1. 1.These Standards form part of the Country and Transfer Risks Regulation. All Banks must comply with these Standards, which expand on the Regulation. These Standards are mandatory and enforceable in the same manner as the Regulation.
2. 2.Banks engaged in international activities are exposed to the risk that conditions and events in a foreign country will adversely affect their financial performance. They are further exposed to the risk that capital controls or foreign exchange restrictions may limit the ability of a foreign counterparty, branch or subsidiary to make contractual payments. These country and transfer risks could threaten the soundness of a bank if not monitored and controlled.
3. 3.A Bank’s board of directors is in ultimate control of the bank and accordingly, ultimately responsible for the bank’s approach to country and transfer risk. Country and transfer risks may not be material for all banks. The Board is responsible for ensuring that country and transfer risks exposures are identified and if required, that appropriate policies and procedures are in place to manage those risks. There is no one-size-fits-all or single best solution. Accordingly, each Bank could meet the minimum requirements of the Country and Transfer Risks Regulation and Standards in a different way and thus may adopt a country and transfer risk framework appropriate to the risk profile, nature, size and complexity of its business and structure. The onus is on the bank’s board to demonstrate that it has implemented an approach that adequately addresses country and transfer risks. Banks are encouraged to adopt leading practices that exceed the minimum requirements of the Regulation and Standards¹.
4. 4.The Standards follow the structure of the Regulation, with each article corresponding to the specific article in the Regulation.

¹ The Central Bank will apply the principle of proportionality in the enforcement of the Regulation and Standards, whereby smaller banks may demonstrate to the Central Bank that the objectives are met without necessarily addressing all of the specifics cited in the Standards.

1. 1.Affiliate: An entity that, directly or indirectly, controls, is controlled by or is under common control with another entity. The term control as used herein shall mean the holding, directly or indirectly, of voting rights in another entity or of the power to direct or cause the direction of the management of another entity.
2. 2.Bank: A financial entity, which is authorized by the Central Bank to accept deposits as a bank.
3. 3.Central Bank: The Central Bank of the United Arab Emirates.
4. 4.Central Bank Law: Union Law No (10) of 1980 concerning the Central Bank, the Monetary System and Organization of Banking as amended or replaced from time to time.
5. 5.Central Bank regulations: Any resolution, regulation, circular, rule, standard or notice issued by the Central Bank.
6. 6.Country risk: The risk of loss caused by events in a foreign country that may include changes in economic, social, political or regulatory conditions that affect obligors in that country and obligations denominated in that country’s currency.
7. 7.Group: A group of entities that includes an entity (the ‘first entity’) and:
   1. a.any Parent of the first entity;
   2. b.any Subsidiary of the first entity or of any Parent of the first entity; and
   3. c.any Affiliate.
8. 8.Parent: An entity (the ‘first entity’) which:
   1. a.holds a majority of the voting rights in another entity (the ‘second entity’);
   2. b.is a shareholder of the second entity and has the right to appoint or remove a majority of the board of directors or managers of the second entity; or
   3. c.is a shareholder of the second entity and controls alone, pursuant to an agreement with other shareholders, a majority of the voting rights in the second entity;

      Or;

   4. d.if the second entity is a subsidiary of another entity which is itself a subsidiary of the first entity.
9. 9.Risk governance framework: As part of the overall approach to corporate governance, the framework through which the board and management establish and make decisions about the bank’s strategy and approach to risk management; articulate and monitor adherence to the risk appetite and risks limits relative to the bank’s strategy; and identify, measure, manage and control risks.
10. 10.Risk limits: Specific quantitative measures which may not be exceeded, based on, for example, forward looking assumptions that allocate the bank’s aggregate risk appetite to business lines, legal entities or management units within the bank or group in the form of specific risk categories, concentrations or other measures as appropriate.
11. 11.Risk management function: Collectively, the systems, structures, policies, procedures and people that measure, monitor and report risk on a bank and, if applicable, group-wide basis.
12. 12.Senior management: The executive management of the bank responsible and accountable to the board for the sound and prudent day-to-day management of the bank, generally including, but not limited to, the chief executive officer, chief financial officer, chief risk officer and heads of the compliance and internal audit functions.
13. 13.Subsidiary: An entity (the ‘first entity’) is a subsidiary of another entity (the ‘second entity’) if the second entity:
    1. a.holds a majority of the voting rights in the first entity;
    2. b.is a shareholder of the first entity and has the right to appoint or remove a majority of the board of directors or managers of the first entity; or
    3. c.is a shareholder of the first entity and controls alone, pursuant to an agreement with other shareholders, a majority of the voting rights in the first entity;

       Or;

    4. d.if the first entity is a subsidiary of another entity that is itself a subsidiary of the second entity.
14. 14.Transfer risk: The risk that a borrower will not be able to convert local currency into foreign exchange and so be unable to make debt service payments in foreign currency.

1. 1.The risk governance framework varies with the specific circumstances of each bank, particularly the risk profile, nature, size and complexity of its business and structure. For a bank with material country and transfer risk exposures, its risk governance framework must address the following:
   1. a.Effective oversight by the board of directors;
   2. b.Adequate risk management policies and procedures;
   3. c.An accurate system for reporting country exposures;
   4. d.An effective process for analyzing country risk;
   5. e.A country risk-rating system;
   6. f.Country risk exposure limits;
   7. g.Regular monitoring of country conditions;
   8. h.Provisioning policies that explicitly consider country and transfer risks;
   9. i.Periodic stress-testing of foreign exposures;
   10. j.Oversight by the risk management function; and
   11. k.Independent assurance by the internal audit function.
2. 2.A bank’s definition and identification of material country and transfer risks must take into account the risk profile, nature, size and complexity of its business and structure. The Central Bank will generally consider as material an aggregate exposure to any single foreign jurisdiction exceeding five percent, or an aggregate exposure to all foreign jurisdictions exceeding 10 percent, of any relevant metric which may include but is not limited to total loans, total liabilities, interest income, interest expense and non-interest income. Banks are encouraged to establish lower thresholds for materiality if required for consistency with the board-approved risk appetite statement.
3. 3.A bank must establish and maintain a board-approved risk appetite statement that specifies the types of country risk the bank is prepared to assume in pursuit of its business strategy and objectives and limits for those risks. For banks with moderate country risk exposure it may be appropriate to address these risks under a single grouping of cross-border exposures, but depending on the business of the bank, it may be appropriate to specifically address some or all of the below:
   1. a.Sovereign risk — a foreign government’s capacity and willingness to repay its direct and indirect foreign currency obligations;
   2. b.Contagion risk — adverse developments in one country lead to a downgrade and/or difficulty accessing international markets not only for that country but for others in a region or investment class, notwithstanding that the other countries may be more credit worthy;
   3. c.Currency risk — a borrower’s domestic currency holdings and cash flow become inadequate to service its foreign currency denominated debt due to changes in exchange rates²;
   4. d.Indirect country risk — the repayment ability of a domestic borrower is affected by adverse developments in a country where the borrower has significant business interests;
   5. e.Liquidity risk — developments in a country where the bank raises a significant portion of its deposits or other funding may adversely affect the bank’s liquidity and funding profile; and
   6. f.Macroeconomic risks — a foreign counterparty may be adversely affected by high interest rates, currency depreciation or broader macroeconomic instability, affecting its repayment capacity.
4. 4.The board-approved risk appetite statement must specify authorized activities, investments and instruments and delineate any types of country and transfer risk that the bank is not prepared to assume and, where appropriate, specify any activities, investments and instruments that are not consistent with the bank’s risk appetite. Risk limits are typically established on a country basis, but banks must also consider whether regional or other limits such as aggregate exposures to lesser developed countries are appropriate.
5. 5.A bank must also consider whether different limits may be established for different types of exposure in a specific country.
6. 6.Country exposure limits, sub-limits and regional or other limits with respect to country and transfer risk as established in the board-approved risk appetite statement must take into account the following:
   1. a.The bank’s overall strategy guiding its international activities;
   2. b.Country risk ratings and the bank’s risk tolerance;
   3. c.Perceived business opportunities in the country (or region); and
   4. d.Support for the international business needs of domestic customers.
7. 7.A bank’s provisioning policies must expressly consider country and transfer risks. Provisions for country and transfer risks may be made on an aggregate basis by country in addition to specific provisions against individual exposures, or by factoring an element of provision for each country risk into the specific provisioning for each individual exposure. Regardless of the approach, banks must ensure adequate provisioning for country and transfer risks based on their assessment of the probability of losses on their cross-border exposures.

² Note that this is in addition to transfer risk — the risk that official restrictions on currency conversion and/or cross-border remittances may affect the counterparty’s ability to make payments.

1. 1.The specific requirements for the risk management function will vary with the specific circumstances of each bank, particularly the risk profile, nature, size and complexity of its business and structure. For banks with material country and transfer risks exposure, the risk management function must address the following:
   1. a.Quantitative and qualitative ongoing assessment of the risks associated with each country in which the institution has or is planning to have exposure;
   2. b.Formal analysis of country risk completed at least annually, with an effective system for monitoring developments in the interim;
   3. c.Conclusions reported to Senior Management and the board in a manner that provides a bank-wide and, if applicable, group-wide view of country and transfer risks exposures; and
   4. d.Verification that individual and aggregate country and transfer risks exposure limits are adhered to, with a process for escalating breaches to senior management, the board or the board risk committee, as appropriate.
2. 2.A bank with material country and transfer risks exposures must have a country risk rating system reflecting a structured approach to assessing country and transfer risk. Banks may use external country ratings as part of their internal approach. A bank’s country risk-rating system must be linked to its country and transfer risk provisioning methodology. A bank is encouraged to compare for reasonableness the results of their internal country risk-rating process to one or more external rating systems, such as export credit agencies classifications, OECD country risk assessments³, or ratings agencies sovereign ratings.

³ Country risk classifications of the OECD Participants to the Arrangement on Officially Supported Export Credits are available at http://www.oecd.org/tad/xcred/crc.htm.

1. 1.A bank with material country and transfer risks exposure must include in its stress testing program appropriate scenarios for country and transfer risk. This does not necessarily require sophisticated modelling tools, but does require the bank to evaluate the potential impact of various scenarios affecting countries, regions or types of foreign exposures, as appropriate considering the bank’s business. Scenarios may include, but are not limited to, macro-economic shocks such as interest rate and exchange rate movements, GDP contraction and the introduction of exchange or capital controls.

1. 1.A bank’s systems must support supervisory reporting requirements for country and transfer risks as provided in this Regulation and Standards as well as provision of country and transfer risks reports to all relevant parties within the bank on a timely basis and in a format commensurate with their needs.
2. 2.The processes for aggregating the necessary data and producing supervisory and internal country and transfer risks management reports must be fully documented and must establish standards, cut-off times and schedules for report production. The aggregation and reporting process must be subject to high standards of validation through periodic review by members of the internal audit function with specific systems, data and reporting expertise, particularly where the process requires substantial manual intervention.

1. 1.A bank must submit to the Central Bank on a quarterly basis the Report on Country and Transfer Risks in a format specified by the Central Bank.