other than mortgage servicing rights
(net of related tax liability) (18 603) (19 289)
Deferred tax assets that rely on future profitability, excluding those arising from temporary
differences (net of related tax liability) (78) (67)
Cash flow hedge reserve (137) 78
Shortfall of provisions to expected losses (2 076) (2 118)
Securitisation gain on sale
Gains and losses due to changes in own credit risk on fair valued liabilities 1 (38)
Defined benefit pension fund net assets (216) (461)
Investments in own shares (if not already netted of paid-in capital on reported balance sheet) (121) (70)
Reciprocal cross-holdings in common equity
Investments in the capital of banking, financial and insurance entities that are outside the scope of
regulatory consolidation, net of eligible short positions, where the bank does not own more than
10% of the issued share capital (amount above 10% threshold)
Significant investments in the common stock of banking, financial and insurance entities that are
outside the scope of regulatory consolidation, net of eligible short positions (amount above
10% threshold) (9 141) (8 432)
Mortgage servicing rights (amount above 10% threshold)
Deferred tax assets arising from temporary differences (amount above 10% threshold,
net of related tax liability)
Amount exceeding the 15% threshold, relating to:
Significant investments in the common stock of financials
Mortgage servicing rights
Deferred tax assets arising from temporary differences
National-specific regulatory adjustments
Regulatory adjustments applied to CET I in respect of amounts subject
to pre-Basel III treatment
Regulatory adjustments applied to CET I due to insufficient AT1 and tier II to cover deductions
1 Disclosure based on prescribed SARB template. All blank line items are not applicable as at 31 December 2017 and 31 December 2016.
128
2017 2016
Basel III Basel III
Rm Rm
ATI capital 6 707 3 619

Instruments
ATI capital before regulatory adjustments 6 707 3 619
Directly issued qualifying AT1 instruments plus related stock surplus, classified as: 6 291 3 297
Equity under applicable accounting standards 6 291 3 297
Liabilities under applicable accounting standards
Directly issued capital instruments subject to phase-out from AT1 5 495 5 495
AT1 instruments (and CET I instruments not included in common share capital) issued by
subsidiaries and held by third-parties (amount allowed in group AT1), including: 416 322
Instruments issued by subsidiaries subject to phase-out
Total regulatory adjustments to AT1 capital
Investments in own AT1 instruments
Reciprocal cross-holdings in AT1 instruments
Investments in the capital of banking, financial and insurance entities that are outside the
scope of regulatory consolidation, net of eligible short positions, where the bank does not
own more than 10% of the issued share capital (amount above 10% threshold)
Significant investments in the common stock of banking, financial and insurance entities
that are outside the scope of regulatory consolidation, net of eligible short positions
(amount above 10% threshold)
National-specific regulatory adjustments:
Regulatory adjustments applied to CET I in respect of amounts subject to pre-Basel III
treatment
Regulatory adjustments applied to AT1 due to insufficient AT1 due to insufficient tier II to cover
deductions
Standard Bank Group

Annexure C – Composition of capital1 continued
2017 2016
Basel III Basel III
Rm Rm
Capital and provisions

Tier II capital before regulatory adjustments 19 253 20 130
Directly issued qualifying tier II instruments plus related stock surplus
Directly issued capital instruments subject to phase-out from tier II
Tier II instruments (and CET I and AT1 instruments not included in common share capital and
AT1 instruments) issued by subsidiaries and held by third-parties (amount allowed in group
tier II), including: 17 080 17 773
Instruments issued by subsidiaries subject to phase-out 9 500 12 610
Provisions 2 173 2 357
Total regulatory adjustments to tier II capital
Investments in own tier II instruments
Reciprocal cross-holdings in tier II instruments
Investments in the capital of banking, financial and insurance entities that are outside the scope
of regulatory consolidation, net of eligible short positions, where the bank does not own more
than 10% of the issued share capital (amount above 10% threshold) (2 303)
Significant investments in the capital of banking, financial and insurance entities that are outside
the scope of regulatory consolidation (net of eligible short positions)
National-specific regulatory adjustments
Regulatory adjustments applied to tier II in respect of amounts subject to pre-Basel III treatment
16 950 20 130
Total capital 141 939 138 150
Total RWA 957 046 883 179
Risk-weighted in respect of amounts subject to pre-Basel III treatment
Capital ratios and buffers

CET I (as a percentage of RWA) 12.4 13.0
Tier I (as a percentage of RWA) 13.1 13.4
Total capital (as a percentage of RWA) 14.8 15.6
Institution-specific buffer requirement (minimum CET I requirement plus capital conservation
buffer plus countercyclical buffer requirements plus G-SIBs buffer requirement, expressed as a
percentage of RWA) 7.3 6.9
Capital conservation buffer requirement 1.3 0.6
Bank-specific countercyclical buffer requirement
G-SIBs buffer requirement
Common equity tier I available to meet buffers (as a percentage of RWA) 5.1 6.1
130
2017 2016
Basel III Basel III
Rm Rm
National minima (if different from Basel III)

National CET I minimum ratio (if different from Basel III minimum)
– excluding individual capital requirement (ICR) and domestic systemically
important banks (D-SIB) % 7.3 6.9
National tier I minimum ratio (if different from Basel III minimum)
– excluding ICR and D-SIB % 8.5 8.1
National total capital minimum ratio (if different from Basel III minimum)
– excluding ICR and D-SIB % 10.8 10.4
Amounts below the threshold for deductions (before risk weighting)
Non-significant investments in the capital of other financials 777 235
Significant investments in the common stock of financials 12 726 12 283
Mortgage servicing rights (net of related tax liability)
Deferred tax assets arising from temporary differences (net of related tax liability) 3 530 3 257
Applicable caps on the inclusion of provisions in tier II
Provisions eligible for inclusion in tier II in respect of exposures subject to
standardised approach (prior to application of cap) 2 173 2 357
Cap on inclusion of provisions in tier II under standardised approach 3 384 2 922
Provisions eligible for inclusion in tier II in respect of exposures subject to IRB
approach (prior to application of cap)
Cap for inclusion of provisions in tier II under IRB approach 2 325 2 298
Capital instruments subject to phase-out arrangements
(only applicable between 1 January 2018 and 1 January 2022)
Current cap on CET I instruments subject to phase-out arrangements
Amount excluded from CET I due to cap (excess over cap after redemptions
and maturities)
Current cap on AT1 instruments subject to phase-out arrangements
Amount excluded from AT1 due to cap (excess over cap after redemptions and
maturities)
Current cap on tier II instruments subject to phase-out arrangements
Amount excluded from tier II due to cap (excess over cap after redemptions
and maturities)
Standard Bank Group

ANNEXURE D – MAP OF CROSS-REFERENCE

OF PILLAR 3 TABLES
OV1 LI1 LI2 General

Sources
of Main
differences
between
regulatory
Differences exposure
between amounts Other
Basel RWA accounting and carrying tables
and associated and regulatory values in that
Page capital scopes of financial cross
no Description requirements consolidation statements link
28 39 40
AFS Balance sheet LI1
43 CR1 Credit quality of assets CR2
Changes in stock of defaulted loans and debt
43 CR2 CR1
securities
Standardised approach – exposure by asset classes
45 CR5 LI2 CR4
and risk weights
46 CR6 IRB – credit risk exposures by portfolio and PD range OV1 LI2 CR7
Standardised approach – credit risk exposure and
52 CR4 OV1 LI2 CR5
CRM effects
IRB – effect on RWA of credit derivatives used as
53 CR7 OV1 CR6
CRM techniques
RWA flow statements of credit risk exposures
53 CR8 OV1 CR6
under IRB
IRB (specialised lending and equities under the
56 CR10 OV1 LI2 CCR1
simple risk weight method)
CCR2
LI2
57 CCR1 Analysis of CCR exposure by approach OV1
57 CCR2 CVA capital charge CCR1

Standardised approach of CCR exposures by
58 CCR3 LI2 CCR4
regulatory portfolio and risk weights
60 CCR4 IRB – CCR exposures by portfolio and PD scale LI2 CCR3
62 CCR8 Exposures to central counterparties CCR1
Securitisation exposures in the banking book and OV1
64 SEC3 associated regulatory capital requirements –
bank acting as originator or as sponsor OV1
80 MR1 Market risk under the standardised approach OV1

RWA flow statements of market risk exposures
81 MR2 OV1
under IMA
132
CONTACT AND OTHER DETAILS
STANDARD BANK GROUP
Registration No. 1969/017128/06
Incorporated in the Republic of South Africa
HEAD: INVESTOR RELATIONS

Sarah Rivett-Carnac
Tel: +27 11 631 6897
GROUP FINANCIAL DIRECTOR

Please direct all annual report queries and
Arno Daehnke
comments to:
Tel: +27 11 636 3756
Annual.Report@standardbank.co.za
GROUP SECRETARY
Zola Stephen
Tel: +27 11 631 9106 Please direct all customer-related queries
and comments to:
REGISTERED ADDRESS Information@standardbank.co.za
9th Floor, Standard Bank Centre
5 Simmonds Street
Johannesburg 2001
Please direct all investor relations queries
PO Box 7725
and comments to:
Johannesburg 2000
InvestorRelations@standardbank.co.za
Refer to www.standardbank.com/reporting for

www.standardbank.com a list of definitions, acronyms and abbreviations
Disclaimer
This document contains certain statements that are ‘forward-looking’ with respect to certain of the group’s plans, goals and
expectations relating to its future performance, results, strategies and objectives. Words such as “may”, “could”, “will”, “expect”, “intend”,
“estimate”, “anticipate”, “aim”, “outlook”, “believe”, “plan”, “seek”, “predict” or similar expressions typically identify forward-looking
statements. These forward-looking statements are not statements of fact or guarantees of future performance, results, strategies and
objectives, and by their nature, involve risk and uncertainty because they relate to future events and circumstances which are difficult to
predict and are beyond the group’s control, including but not limited to, domestic and global economic conditions, market-related risks
such as fluctuations in interest rates and exchange rates, the policies and actions of regulatory authorities (including changes related to
capital and solvency requirements), the impact of competition, as well as the impact of changes in domestic and global legislation and
regulations in the jurisdictions in which the group and its affiliates operate. The group’s actual future performance, results, strategies
and objectives may differ materially from the plans, goals and expectations expressed or implied in the forward-looking statements.
The group makes no representations or warranty, express or implied, that these forward-looking statements will be achieved and
undue reliance should not be placed on such statements. The group undertakes no obligation to update the historical information or
forward-looking statements in this document and does not assume responsibility for any loss or damage arising as a result of the
reliance by any party thereon.
Respecta 60, the FSC® Mix* certified high quality recycled coated
60 fine paper for prestigious printing, with a 60% recycled fibre
content. A choice that gives a natural brilliance to creativity.
standardbank.com

Standard Bank AIR2017 Standard Bank Group Risk and Capital Management Report 2017

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Standard Bank AIR2017 Standard Bank Group Risk and Capital Management Report 2017

Uploaded by

Copyright:

Available Formats

Standard Bank Group

RISK AND CAPITAL

RISK AND CAPITAL

Standard Bank Group

Annual integrated report

Provides a holistic assessment Frameworks* applied Assurance

An account of the group’s social, Frameworks* applied Assurance

REPORT TO SOCIETY 2017

Governance and remuneration report

A detailed review of the group’s Frameworks* applied Assurance

group’s audited annual

Annual financial statements

Sets out the group’s full audited Frameworks* applied Assurance

A detailed view of the management Frameworks* applied

RISK AND CAPITAL

operations. including Basel III

Standard Bank Group

All amounts are in rand millions unless

Pillar 3 table references (OV1, CR1

The pillar 3 remuneration disclosure

RISK OVERSIGHT GOV

report covers the Standard Bank

The main features of

For the period under review,

•the group’s risk, •the group’s business •the group is adequately

•guiding principles for pillar 3

•internal controls and procedures.

The board is satisfied that this report has

Standard Bank Group

Business risk is the risk of earnings variability,

Insurance risk arises due to uncertainty regarding the

timing and amount of future cash flows from

Standard Bank Group

We have a well-developed enterprise risk management framework

For more information, refer to the

Standard Bank Group

Year in brief CIB non-performing loans (NPLs) remained flat

PBB’s Africa Regions CLR increased year-on-year largely

The growth in the complexity of regulatory frameworks impacting the

Year in brief In addition, the promulgation of the Protection of Personal

Standard Bank Group

The group maintained its

The group continued to enhance its interest rate risk

Standard Bank Group

The group’s operational risk profile trended

Year in brief In 2017, the group introduced new technology and

Standard Bank Group

Enterprise risk management continued

EMERGING ENTERPRISE RISKS

Regulatory People risk

Fraud risk Business

Information risk Third-party risk

TECHNOLOGY CYBER REGULATORY

Risk drivers* Risk drivers* Risk drivers*

MITIGANTS* MITIGANTS* MITIGANTS*

Standard Bank Group

Enterprise risk management continued

Emerging enterprise risks continued

FRAUD INFORMATION PEOPLE

Risk drivers* Risk drivers* Risk drivers*

MITIGANTS* MITIGANTS* MITIGANTS*

The risk of infrastructure/ The risk of losses or

Risk drivers* Risk drivers* Risk drivers*

MITIGANTS* MITIGANTS* MITIGANTS*