RISK MANAGEMENT

The risk tolerance defined by the Board sets a conservative strategy which

aims to maintain a moderate-low risk profile; focused on keeping the quan-

tity and quality of capital, with solvency levels clearly above the regulatory

minimums; allowing us to anticipate that none of the risks identified could

generate losses which could not be withstood within the normal operations

of the bank.

Structure and Organisation

From the perspective of the definition of risk tolerance, the monitoring of the

implementation of management policies and the monitoring of risk profiles,

Cecabank has established a supporting structure and a reporting system as

described in the following organisational chart:

The Board is the driving force in the corporate risk culture, which focuses

on guaranteeing efficient internal control systems and rigorous and

comprehensive risk management and measurement processes.

MAIN RISKS OF

CECABANK’S ACTIVITY

Potential risks arising as a

result of Cecabank’s activity

are classified as follows:

Credit

risk

Market

risk

Balance sheet

structural risk

Liquidity

risk

Operational

risk

Compliance

risk

Reputational

risk

Risk

The risk management philosophy is based on rigorous criteria of prudence, in

a way that is consistent with the commercial strategy, ensuring the efficient

use of capital assigned to business units.

The results of

application of this

philosophy are seen in

a highly prudent risk

profile, in particular

with regard to high

levels of solvency

and a comfortable

liquidity position.

For more informationsee the

report: “Pillar IIIDisclosure

Report 2016”

Cecabank

2016 Annual Report

Page. 88

06 FINANCIAL INFORMATION

6.1

. Financial information | Results | Activity | Robust capitalisation | Ratings

6.

2. Risk management | Structure and organisation | Assets and Liabilities Committee | The Compliance and Operational Risk Committee