PASHA BANK ANNUAL REPOT 2024

In terms of Market Risk, relevant regulatory reports were prepared and market risk capital adequacy was calculated. Risks that our Bank may exposed due to volatility in market prices were measured. On balance sheet and off‑balance sheet foreign currency positions were followed and reported based on internal and regulatory limits. These reports were shared with Asset Liability Committee (ALCO) and Risk Management Committee and risk mitigation techniques were implemented based on senior management opinion where appropriate. The structural interest rate risk due to time mismatch in the structure of the Bank’s Balance sheet was monitored through maturity gap analysis under the scope of Structural Interest Rate and Liquidity Risk. The executed stress tests were negotiated at the Asset‑Liability Committee and Risk Management Committee. The Bank’s liquidity level is being monitored both through TL ‑ FX split and as total liquidity basis. The liquidity adequacy was tested under various stress assumptions of which the results were submitted regularly to the relevant Committees and Senior Management. Credit Risk is also monitored within the scope of both internal and regulatory reports, credit risk capital requirement was calculated. Historical trend of credit portfolio and concentration risk were monitored. To keep credit concentration under control, concentration limits were identified and monitored for individual firms, group companies and banks. Provisions were calculated using provision methods established in compliant with the frame of legal and international standards based on IFRS 9. In accordance with the Information Technologies and Information Security (IT&IS) risk management policies and procedures, risk assessments have been conducted quarterly on the Bank’s asset inventories, and action plans have been prepared. All analyses and reports covering credit, market, liquidity, and operational risks have been shared with the relevant committees, primarily Assets-Liabilities Committee and the Risk Management Committee. Stress tests and scenario analyses which are intended to assess and measure all risks that the Bank may subject to be exposed and which enables the determination of necessary capital amount were performed and shared with the Board of Directors within the scope of Internal Capital Adequacy Assessment Process (ICAAP). Risks that the Bank may be exposed to and the risk appetite regarding these risks were identified by taking the stress test results into consideration and the Risk Appetite Statement was regularly updated. Policies and procedures of Risk Management Department are updated to include the Bank’s current structure and risks that the Bank may be exposed to. Improvement of technical infrastructure and competences were achieved in terms of the Bank’s risk identification, monitoring, control, risk reduction and stress testing processes within the scope of the action plans established so that Risk Health Indicators (RHI) scores reached to the expected levels, which is among the Bank’s strategic key performance indicators. The task of executing the business continuity function has been taken over by the Risk Management Department (RMD), and the drills for 2024 have been completed under the coordination of the RMD with the participation of the relevant business units. Internal systems departments are at the focus of all transactions within the Bank in terms of risk, organization, quality management, effectiveness, adequacy and compliance. In this context, Internal Control and Risk Management Departments which constitute the second line of defence will continue its activities such as updating the infrastructure, performing second level controls, monitoring and reporting of results, fulfilling regulatory requirements and demands, improvement of the Bank’s internal control and risk management environment in 2025. Compliance Department will also continue its monitoring and control activities in accordance with the legislation. In 2025, the Internal Audit Department will continue its auditing responsibilities for the efficiency, adequacy, and compliance of the Bank’s internal control and risk management environment with the same scope and care. 115 Information on Management and Corporate Governance Principles