RISK MANAGEMENT

At Türk Eximbank, the risk management system has been established with the aim of defining, measuring, exploring, reporting, analyzing, monitoring and auditing risks in every aspect of banking activities within the frame of principles approved by the Board of Directors.

The Bank’s risk management activities are carried out by two departments: Credit Risk and Market and Other Risks departments. Head of Risk Management reports to the Board of Directors via the Audit Committee.

Head of Risk Management monitors the Bank’s risk exposure resulting from its operations using internal methods and other risk metrics, in addition to the standard methods considered within the BRSA’s capital adequacy obligations; conducts stress tests and shares the outcomes with the Audit Committee, and with the Board of Directors via the Audit Committee, if/when needed.

Non-financial risks that remain outside of quantifiable risks that are monitored on the basis of legal and internal limits (i.e. technology risk, information security, regulatory risk, Environmental, Social and Governance (ESG) risks and climate-related risks that relate to sustainability, reputation risk, etc.) are followed up within the frame of the ICAAP report issued in coordination with business units, assessments made during new product/support services processes and quarterly Risk Assessment Reports submitted to the top management. Risk levels (low, medium or high) in relation to operations are consolidated particularly with the Integrated Risk Matrix included in Risk Assessment Reports in line with best practices principle.

In 2023, Türk Eximbank established the Operational Risk Policy Document and Internal Loss Data Procedure in view of the publications of international risk organizations that it belongs to (GARP, IOR) in addition to Basel III documentation for compliance with the New Standardized Approach for Operational Risk, for which the BRSA has not yet issued a regulation, and set up the Operational Risk Committee in this framework.

Risk Management Policy

Türk Eximbank maintains the risk level that it needs to undertake when fulfilling its legal functions expressed as “providing financial support to the export industry” with an approach that will not result in weakened financial strength. The Bank set its risk appetite at a ratio (13%-15%) that is just above 12%, which is the target ratio for compliance with legal capital adequacy ratios, and provided assurance by a Board of Directors decision that necessary steps would be initiated for capital increase in the event that the existing capital adequacy ratio dropped to this interval.

Detailed policies for all risk types can be found in Risk Management Implementation Principles.

INTERNAL AUDIT

Türk Eximbank set up the Internal Audit Department to assist the Board of Directors in the performance of its monitoring and supervisory functions, which reports to the Board of Directors via the Audit Committee.

The Internal Audit Department performs the following tasks within the framework of Audit Committee Regulation issued within the scope of the Regulation on Internal Systems of Banks and Internal Capital Adequacy Assessment Process:

• Analyzing and evaluating the compliance of the Bank’s activities with the relevant laws, regulations, decrees, communiqués, articles of association, banking principles, instructions and other statutes;
• Reviewing and evaluating the functioning, efficiency and adequacy of the Bank’s internal control and risk management systems;
• Providing opinions, suggestions and comments regarding effective and efficient use of the Bank’s resources,
• Reviewing the accuracy and reliability of accounting records and financial reports,
• Evaluating the operation, efficiency and adequacy of the Bank’s information systems and communication channels,
• Conducting audits and examinations of operations, accounts and activities in the Bank’s headquarters units, regional directorates and branches.

The Internal Audit Department performs its activities in an impartial and independent manner exercising the required professional diligence, with the aim of ensuring that the resources are used efficiently and that all activities make the maximum contribution to the Bank.

INTERNAL CONTROL

During 2023, on-site branch controls, unit controls and centralized control activities were carried out at Türk Eximbank within the scope of internal control activities.

The Internal Control Unit performed on-site controls at the Head Office Branch, Odakule, Maltepe, İkitelli OSB, Ankara, Bursa and Gaziantep branches as per its schedule in 2023. Centralized controls addressed activities in relation to Credits, Accounting Transactions and Financial Reporting, Payment Systems, Treasury and Insurance processes.

As part of the controls, credits disbursed within the frame of sustainability system were included in the sampling. During the examinations made, various findings associated with the sustainability management system were established and included in the related control report.

REGULATORY COMPLIANCE

Türk Eximbank Mevzuat ve Uyum Birimi; mevzuat, uyum ve katılım finans bankacılık temel görev alanları kapsamında faaliyet göstermektedir. Banka, 2023 yılında da bu alanda kapsamlı çalışmalar yürütmüştür.

The fundamental banking duties of the Regulatory Compliance Unit at Türk Eximbank covers regulation, compliance and participation finance. The Bank took on comprehensive work in this area in 2023.

Regulatory Activities

• The entire regulation governing the Bank was researched and the “List of Governing Regulation” was prepared.
• Monthly Regulatory Bulletin started to be issued for announcements and updates to keep the entire organization informed.
• Feedback was provided within the scope of PDPL for tasks and business processes across the Bank and steps were taken for achieving regulatory compliance as applicable.
• Regulation is reviewed with respect to sustainability and green asset topics, regulatory follow-up is undertaken in line with the considerations covered in the Bank’s 2024 targets to help achieve the targets.
• Regulation analyses were taken on with respect to draft regulatory framework concerning sustainability and green assets.

Compliance Activities

• Transaction tracking scenarios are developed and scenario outcomes are studied, in relation to which actions are taken.
• Aimed at determining the compliance risk levels of the Bank’s existing exporters pool, following up their risk exposure and subjecting the same to periodical reviewing, Project KYC was developed and its infrastructural work has been completed.
• Work was initiated on “Paygate Inspector Business Flow Revision” as the master project of 2023 in order to check the prohibition/sanction status of existing exporters’ transactions and new exporter acquisitions in total compliance with the regulation.
• Daily controls are performed based on the risk criteria of domestic/foreign sanction lists (OFAC-Related TR-based exclusions). Surveillance teams are informed when necessary and special surveillance records are kept.
• An internal list was created which covers the risk considerations established in the evaluations carried out within the frame of compliance.
• Compliance assessments are carried out for foreign institutions and entities that the Bank intends to work with, and risk analyses are provided.
• Country risk analysis was performed and Country Risk Rating Report was prepared.
• Focus groups are being identified and “Country Fact Sheets” are prepared. Summary Country Fact Sheets were prepared for 20 countries.
• Anti-Bribery/Anti-Corruption and Ethics Policy was drafted with the incorporation of ethics matters. An Anti-Bribery/Anti-Corruption and Ethics Committee has been set up at the Bank.

WORK ETHICS

Türk Eximbank acts in accordance with all national and international regulatory framework in all its operations and manages the same in parallel with the policies it has set and documentation prepared such as processes and procedures.

An Anti-Bribery and Anti-Corruption Policy is in place, which is aimed at clearly and explicitly manifesting Türk Eximbank’s commitments in relation to work ethics and anti-corruption; establishing ethical rules and all Bank employees’ responsibilities in this respect, and ensuring that all employees achieve compliance with the national/international regulatory frameworks.

In 2023, the Bank incorporated ethics matters within the Anti-Bribery/Anti-Corruption Policy and updated the same with the title Anti-Bribery/Anti-Corruption and Ethics Policy, which was publicly disclosed on the website.

Türk Eximbank Anti-Bribery/Anti-Corruption and Ethics Policy can be reached at:

https://eximbank.gov.tr/content/files/e7ce155a-f0c8-40a3-8e4a-75d7e92bd300/rusvet-yolsuzlukla-mucadele-ve-etik-politikasi

Additionally, Anti-Bribery/Anti-Corruption and Ethics Committee was set up to increase internal awareness. The Committee works towards constantly building on bribery, corruption and ethics issues, establishing and developing an ethical culture in this scope. The Committee drew up 6 different guidelines and announced them internally.

• Guide to Preventing Retaliation
• Gifts and Entertainment Guidelines
• Anti-Retaliation Guidelines
• Donations and Assistance Guidelines
• Conflict of Interest Prevention Guidelines
• Consultation, Notification and Denunciation Guidelines

Considering also providing benefits to the society in all its activities, Türk Eximbank makes sure that all its employees act in accordance with the ethical principle of “Benefiting the Society” in all their dealings with internal/external individuals and organizations/institutions within the frame of the said ethical principle. Accordingly, the Bank employees are given regular training about Anti-Bribery, Anti-Corruption and Ethics. The content of these training programs are determined so as to raise consciousness and increased awareness of the topic within the scope of related laws, regulations and internal policies.

Sanctions to be applied for violation of the Anti-Bribery/Anti-Corruption and Ethics Policy are as follows:

• Various sanctions and disciplinary punishments, up to and including annulment of employment contract, are applied depending on the nature of the subject for employees violating the Policy.
• Employees who report in good faith any contradictions to the Policy principles within the frame of integrity and transparency principles are not subjected to any punishment, ill-treatment or retaliation.
• Acts in contradiction to the Policy are reported to judicial authorities, provided that legal conditions materialize therefor depending on the nature of the subject.

As an essential prerequisite, all notices received via the Bank’s communication channels under the Anti-Bribery/Anti-Corruption and Ethics Policy that are accessible to the employees and the public at large on Türk Eximbank’s official website are confidential. Principles and procedures for anonymous reporting are set out in the guidelines prepared in accordance with ISO 37001:2016 International Anti-Bribery/Anti-Corruption Management System Standard.

Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT)

Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) Policy and Principles are in place at Türk Eximbank, as per the Law no. 5549 on Preventing Laundering Proceeds from Crime (AML), Law no. 6415 on the Prevention of Terrorist Financing (CTF) and Law no. 7262 on Preventing the Financing of Proliferation of Weapons of Mass Destruction, international covenants, recommendations and standards. The Policy sets out the Bank’s principles and rules, and explicitly stipulates the Bank’s obligations.

Türk Eximbank Anti-Money Laundering and Countering the Financing of Terrorism Policy can be reached at:

https://www.eximbank.gov.tr/en/about-us/sustainability/anti-money-laundering-combating-the-financing-of-terrorism-and-countering-proliferation-financing-policy

The goals of the Anti-Money Laundering and Countering the Financing of Terrorism Policy and Implementation Principles include, among others, raising awareness of the Bank’s employees, mitigating risk exposure, maintaining secure banking activity, and protecting the Bank’s reputation and exporter quality.

In order to avoid any related sanctions and to minimize related risks, Türk Eximbank integrated the Paygate Inspector product, which was initiated as a master project in 2023, in its banking systems and established an automatic process.

Providing regular AML and CFT training every year, The Bank supports the processes by raising increased employee awareness, and ensures continuity of anti-risk activities and projects (KYC Module, Scenarios, Country Risk Analysis, etc.) by closely monitoring the risks.