Risk and Capital Management 2023

BUSINESS MODEL4
RISK MANAGEMENT6
CAPITAL MANAGEMENT 12
CREDIT RISK19
COUNTERPARTY CREDIT RISK 31
MARKET RISK 34
LIQUIDITY RISK 39
OPERATIONAL RISK48
ESG RISK53
MANAGEMENT DECLARATION 58

Executive Summary

The objective of this report is to offer insight into the group's internal risk and capital management and the regulatory capital requirements.

On a continuous basis, Jyske Bank strives to become more efficient to ensure two main aspects. First, to comply with the complex regulatory requirements and second, to ensure value creation by providing relevant information for decision-making.

Throughout the organization, the year 2023 has especially been influenced by the integration of Handelsbanken Denmark. This event, in December 2022, brought new customers and new colleagues to Jyske Bank. Especially, the transition from the data provider BEC to Bankdata has been a key milestone which was successfully executed in November 2023.

From a risk perspective, the macroeconomic developments are of great interest and are monitored closely in relation to the potential impact on the customers in Jyske Bank. Higher interest rates and inflation has dominated in 2023. The year has, however, also demonstrated a financially robust customer base, giving rise to a year with very low impairments and losses.

After the acquisition of Handelsbanken Denmark, Jyske Bank has used 2023 bolstering the capital base with a strong consolidation throughout the year. Also, the very strong position in the capital market has been demonstrated with recent issuances of Tier 2 and AT1 capital. These issuances are in line with the capital planning of the group, focusing at capital optimisation and the desire to continuously deliver value to our shareholders.

The capital-management objectives of Jyske Bank are a capital ratio within the range of 20-22% and a common equity tier 1 capital ratio between 15% and 17%. This will ensure a buffer towards future legislation and uncertainties in relation hereto. Additionally, the group will also have the necessary flexibility for strategic decisions.

Business Model

The Jyske Bank Group is a financial group, in which Jyske Bank, being the parent company, conducts banking activities, and subsidiaries provide other financial or accessory activities. The Group conducts mortgage-credit activities through Jyske Realkredit and leasing activities through Jyske Finans.

The business model of Jyske Bank Group is organised to offer financial products and other related services to private individuals, businesses, and institutions based in Denmark. The strategic target is to increase market shares through organic growth and profitable acquisitions.

A main component of the Group's business model is to provide loans in exchange for collateral in real estate. The group's mortgage loans are primarily funded by issuing CRD-compliant covered bonds (SDO) and secondarily by issuing mortgage bonds (RO). It is the Group's ambition to maintain an AAA rating for its covered bonds and mortgage bonds issues.

The Group includes the leasing company, Jyske Finans, which supports the business model by facilitating services necessary for clients to obtain their financial objectives.

The Jyske Bank Group offers pension and life insurance products, investment and assetmanagement products, payment-service products as well as advisory services from subcontractors, including joint-owned sector companies.

The Group cooperates with other financial institutions on the delivery or distribution of the Group's products to the relevant businesses and clients. The Group operates almost entirely within Denmark.

Jyske Bank wishes to operate a company that conducts business in a responsible manner and promotes sustainability, as expressed in the UN Sustainable Development Goals. Jyske Bank will offer business solutions that support a sustainable development, supply knowledge of sustainability, and make it simple to invest sustainably. Jyske Bank is a founding signatory of the UN Principles for Responsible Banking (PRB), and these principles are used as an overarching approach to ourwork in integrating sustainability. On a national level, Jyske Bank also supports the 20 recommendations of the Forum for Sustainable Finance.

The Jyske Bank Group undertakes financial risks within established limits and to the extent that the risk-adjusted return contributes to the Group's financial goals. Jyske Bank's financial risks consist mainly of credit risk. The Group will undertake credit risk given that the debtor has the necessary ability to service the debt and that it can be rendered sufficiently probable that the debtor has the intention to repay the credit granted. To mitigate the risk, the collateral must have sufficient value as well to that it can be expected,that the collateral can be liquidated and cover the remaining credit. Hence,

it is a requirement that the Group's earnings must match the associated credit risk and capital charge.

Market risk arises as an integrated part of banking activities, e.g., hedging interest rate risk. Moreover, the Group undertakes market risk when the expected return more than matches the risk. Trading-related market risks arise primarily from client-related transactions. The Group holds only a small trading-related market risk position. Differentiated portfolios characterize the market risk profile where interest rate risk and foreign exchange risk are the main trading-related market risks. Asset and liability management drives the non-trading-related market-risk, and the interest-rate risk exposure is founded in core banking and mortgage activities, as well as funding and liquidity management.

Because of the group's activities, liquidity risk arises when a funding mismatch occurs in the balance sheet. Active liquidity management ensures sufficient liquidity, enabling the group to meet its short- and long-term obligations.

Non-financial risks are an integrated part of banking activities, and the importance of this area is also recognized and has gained increased attention over the last couple of years. The group apply a risk-based approach ensuring that the risk of operational losses is kept at acceptable levels and balances the costs of risk reducing initiatives. Solid risk management processes and effective control environments are in place to support this.

The business model of Jyske Bank is the foundation for evaluating the risk of adequately capital and liquidity for ensuring sound banking operations. The total risk is adjusted regularly to harmonize with the Group's risk profile and capital structure in accordance with the Group's capital management objective. This will ensure,that the Jyske Bank Group is a trustworthy, long-term business partner for its clients and counterparties.

Risk management is a fundamental part of the daily operation in Jyske Bank and is embedded in the Group Supervisory Board and the Group Executive Board. Jyske Bank has an independent Risk unit with direct reference to the CEO.

The Risk unit undertakes activities involving risk policies, implementation, quantification, and reporting. Also, a strong risk management function has a continuous focus on providing relevant and timely analyses to ensure the foundation forthe most qualified decision-making of the management. Hence, the Risk unit applies a risk-based approach meaning, that the analyses and reporting is proportional with the severity of the identified risk.

In the continuous risk reporting for management, main attention is always given to the current risk identification and focus areas. However, while internal processes always ensure a strong risk culture and monitoring.

•

Risk Management

The current section describes the risk organisation of Jyske Bank and risk management processes.

Risk Organisation

The Group Supervisory Board established the general principles for risk and capital management, as well as defining the Group's risk profile, and implements these by adopting several risk policies and instructions in the group. The Group Supervisory Board is responsible for ensuring that the group has an organisational structure that will ensure a distinct allocation of responsibility and include an appropriate separation of functions between development units, operating units, and control units in the daily monitoring and management of the group's risks. The Group Executive Board is responsible for the day-to-day risk management of the Group and will ensure that policies and instructions are implemented and complied with. The Risk unit constitutes an individual unit with direct reference to the CEO of the Group.

The risk management organisation is based upon the "three lines of defense" model, which ensures effective risk management and oversight. The first line consist of business units and support functions, and handles day-to day management ofrisk and acts within the

preestablished limits, risk policies, and risk appetite.

The second line consist of the different departments in the Risk unit; namely IRB & Risk, Risk Management, Risk Management Realkredit, Model Risk & Validation, and Market Risk & Models, as well as the Compliance function. The second line performs independent monitoring, analyses, and reporting on the risks arising from first line activity. Furthermore, second line is responsible for the risk framework and policies.

The Internal Audit constitutes the third line and monitors the Group's risk management. The Audit Revision is an independent unit that evaluates the effectiveness of the overall risk management. The independence ensures credible and objective evaluations.

The Group Executive Board has appointed a Group Chief Risk Officer (CRO), who is the director of the Risk unit. The responsibilities of the CRO includes the following:

proposals of risk policies and risk-management principles to the Group Executive Board and the Group Supervisory Board.
implementation of risk-management principles and policies to improve risk management on an ongoing basis.
quantification of the Group's risk exposure as well as monitoring and reporting to ascertain that the Group's risk exposure does

not exceed the limits defined by the Group Supervisory Board.

• recognition, measurement, and reporting of risk in the Group as well as the implementation of risk management tools.

To achieve efficient risk management, the group has appointed a CRO at Jyske Realkredit in line with regulatory requirements. This CRO has a split reference to both the group CRO and the Director of Jyske Realkredit.

The organizational structure of the Group, in which the Risk unit is separated from the risktaking units in first line, ensures the Risk unit is independent of business-oriented activities and decisions.

Day-to-day management of credit risk is undertaken by relationship managers in first line as well as the Credit Unit under the framework of credit policies and credit instructions.

Jyske Bank has three main business areas that manage market risk. Group Treasury manages strategic market risk, and investments are in general based on a long-term view of the financial markets. Jyske Markets and Jyske Realkredit manage short-term market risk as part of the servicing of clients' trades in financial instruments and the mortgage business.

Similarly, Group Treasury manages the strategic liquidity risks, and Jyske Markets and Jyske

Realkredit manage the short-term operational liquidity risk.

Risk management of the specific risk types is more thoroughly described in the chapters covering individual risks.

Several committees consider and process riskrelated issues The Group Audit Committee oversees whether the Group's internal management and risk management systems operate effectively. These tasks are carried out

through written and oral reporting to the committee and the committee's consideration of relevant internal and external audit reports.

The Group Risk Committee carries out the preliminary consideration of risk-related issues before the final consideration by the Group Supervisory Board. At quarterly meetings and in

case of special circumstances, subjects concerning the following are discussed:

the Group's risk profile and the implementation hereof in the organisation.
the Group's capital base as well as capital requirements.
capital and liquidity buffers with related contingency plans including the Group's recovery plan.
material changes of the model set-up for risk management as well as re-estimation and validation of models.
internal procedures for risk measurement and management.
assessment of material products earnings and risk profiles.
new legislation relating to capital structure or risk management.
assessment of new products and services with substantial risk for the Group or clients.
topics of strategic relevance for the Group's overall risk management.
assessment of risks of external and internal nature.

The main task of the Group Treasury Committee is to ensure that the Group's actual market-risk profile is in line with the intended risk profile and the assessment of market expectations.

The Group's liquidity risk profile, balance sheet development, and financial structure are assessed by the Group Balance Sheet Committee, which at its quarterly meetings ensures a

continuously adequate liquidity risk profile and balance sheet structure according to the general guidelines.

Risk reporting

The Group Supervisory Board and the Group Executive Board receive regular reports on the risk development and the utilisation of the allocated risk limits and can therefore monitor whether the risk limits are adhered to and evaluate their appropriateness.

The Risk unit continuously focuses on providing relevant and timely analyses to provide a foundation for the most qualified decision-making of the management. This includes analyses of both internal and external conditions that might influence the risk assessment of the group. Hence, the identification and analyses of all material risks should be communicated and handled accordingly.

Risk reporting is submitted to the Group Supervisory Board, the Group Executive Board, the Group Supervisory Board Committees, and relevant business areas, depending on the relevance of the contents of the reports.

Moreover, risk reporting is prepared for the supervisory boards and executive boards of the individual subsidiaries.

The following table provides an overview of the group-wise risk reporting to the Group Executive Board and the Group Supervisory Board.

REPORTING TO THE GROUP SUPERVISORY BOARD AND THE GROUP EXECUTIVE BOARD

	REPORT	FREQUENCY	RECIPIENT	CONTENTS
OF RISK CTURE ALL PI VER O	ICAAP report	Annually	Group Supervisory Board, Group Executive Board	A description of the Group's statement of the capital requirements. It includes a description of the methodological approach to estimating capital requirements and future implications of the capital structure based on sensitivity anal yses and projections under stress scenarios.
	Group capital require ment statement	Quarterly	Group Supervisory Board, Group Executive Board	A statement of the Group's capital requirement for pillar I, II, and additional capital buffers. It includes a description of developments in risk exposures.
	Group risk report	Quarterly	Group Supervisory Board, Group Executive Board	A detailed description of the development in the Group's risk along with a status of established risk targets and recov ery indicators. It includes capital projections encompassing all risks in different scenarios, the credit quality of the portfolios, overall market risk exposure, balance sheet development and the development in the largest non-financial risks and realised operational losses.
	Financial and risk report ing	Quarterly	Group Supervisory Board, Group Executive Board	Reports on the development of the business units' risk-adjusted results, etc.
	Group balance sheet and liquidity report	Quarterly	Group Executive Board	A description of the development of the Group's balance sheet, capital risk profile, liquidity and funding structure and funding requirements as well as an overview of supervisory diamond, leverage ratio, etc.
ARKET RISK M	Market risk report	Monthly	Group Executive Board	A description of the Group's overall market risk exposure based on the authority granted for both the Group, Group Treasury, Jyske Markets, and Jyske Realkredit. It includes a description of liquidity positions that exceed the author ised limits as well as changes in authority granted.
	Balance sheet, liquidity, and funding profile	Monthly	Group Executive Board	Balance sheet development including changes in deposits and lending components; funding structure, refinancing risk, and liquidity reserves relative to run-off profile. Access to- and pricing of capital markets funding is also reported.
TY DI RISK QUI LI	ILAAP report	Annually	Group Supervisory Board, Group Executive Board	An assessment of the Group's funding and liquidity adequacy profile focusing on the Group's liquidity status, manage rial initiatives throughout the year as well as the development of important key figures.

Internal risk management

In the Group's internal risk management, riskadjusted target returns are used in the form of RoRC (Return on Regulatory Capital) as a general management tool. RoRC calculations offer an overview of the risk and profitability of the various activities of the Group. RoRC calculations are based on the current valid regulatory capital requirements (CRR2), and the development in the general credit quality of the portfolio, concentration risk, and other capital elements are included in the assessment.

RoRC forms an integral part of the reporting to the management of the business units, who

determine activities for follow-up and any initiatives to manage risk within the risk appetite stated by the Supervisory Board.

RoRC is also applied at client and product level to measure results, assess profitability, and determine prices of new loans. RoRC calculations and the facilities for pricing are made available in profitability systems where employees and managers have access to current profitability calculations at various levels. Hence, RoRC is also key for determining who in the organisation has the price-authority and the price-approval is made in the profitability system. The profitability systems allow for expenses,

THE SUPERVISORY DIAMOND

JYSKE BANK A/S
	Limit	2023	2022
Sum of large exposures	<175%	104.2%	116.1%
Increase in loans and advances (p.a.)	<20%	-2.9%	50.7%
Exposures to property- administration and transactions	<25%	10.9%	11.6%
Liquidity surplus	>100%	142.0%	142.7%
JYSKE REALKREDIT A/S
Concentration risk	<100%	45.6%	47.8%
Increase in loans and advances (segments p.a.)
Owner occupied homes and vacation houses	<15%	-1,5%	-5.1%
Residential rental properties	<15%	7.4%	6.5%
Other	<15%	6.6%	6.6%
Borrowers interest rate risk	<25%	18.5%	16.0%
Interest-only schemes	<10%	4.3%	4.5%
Loans with frequent interest-rate fixing
Refinancing annually	<25%	18.6%	14.1%
Refinancing quarterly	<12.5%	4.9%	1.6%

including expenses relating to the funding of the loans and other types of income.

The profitability systems consider the composition of the Group's credit portfolio through a concentration risk calculation based on methods developed by the Basel Committee for Banking Supervision, which means that concentration effects and diversification effects are reflected directly in the profitability calculations of new and existing loans. If loans, for instance, are granted to clients in sectors, which are highly correlated with the market or where the portfolio already contains large exposures, this will result in higher capital requirements and therefore lower profitability.

Supervisory diamond

The Danish FSA has defined a supervisory diamond focusing on specific risk areas and limits which institutions should not exceed. The purpose is to balance the ability of institutions to provide the necessary funding without taking excessive risk. The supervisory diamond is defined for bank and mortgage separately and the results for Jyske Bank A/S and Jyske Realkredit A/S are shown in the following tables.

As of end 2023 the Group complied with all guidelines in the two diamonds. Looking ahead the annual refinancing in Jyske Realkredit is expected to increase gradually. To counter this tendency Jyske Realkredit will continue to fund

loans with frequent interestrate resets with long term funding, amongst otherinitiatives.

Remuneration

The purpose of the remuneration policy is to:

Reward value-creating, competent, and responsible conduct.
Support productivity and job satisfaction.
Promote sound and efficient risk management in line with business strategy, internal targets, and core value.
Prevent conflicts ofinterest and strengthen the liability to act in the best interest of the clients.
Ensure equal pay for equal work.

The policy applies to all companies in the Group. Jyske Bank has opted out of using direct bonus schemes with variable salaries. The Group's remuneration policy and latest remuneration reports are available at investor.jyskebank.com/investorrelations/governance.

Disclosure

The report on risk and capital management serves as the Group's main document for

disclosure of the information required in CRR1. In addition to the report, a number of tables on investor.jyskebank.com/investorrelations/cap italstructure provide further details to comply with transparency requirements from the CRR and the EBA guidelines on disclosure requirements under Part Eight of Regulation (EU) No 575/2013. The Group assesses the need for more frequent disclosure on an ongoing basis.

¹ CRR: The Capital requirements regulation is an EU regulation that lays down the rules for capital requirements of credit institutions.

During 2023, Jyske Bank has demonstrated a very strong consolidationwith low write downs and losses.

This has resulted in a very strong capital base where Jyske Bank has been within the capital targetrange shortly after the acquisition of Handelsbanken Denmark.

In 2024 the Danish authorities will implement a systemic capital buffer of 7% of the exposure on commercial real estate. Additionally, the year 2024 is the last year before implementation of CRR III/CRD VI regulation.

Based on the fiscal year 2023, Jyske Bank has paid a dividend of DKK 500m in December and proposed another DKK 500m dividend for the annual general meeting in March.

Jyske Bank has in beginning of 2024 demonstrated a strong position in the financial market where Tier II and AT1 capital of EUR 800 bn. in total has been issued successfully.

Capital Management

The objective of capital management is to optimise the Group's capital structure considering the risk profile. Jyske Bank has a capital-management objective of retaining a capital ratio within the range of 20-22% and a common equity tier 1 capital ratio between 15-17%. The desired capital objectives ensure that Jyske Bank can absorb the effects of forthcoming legislative changes and at the same time maintain the desired strategic capital buffer. As of end-2023, the Group's common equity tier 1 capital ratio amounted to 16.9% of REA and a total capital ratio of 21%. Hence, after the acquisition of Handelsbanken Denmark late 2022, the Group has demonstrated strong consolidation and is now well within the target range.

S&P's RAC (Risk-adjusted capital) for Jyske Bank Group has been substantially above the critical 10% mark since the change of the Economic Risk Score for Denmark in mid-2019. The acquisition of Handelsbanken Denmark only put a moderate pressure on RAC that ended at 11.6% 2022, with an envisioned improvement since. Forecast points to continued RAC-numbers well above S&P's threshold. Therefore, RAC is not expected to be

restricting the capital management, as the score "Strong" in Capital & Earnings is well preserved.

Capital base

At end-2023, the Common Equity Tier 1 capital amounted to 80% of the capital base, which has increased during the year after the acquisition og Handelsbanken Denmark. The level of Common Equity Tier 1 capital is comfortable relative to the CET1 requirements and well within the Group's capital objective. Also the total capital ratio is with the target range which

CAPITAL BASE
DKKm	2023	2022
Equity	42,573	37,323
Intangible assets	-3,395	-3,328
Cautious valuation	-292	-271
Share-buyback programme/divi dends	-500	-0
Other deductions	-347	-168
Common Equity Tier 1 capital	38,039	33,556
Additional Tier 1 capital	3,257	3,272
Tier 1 capital	41,296	36,828
Tier 2 capital	6,112	6,178
Capital base	47,408	43,006
Risk Exposure Amount	225,521	220,922

is set to have the necessary bolstering towards future requirements and regulation.

The capital base and underlying components are stated in the foregoing table.

The capital structure is evaluated regularly to maintain an adequate structure in all the Groups' subsidiaries. Situations may arise necessitating a transfer of capital between the companies of the Group. However, the transfer of capital must take place subject to the capital requirements of the individual subsidiaries. There are no obstacles for a quick repayment of claims between parent company and subsidiaries.

Leverage ratio

The leverage ratio is a non-risk sensitive measure for the maximum extent of the balancesheet leverage and is calculated as Tier 1 capital relative to the Group's total non-weighted exposures. A leverage ratio of minimum 3% constitutes the binding leverage ratio requirement as prescribed by EBA (European Banking Authority).

The Group Supervisory Board has adopted a policy for maximum leverage. To ensure a satisfactory development of the balance sheet, the Group's balance sheet is considered in two sub-portfolios as it is assessed that the Group's banking and mortgage activities have

different adequate leverage levels. The banking activities of the Group involve a higher risk in respect to liquidity and capital relative to the Group's mortgage activities. Therefore, a higher acceptable leverage is applied to the mortgage activities than to the banking activities.

At end-2023, the leverage ratio for the Group was at 5.0%2.

Leverage ratio for Jyske Bank Group (%)

ICAAP and capital requirement

Jyske Bank's ICAAP (Internal Capital Adequacy Assessment Process) forms the basis of the assessment of the Group's capital structure and hence the determination of the Group's capital requirement. The assessment is based on the current relationship between the Group's risk profile and capital structure as well as forward-looking considerations that may affect this. Stress tests are used to expose the

bank's robustness to micro- and macroeconomic factors.

Capital requirement

Jyske Bank applies an 8+ setup when determining the capital requirement. Throughout the ICAAP, analyses are carried out for each risk type, addressing qualitative as well as quantitative elements with regards to ongoing quality assurance, including evaluation of model assumptions and monitoring. The analyses cover relevant risk factors within each risk type in accordance with current legislation.

The capital requirement consists of the pillar I regulatory requirement of 8% of the total risk exposure amount. Additionally, the pillar II requirement defines the bank specific risks which are not covered by pillar I. Thus, it expresses Jyske Bank's own assessment of the capital requirement based on the risk profile of the Group and reflections concerning the Group's own data, experience, and management.

In 2008, Jyske Bank was approved to apply the advanced internal rating-based approach (AIRB) to measure credit risk. The approval extends to the application of advanced methods for the calculation of the capital requirement for the majority ofthe Group's credit portfolio.

The capital requirements for market risk and operational risk are calculated according to the

² The leverage ratio is specified in further detail in the disclosure for Jyske Bank Group 2023 according to the requirements as per the CRR at investor.jyskebank.com/investorrelations/capitalstructure.

standardised approaches. The development of the capital requirements for credit risk, market risk and operational risk is outlined in the table below and is further described in the chapters covering the individual risk types.

Capital requirements by risk type
		2023	% of REA	2022	% of REA
	Credit risk	15,829	7.0	15,630	7.1
	Market risk	786	0.3	670	0.3
Pillar 1	Operational risk	1,426	0.6	1,373	0.6
	Total	18,042	8.0	17,674	8.0
	Credit risk	3,811	1.7	3,241	1.5
	Market risk	2,941	1.3	2,361	1.1
Pillar 2	Operational risk	536	0.2	291	0.1
	Other	31	0.0	225	0.1
	Total	6,118	3.2	6,118	2.8
	Total capital requirement	25,360		11.2 23,792	10.8

The higher total capital requirement, in nominal values, is attributable to both the increase in the total risk exposure amount and the underlying pillar II increases. The pillar II capital requirements have increased in respect to credit, market and operational risk.

Capital Buffers

Jyske Bank constitutes a systemically important financial institution (O-SII).

Consequently, the Group will be subject to an additional capital buffer requirement of 1.5%. Moreover, the Group is subject to a capital conservation buffer of 2.5%.

The Danish countercyclical buffer currently amounts to 2.5% which is the maximum. Jyske Bank is also subject to countercyclical buffers in countries outside of Denmark whereverthe Group has exposures. Due to Jyske Bank's low level of foreign exposures, the contribution to the countercyclical buffer from foreign countries is, however, rather limited. A detailed overview of the foreign exposures is reported in Disclosure Jyske Bank Group in table CCyB1 (xlsx)3.

The Pillar I and II requirements in addition to the SIFI and the combined buffer requirements, form the total expected capital requirement of the Group as of end-2023.

TOTAL CAPITAL REQUIREMENTS (%)
	TCR	CET1
Pillar 1	8.0	4.5
Pillar 2	3.2	1.8
Systemic risk buffer	1.5	1.5
Capital conservation buffer	2.5	2.5
Countercyclical buffer	2.4	2.4
Total	17.7	12.8
Capital ratios	21.0	16.9

Group recovery plan

The recovery and resolution of credit institutions and investment firms' directive (BRRD) requires financial institutions to develop recovery plans. In the unlikely event that the Group suffers from serious financial stress, the recovery plan serves a useful resource. The Jyske Bank Group is composed and organised to facilitate the preservation of the Group's critical business processes given significant financial stress.

The recovery plan contains multiple potential recovery option with distinct individual features, prerequisites, and effects. These options have been tested under different stress scenarios to evaluate their ability in ensuring the Group's recovery from various circumstances.

The recovery options can be divided into three different types:

Recovery options aiming to improve the capital ratio of the Group.
Recovery options aiming to improve the liquidity of the Group.
Recovery options aiming to improve the Group's profitability by reducing the cost base, either through disposal or cost reductions.

The recovery plan includes recovery indicators that monitor the development in capital, liquidity, profitability, and asset quality of the Group

³ See jyskebank.dk/ir/rating

as well as relevant macro-economic and market-based indicators. The indicators serve as potential warnings to allow early identification of an adverse development. The recovery indicators are divided into two primary groups; indicators of observational character and indicators necessitating actions when breached. As an integrated part of the risk management of the Group, the indicators are monitored and reported quarterly to the Group Supervisory Board, the Group Executive Board, and the Group Risk Committee, which will consider and act upon adverse developments.

The recovery plan contains a detailed mapping of business lines, economic functions, and services within the Jyske Bank Group, enabling the Danish FSA to obtain a complete picture of all the significant activities within the Jyske Bank Group.

Stress test

Stress testing constitutes a decisive element of Jyske Bank's approach of projecting the capital base and relevant capital requirements. Moreover, stress tests are suitable to assess the Group's capital-management objective from a forward-looking perspective where future legislation is also considered.

Stress testing is used for a variety of purposes. In general, stress testing can be characterised as an extensive scenario-based analysis of the impact on the Group of cyclical and legislative changes. The stress testing setup also allows

for various sensitivity analyses. Furthermore, reverse stress testing is carried out to test the Group's capacity for loss and produce an understanding of the severeness of developments needed to challenge the survival of the Group in its current composition.

An objective of the stress test analyses is to evaluatewhether the future risk level of a certain scenario can be covered by excess capital, given the Group's earnings, capital policy and management objective as well as its risk profile. The results of the stress test also provide information that allows for evaluation of the sufficiency of the capital level and quality. Thus, providing valuable information as to whether an effectuation of the Group's recovery plan is necessary. Expected consequences of future regulation are also included in the stress test analyses.

Scenarios

The stress test analyses rest on various macroeconomic scenarios. As a standard, a scenario of the expected development as well a stress scenario used for long term capital planning is analysed every quarter. In addition, the Group's setup includes an alternative stress scenario in which demand decreases. This scenario enables central banks to implement expansionary economic policies, leading to a more rapid decline in interest rates.

When defining stress scenarios, special considerations are given to areas where the Group or

its subsidiaries are particularly exposed or have exposure deemed to be of high risk and importance for the Group. This is to ensure that the business model of Jyske Bank is tested under different and severe macroeconomic conditions.

Base Scenario

•The Base scenario describes the most likely scenario for the Danish economy. The projections are made by Jyske Bank's macroeconomic experts, based on the current state of the economy. In the current base scenario, the Danish economy is expected to enter a period of relatively low growth. Nonetheless, this development is an improvement compared to the current development, which is caracterized as a tehnical recession. Inflation is expected to stabilize and interest rates are expected to drop accordingly. Housing prices are expected to increase slightly.

Stress Scenario

•The stress scenario illustrates a situation, where both domestic and international demand is decreased significantly. Moreover, supply of goods, services and labor is confined. Hence, inflation is more persistent than expected, and consequently expansionary monetary policy is delayed and reduced in magnitude . The lower demand and recession results in a significant increase of unemployment. The housing market will suffer and substantial price reductions occurs. The scenario can be characterized as a severe recession and is considered highly unlikely but not unimaginable.

•The alternative macroeconomic stress scenario implies a decreasing demand and a rapidly developing economic downturn. Contrary to the other stress scenario the inflationary enviroment of the scenario allows central banks for more expanionary economic policies. Consequently, the interest rates are lowered significantly, which reduces the economic consequences. Nonetheless, the stress scenario remains harsh and reduces the economic activity substiantially. Housing prices are also affected by the economic downturn, but the effects are mitigated by the decrease in interest rates.

Alternative Stress Scenario

Processes and models

The scenarios play a key role in the projection of the consolidated profit, balance sheet, liquidity, and capital structure. The scenario projections are based on model-based calculations combined with expert assessments. This interaction is necessary as the model-based approach builds on historical data. Hence, the results are to be interpreted considering Jyske Bank's current business structure and risk profile. The scenario projections offer a broader overview of the Group's sensitivity to the economic development.

Reverse stress testing is applied as an important supplement in order to put the regular stress tests into perspective. Reverse stress testing enables a more in-depth understanding of the current and potential vulnerabilities of the Group, as well as circumstances under which the Group's business model would become unviable.

Processing of results

The effect from the stress scenario results in deterioration of the earnings capacity and a higher level of risk-weighted assets. Both these elements reduce the

capital buffer compared to the expected scenario.

Despite the large impairments under the stress scenarios, the outcome of the analyses of the stress scenarios shows that both the capital base and the capital ratio will remain at a satisfactory level. The effects from the scenarios on the minimum requirement for own funds and eligible liabilities (MREL), the legal requirement for covered bonds (SDO-requirement) as well as the over-collateralisation requirement are also included in the results of the stress tests. The projections of these aspects uniformly display acceptable results.

External stress tests

Stress testing financial institutions is becoming an increasingly important aspect of both national and international authorities' efforts to ensure integrity of the financial markets and stability of the financial system.

The Group participates in external stress testing exercises facilitated by the Danish FSA as well as by the EBA. The Danish FSA conducts annual macroeconomic stress testing exercises, which is an important element into the capital planning of Jyske Bank. Additionally, the comprehensive EBA stress testing exercise is

conducted at every second year, where the last time was in 2023.

MREL

The current minimum requirements for own funds and eligible liabilities (MREL) are set equal to the double of the current capital requirements (the countercyclical buffer only counts once) for the banking business of the Group but with a different treatment of the mortgage assets within the Group.

Mortgage-credit institutions are exempt from the MREL requirement. Instead, they must maintain a debt buffer of 2% of the total nonweighted loans. Jyske Realkredit complies with the debt-buffer requirement based primarily on its high capitalisation supplemented by a smaller issue ofNPS debt.

The MREL requirement is the higher of

MREL for banking activities + capital and debt buffer requirement in the mortgage bank.
8% of total liabilities and own funds (TLOF).

The MREL requirement should primarily be fulfilled with senior non-preferred debt (NPS). The implementation of BRRD II allows for 4% of senior debt (equal to the size of the combined buffer requirement) to continue to count as eligible liabilities and fulfil the MREL requirement. Jyske Bank fulfils the MREL requirement by end

2023 and has done so since the introduction of the requirement with a substantial margin4.

Future legislation

As an important and integrated element of the capital planning of the group, the expected effects from future legislation is included in the projections. Currently, Jyske Bank is working to implement models aligned with the EBA guidelines under the "IRB repair programme" and is at the same time reconsidering its entire model landscape in order to make it more cost effective. Jyske Bank has, however, already implemented significant increases in pillar I in 2022 to ensure that effects of implementing new models are already contained in the capital requirements.

Below is a short description of the regulatory changes expected to affect Jyske Bank notably overthe coming years.

The 6th edition of the Capital Requirements Directive (CRD VI) and the 3rd edition of the Capital Requirements Regulation (CRR3) has been finalized and is only waiting for final approval in the European Parliament and contains most importantly the new European rules which implements the Finalisations of Basel III recommendations in Europe. The general purpose of CRR was to strengthen the capital structure of the European financial institutions and to ensure a level playing field. With the

⁴ For more information on the Group's MREL requirement, MREL position, and issued MREL bonds, please see the link, which is updated on a quarterly basis: Information for Debt Investors (jyskebank.com)

implementation of CRR3 the playing field will become more even because the new rules contains a number of floors which will restrict how low risk weights can be. The new rules take effect on 1. January 2025. But in order to ease the implementation, transitional arrangements are introduced, and a few remaining uncertainties are expected to be resolved in 2024, e.g. through the Q&A process from EBA. This implementation will entail significant changes in the calculation of capital requirements for many banks In Europe – including Jyske Bank. Jyske Bank is therefore working with its supplier of capital requirements calculation software in order to ensure that the software is ready by 2025.

Overall, the phasing-in of Basel IV/CRR III/CRD VI from 2025 to 2032 will most likely result in increasing REA under pillar 1, reducing the CET1 ratio of up to 1.5pp. Presumably, however, this effect willto some extent be offset by decreasing pillar II risk. These counteracting effects are both included in the capital planning of the Group.

Business Model Risk Management Capital Management Credit Risk Counterpart Credit Risk Market Risk Liquidity Risk Operational Risk ESG Risk Management declaration

During 2023, the credit risk observed in individual customers and in the portfolio, in general, have been stable. The risk in the credit portfolio is only marginally affected by the higher consumer and production prices. At the same time, the market development in the pricing of properties also shows a stable development, although the volume of transactions has been decreasing throughout the year.

On the other hand, the general economic outline with expected high interest rates and the geopolitical circumstances, have affected the overall credit risk processes and assessment in 2023. The increased credit risk is intensively monitored, and the impairment levels have been adjusted accordingly.

The risk weighted assets have increased over the year (DKK +2.9bn) primarily because of increased exposure levels in Jyske Realkredit related to interest rate sensitive exposures (mortgage loans with fixed interest coupons). But also because of increased lending to large corporate customers.

Credit Risk

Credit risk is by far the largest risk category. It is managed through Jyske Bank's credit policy with the objective to keep group risk at an acceptable level in relation to the capital base and business volume of the Group, given the general trend in the Danish economy. Client transactions with the Group must generate a satisfactory long-term return according to RoRC principles.

Specific credit policies are formulated for all areas in which the Group assumes credit risk, and credit-risk levels and desirable types of business have been identified. The policies are regularly adjusted to meet current requirements and adapted to the management tools available to relationship managers and the monitoring functions.

Credit risk is managed based on individual credit assessments and the Group's credit-risk models. Credit models are used for various purposes, for instance in connection with the advisory services and pricing offered to the Group's clients, in the Group's risk

management processes/risk assessment and in management reporting.

Limits and authorisation

Jyske Bank attaches great importance to its decentralised credit-authorisation process. The limit structure is in line with the following hierarchy where, for each level, it is clearly stated which amounts, instances and segments are covered by the limit. The main principle is that regularly occurring credit cases can be authorised locally whereas credit-related decisions for major or more complicated cases are authorised centrally.

Limits are delegated to relationship managers individually. Decisions about applications over and above the limits delegated to relationship managers are made by the Credit Unit. Creditrelated decisions above the limits of the Credit Unit are made by the Group Executive Board for credit cases at Jyske Bank A/S, whereas the supervisory boards of the individual subsidiaries authorise cases involving clients of the subsidiaries. Credit-related decisions above the limits of the Group Executive Board are made by the Group Supervisory Board.

The Group Executive Board is represented on the supervisory boards of the subsidiaries.

The granting procedures for mortgage credits concerning retail are outsourced from Jyske Realkredit to Jyske Bank.

The credit process and monitoring

Together with policies and business procedures, the credit processes form the basis ensuring that the granting of credit is based on sound risk taking and prudent loss minimisation.

The basis of each authorisation of credit is the client's ability to repay the loan. A central element in the assessment of the creditworthiness of corporate clients is their ability to service debt out of cash flows from operations in combination with their financial strength. In respect of personal clients, their debt servicing ability, as reflected in budgets and disposable income, is decisive.

The extent of data and analyses depends on the client's financial situation and the complexity of the matter and may therefore vary from case to case.

The provision of collateral is a material element in credit granting in order to minimise the Group's future losses.

Monitoring of the credit-risk positions of the Group is carried out by Risk Management, which is separated from client-oriented functions and is independent of core business processes.

Large exposures

Large exposures are monitored on a regular basis in accordance with CRR, including

exposures larger than 10% of the Group's capital base. At end-2023, three exposures exceeded 10% of tier 1 capital. Four exposures amounted to between 5% and 7.5% of tier 1 capital, and two exposures were between 7.5% and 10% of tier 1 capital.

Risk Models

The Group applies the advanced approach to calculate the own funds requirement forthe majority of the Group's credit portfolio. The Group makes exceptions for exposures to governments and public-sector entities, central banks and institutions, which are consequently processed according to the standardised approach.

In the credit modelling, key parameters are the client's probability of default as well as the extent of the client's exposure and collateral provided at the time of default.

The credit-risk models are currently being redeveloped to secure compliance with the current regulatory requirements, first and foremost the "IRB Repair Programme" launched by EBA.

Credit assessment and PD

Credit procedures are adjusted to match the level of risk on individual exposures. The key element is the client's credit quality, referred to as credit rating, as this expresses the probability of the client defaulting during the coming year (PD). Default occurs when an obligor is

considered unlikely to meet his obligations to the Group. Most clients are awarded a PD based on statistical credit-scoring models developed internally in the Group. Very large enterprises and enterprises within special sectors are, however, awarded a PD based on an assessment by an independent expert. Examples are investment companies and educational institutions. In some cases, external ratings, if available, will primarily form the basis of the internal credit rating of the client.

Many factors are relevant for the calculation of a client's PD. Specific factors relating to the client are considered, but factors relating to the situation of the client are also considered. The calculation of PD therefore takes into account financial data, changes in transaction data, management and market circumstances, industrial assessments, questionnaires, expert assessments, and any other essential elements. Also included are specific warning signals in relation to the client's credit quality, payment profile and loss history.

In order to reach the best possible overview of client-credit quality, PD is mapped into internal creditratings at Jyske Bank. Jyske Bank's credit ratings are on a scale from 1 to 14, 1 being the highest credit quality (the lowest PD) and 14 the lowest credit quality (the highest PD). The scale is constant over time so that clients migrate up or down depending on their PD. PD levels relative to the actual development of the default rate are monitored quarterly. Necessary adjustments are made partially relative to the long-term average.

At Jyske Realkredit, the PD is translated into 9 rating classes, where rating class 9 designates clients in default. Work is undergoing to harmonise credit-rating models and rating classes in the Group. The subsequent table shows the mapping between credit ratings, PD and external ratings at end-2023.

The Group's internal credit ratings and the mapped Jyske Realkredit credit ratings aim to assess the credit risk in a one-year perspective, while external ratings (Aaa - C) aim to assess the credit risk in a longer perspective. The mapping between the internal credit ratings, Jyske Realkredit credit ratings and the external credit ratings is based on the currently observed rated by Jyske Realkredit and Moody's. The mapping between Jyske Bank credit rating, Jyske Realkredit credit rating, and external credit rating is therefore dynamic. Observations are made on at least a quarterly basis to determine the adequacy of the mapping.

If the credit rating calculated by the model is inadequate, independent credit experts may review the credit rating of corporate clients at the request of the relevant relationship manager.

Credit exposure

Credit exposures are quantified by means of Exposure at Default (EAD). EAD reflects the exposure at default in the event of the client

defaulting in the next twelve months. A client's overall EAD depends on client-specific factors and the specific products held by the client. For most product types, EAD is calculated based

INTERNAL RATINGS AND PD BAND
JB Credit rating	JR Credit rating	PD band (%)	External rating equivalence
1		0.00 - 0.10	Aaa-A3
2	1	0.10 - 0.15	Baa1
3		0.15 - 0.22	Baa2
4		0.22 - 0.33	Baa3
5	2	0.33 - 0.48	Ba1
6		0.48 - 0.70	Ba2
7	3	0.70 - 1.02	Ba3
8		1.02 - 1.48	B1
9	4	1.48 - 2.15
10	5	2.15 - 3.13	B2
11		3.13 - 4.59	B3
12	6	4.59 - 6.79	Caa1
13		6.79 - 10.21	Caa2
14	7 and 8	10.21 - 25.0	Caa3- C

Note: Jyske Realkredit's rating class 8 includes PDs above 25%.

on statistical models while a few product types are based on standard methods.

For loans with a fixed principal, the only element of uncertainty is the time until possible default. Uncertainty is higher, however, for credit facilities. In those cases, the amount drawn by the client at the time of loss is decisive. This can be modelled by means of client-specific factors and the circumstances surrounding the exposure.

Guarantees and credit commitments are special products as a certain event must take place before they are utilized. The Group has recorded very few default events over time, so the available data are too meagre for statistical modelling, therefore the Group uses standard EAD parameters.

In respect of financial instruments, EAD is measured according to the Standardized Approach for Counterparty Credit Risk (SA-CCR).

Collateral

With the objective of limiting credit risk, the need to demand collateral will be considered for each exposure on its merits. As a main rule, clients are required to provide full or partial collateral for their exposures. The Group's mortgage loans are always secured by mortgages on immovable property, and in several cases, guarantees are provided by third parties in connection with cooperation with other financial institutions. In connection with loans for social

housing, guarantees are provided by municipalities and the government.

Collateral received is a main element of the Group's assessment of Loss Given Default (LGD). LGD is the part of the Group's total exposure to a client which the Group expects to lose in the event of the client defaulting within the next twelve months. A client's LGD depends on specific factors concerning the client, but also on the commitment and the collateral provided. Overall, LGD also depends on Jyske Bank's ability to collect receivables and liquidate collateral.

The models relating to real property and vehicles include ongoing updating of the collateral value, considering, among otherthings, market-related changes in value, ranking of the loan, and wear and tear. The ongoing updating of the values of real property will also ensure compliance with the requirements relating to the monitoring of LTV limits of the covered bonds according to the rules on possible, further supplementary capital.

In the calculation of the own funds requirement, LGD estimates are used which reflect the expected loss rates of the Group in the event of an economic downturn. The levels of loss have been calibrated to the period at the

end of the 1980s and the beginning of the 1990s.

Overall development in exposures and REA

The Group's risk weighted exposure amount (REA) for credit risk increased 1% during 2023, while exposures increased 2%. Overall,the development in the exposure level can be associated to several factors:

Splitting the acquired portfolio from Handelsbanken Denmark in customers for which Jyske Banks existing AIRB models can be used when calculating the regulatory capital requirement and those awaiting the approval from the Danish FSA to use those models5.
The latter customer group decreased primarily because of the split but also because of overall decreased exposure levels for customers in the acquired portfolio from Handelsbanken Denmark.
The customers from Handelsbanken Denmark that were known in Jyske Bank already have in isolation generated increased exposures in the existing Jyske Bank portfolio.
Increased exposure levels in Jyske Realkredit related to interest rate sensitive

exposures (mortgage loans with fixed interest coupons).

• A general increase in lending to large corporate customers over the year.

The following tables and associated assessments show the breakdown of exposures and risk-weighted exposure amount according to the standardised approach and the AIRB approach.

The contribution from Handelsbanken Denmark, for non-credit processed customers (= not known in Jyske Bank already), will be displayed separately to facilitate a more transparent overview of the development of the existing portfolio in 2023.

⁵ The distinction between the two customer groups of the original Handelsbanken Denmark portfolio is based on whether the customers have been credit processed in Jyske Bank and those that are not known already. For the remainder of this section about REA development "of which from Handelsbanken Denmark" is referring to the later customer group (not known in Jyske Bank already).

EAD AND RISK-WEIGHTED EXPOSURE FOR CREDIT RISK

DKKm	2023		2022		Change
	EaD	REA	EaD	REA	EaD	REA
Jyske Bank Group - Standard approach	189,277	13,364	177,072	12,426	7%	8%
- of which from Handelsbanken Denmark			7,123	361
Jyske Bank Group - AIRB approach	630,310	183,266	625,270	181,326	1%	1%
- of which from Handelsbanken Denmark	52,217	15,812	63,783	20,390
- of which non-compliance reservation for AIRB-models		13,245		13,632
Total	819,587	196,630	802,341	193,752	2%	1%

Development for standardised approach

For the standardised approach, the risk weighted exposure increased by 8% in 2023. This increase was primarily the result of an amended placing of "deferred tax assets" with regards to exposure classes following EBA guidelines: Moved from "Other non-credit obligation assets" displayed as part of the AIRB method to "Central governments/central banks" on the standardised method. The risk weighted asset amount itself for "deferred tax assets" have decreased with DKK 1.4bn over the year.

The Group's average risk weight on the standardised approach increased marginally from 7.0% to 7.1% in 2023.

Breakdown of development for AIRB approach

Exposures treated on the AIRB approach increased by DKK 5.0bn during 2023, while REA increased by DKK 1.9bn.

The underlying developments of AIRB-treated exposures are described below.

Decreased interest rates over the year have led to an increase in the exposure level for interest-sensitive Mortgage loans in Jyske Realkredit. As a result, the risk weighted exposure amount increase subsequently.
Updated income statements for corporate customers have caused reclassification of

several customers from the CORP-SME to CORP-Other exposure class over the year.

The overall exposure level related to repo transactions have been basically unchanged over the year, but that cover for two opposite movements for the CORP-SME (DKK -8.2bn) and the CORP-Other (DKK +8.0bn) exposure classes. The risk-weighted exposure amount did not change significantly because of the high collateralisation level of repo exposures.
A general increase in lending to large corporate customers over the year have in isolation

generated increased exposure levels in the CORP-Other exposure class.

The acquired portfolio from Handelsbanken Denmark have been split into customers for which Jyske Banks existing AIRB models can be used when calculating the regulatory capital requirement and those awaiting the approval from the Danish FSA to use those models. The latter is displayed in the overall numbers for the Jyske Bank Group with regards to risk weighted assets for credit risk even though the portfolio

BREAKDOWN OF EXPOSURE CLASSES ACCORDING TO THE STANDARDISED APPROACH
DKKm	EaD 2023	REA 2023	EaD 2022	REA 2022
Central governments or central banks	79,127	1,610	58,658	2
Regional governments or local authorities	20,536	56	19,728	-
Public sector entities	412	73	58	3
Multilateral development banks	16,215	-	13,724	-
International organisations	-	-	-	-
Institutions	14,913	1,836	15,889	2,543
Corporates	1,544	1,467	961	912
Retail	550	244	466	168
Secured by mortgages on immovable property	519	175	425	139
In default	1,032	579	1,148	660
Exposures associated with particularly high risk	0	0	126	189
Institutions with a short-term credit assessment	-	-	-	-
Covered bonds	52,793	5,279	57,215	5,721
Equity	1,635	2,046	1,551	1,728
Other	-	-	-	-
	189,277	13,364	169,949	12,065
Handelsbanken's STD method treated portfolio	-	-	7,123	361
Total	189,277	13,364	177,072	12,426

is handled separately from the existing portfolio in accordance with agreement with Finanstilsynet. The exposure related to these customers decrease over the year primarily because of the split but also because of overall decreased exposure levels for customers in the acquired portfolio from Handelsbanken Denmark. The customers from Handelsbanken that were known in Jyske Bank already have in isolation generated increased exposures in the existing Jyske Bank portfolio.

The distinction between the two customer groups of the original Handelsbanken Denmark portfolio is based on whether the customers have been credit processed in Jyske Bank and those that are not known already.

Another major factor in the overall REA is the capital reservation related to the non- compliance with new requirements for the Advanced Internal Rating Based modelling approach used in the capital calculations in the Jyske Bank Group. This reservation is associated to the credit risk calculations, which is why it's included in the overall numbers with regards to REA for credit risk displayed above.

The Group's average risk weight for exposures treated according to the AIRB approach increased marginally from 29.0% to 29.1% during 2023.

BREAKDOWN OF EXPOSURE CLASSES ACCORDING TO THE AIRB APPROACH
DKKm	EaD 2023	REA 2023	EaD 2022	REA 2022
Corporates, total	340,496	104,544	324,084	95,813
Large corporate clients	282,918	84,146	255,439	73,425
Specialised lending	241	136	453	219
SME corporates	57,337	20,262	68,192	22,168
Retail, total	224,484	42,552	22,.304	41,415
Real property, personal	163,878	29,105	160,586	28,639
Real property, SMEs	35,090	5,334	33,370	4,330
Other retail, private	15,373	4,393	15,760	4,694
Other retail, SMEs	10,143	3,719	10,830	3,691
QRRE (Credit cards)			758	62
	564,980	147,096	545,388	137,228
Other non-credit obligation assets	5,588	5,588	8,580	8,580
Securitisations	7,525	1,525	7,518	1,496
Handelsbanken DK's portfolio treated on the AIRB ap proach	52,217	15,812	63.783	20,390
Non-compliance reservation regarding AIRB-models		13,245		13,632
Total	630,310	183,266	625,270	181,326

Loan impairment charges and provisions for guarantees

For all exposures, impairments are made in accordance with IFRS6 9. The impairment model according to IFRS 9 is based on a calculation of expected creditlosses where loans are divided into four categories, depending on the loan's credit deterioration compared to the first recognition:

1) Lending with the absence of a significant increase in credit risk (stage 1).
2) Loans with a significant increase in credit risk (stage 2).
3) Loans that are credit-impaired (stage 3).
4) Loans that are purchased or credit impaired at first recognition (POCI-category). This category is only relevant for reporting as the impairment calculation are made in accordance with the actual underlying staging based on the actual risk-assessment.

Risk classifications

The Group divides exposures with objective evidence of impairment into three risk classifications: exposures with low, high, and full risk. The latter two risk categories consist of credit-impaired exposures (stage 3) and are defined

according to the default definition as used in the Group's advanced IRB setup.

On an ongoing basis - and at least quarterly the Group assesses whether objective evidence of impairment relating to the Group's clients has emerged.

The Annual Report provides more information on the definitions for default and rating classes in note 50.

Impairment calculations

For loans at stage 1, impairments are made for expected credit losses in the coming 12 months, while forloans at stages 2 and 3, impairments are made for the expected loss in the loans' expected residual maturity. On initial recognition, the individual loans are placed based on stage 1, whereby impairments are made for 12-month expected losses on initial recognition.

The classification into the 3 stages is of significance for the calculation method used and is determined, among other things, by the change in probability of default (PD) over the expected residual maturity of the loan.

The assessment of whether there has been a significant increase in the credit risk since initial recognition is based on the following factors:

• An increase in PD for the expected residual maturity of the financial asset of 100% and an increase of 12-month PD of 0.5 percentage point when the 12-month PD at initial recognition was below 1.0%.
An increase in PD for the expected residual maturity of the financial asset of 100% or an increase of 12-month PD of 2.0 percentage points when the 12-month PD at initial recognition was 1.0% or more.
The loan is in 30 days past due or more.

The Group's risk assessment (risk classification), which is based on, among other things, assessment of the client's ability and willingness to comply with his payment obligations, breach of contract/covenants and/or changes in the initial conditions for the client relationship.

In addition to the calculations, a managerial assessment is made of the ability of the models and the expert assessing impairment calculations to consider all future expectations regarding loan impairment charges. To the extent that it is assessed that there are factors/risks that are not addressed in the calculations, a management estimate is made for the writedown calculations. This estimate is based on

⁶ IFRS: International Financial Reporting Standards

concrete observations and is calculated based on the expected risks in the portfolio.

The calculated impairments (both individual and management's estimates) are based on the credit portfolio to ensure consistency to the accounting framework and are attributable to the specific exposures (specific credit-risk adjustments).

The Annual Report provides more detailed information on the impairment methods and processes.

Trend in loan impairment charges and provisions for guarantees

The total balance of loan impairment charges and provisions for guarantees amounted to DKK 5.0bn at end-2023 (2022: DKK 4.7bn). The discount balance from acquired assets at end-2023 amounts to DKK 306m against DKK 621m at end-2022. Hence, the total balance of impairment charges and provisions inclusive of discounts from acquired loans, amounts to DKK 5.3bn at end-2023.

Provisions for financial instruments are recognised in the P/L-item 'value adjustments', and as the negative market value of financial instruments is included in the statement of EAD, the balance of these value adjustments is also shown in the table. At end-2023, the balance of value adjustments amounted to DKK 13m (2022: DKK 15m).

In 2023, the development in loan-impairment charges and provisions for guarantees amounted to DKK 437m (2022: DKK -572m), and Jyske Bank recognized as interest income of DKK -310m (2022: DKK -108m) from the discount balance. Hence, the total net effect recognized in the income statement came to DKK 127m (2022: DKK - 680m).

IMPAIRMENT CHARGES AND PROVISIONS FOR GUARANTEES
DKKm	2023	2022
Balance of impairment charges for loans and ad vances	4,547	4,353
Balance of provisions for guarantees and liabilities	431	393
Balance of loan impairment charges and provisions for guarantees	4,978	4,746
Balance of discounts	306	621
Balance of loan impairment charges and provisions for guarantees incl. balance of discounts	5,284	5,366
Balance of value adjustments	13	15
Balance of loan impairment charges and provisions for guarantees incl. balance of discounts and balance of value adjustments	5,297	5,381

NET EFFECT FROM IMPAIRMENT CHARGES, ETC.

DKKm	2023	2022
Loan-impairment charges and provisions for the year	391	-527
Recognised as a loss, not covered by loan-impairment charges/provisions	68	112
Recoveries	-22	-157
Loan-impairment charges and provisions for guaran tees	437	-572
Recognised discount for assets taken over	-310	-108
Net effect on income statement	127	-680
Value adjustments for financial instruments	-2	-43
Net effect on income statement, inclusive of value ad justments	125	-722

EAD FOR ACCOUNTING PURPOSES AND PAST-DUE EXPOSURES BROKEN DOWN BY SECTOR
DKKm	EAD Stage 1	EAD Stage 2	EAD Stage 3	EAD Past-Due	Balance of loan impairment charges*	Net effect from impairment charges**
Banks and mortgage-credit institutions	8.191	877	0	0	8	0
Public authorities	19,793	0	0	0	0	0
Agriculture, hunting, forestry, and fishing	13,785	1,115	155	1	116	-47
Manufacturing, mining, etc.	19,459	1,057	372	1	333	57
Energy supply	14,207	21	46	1	59	19
Construction	11,406	1,081	171	14	120	-18
Commerce	14,611	2,117	432	3	515	149
Transport, hotels, and restaurants	8,837	518	183	7	141	16
Information and communication	2,911	62	28	0	40	-15
Finance and insurance	131,187	1,662	987	234	783	-137
Real property	170,479	3,631	2,704	16	1,065	24
Other sectors	25,330	1,230	564	3	382	88
Corporate Clients	412,212	12,493	5,641	279	3,554	136
Personal clients	213,527	9,142	3,325	712	1,735	-11
Total 2023	625,739	21,635	8,966	992	5,297	125
Total 2022	593,238	20,414	8,972	957	5,381	-722

EAD for past-due exposures amounted to DKK 992m end-2023 (957 end-2022). The level has a small increased although there has been a continuous focus on arrears in the business units of Jyske Bank Group. This small increase in past due amount is considered to be, among other things, the result of effects from the Danish economy that is affected by high inflation (higher consumer prices, higher interest rates etc.), which is quite normal under these economic circumstances. Alignment of the definitions of credit impairment and default from early 2021 implies that the total exposure to a customer, who has a past-due exposure, is impaired.

Credit risk and impairment levels in 2022-2023 has generally performed well and proved to be robust, although there is a more negative view on the Danish and European economic outlook. Higher levels of defaults have not yet been observed to a significant extent in the portfolio but are expected to increase in 2024. The economic outlook comes with great uncertainty and will depend on developments in the level of unemployment, interest rates, house prices, inflation, etc. Therefore, the Jyske Bank Group has taken these risk factors into account in the calculation of the managerial overlays regarding macroeconomic effects. The Annual Report provides more detailed information in notes 14

and 68 about the determination of the managerial overlays.

The total balance of impairment charges for corporate clients as a percentage of total EAD is amounted to 0.8% at end-2023.

Commerce makes up the riskiest sector in terms of balance of impairment charges as a percentage of total EAD. Total volume in the sector is relatively low.

The balance of impairment charges for real property as a percentage of total EAD amounted to 0.6% at end-2023, compared to 0.6% at end-2022.

The balance of impairment charges for personal clients as a percentage of total EAD is continuously low and amounted to 0.8% at end-2023.

Re-estimation and validation of models

The credit-risk models are enhanced to improve quality and to ensure compliance with currentlegislation. Therefore, whether, based on statistical models or on expert opinions, the models behind the calculations of PD, LGD, EAD and collateral models are validated at least annually by the validation function. All new models will also go through an initial validation. The validation function is independent of the

department responsible for developing the models.

The validation includes, for example, stability testing and back testing, and its objective is to reveal any areas which require special attention. The purpose of stability testing is to monitor whether the models are stable over time. The identification of structural breaks and systematic changes is an important aspect when the models are applied to such long-time horizons as are involved in credit risk. The purpose of back testing is to compare a model's predictions to what occurred, thus measuring the predictive capabilities of the model. The validation of the models used for credit risk purposes is carried out quantitatively as well as qualitatively.

Re-estimation and model improvements of the credit-risk models are undertaken when needed due to the validation results, changing business requirements or significant changes in the legal requirements.

The models also constitute a component highly applicable for other purposes than IRB such as IFRS9. The models form a fundamental structure in this regard. IFRS9 is also validated by the validation function.

The Group has a governance structure, which ensures that all changes to the IRB models are decided and documented by the Credit Risk Control Unit (CRCU). The CRCU receives information about all validation results and other relevant issues related to models and decides appropriate actions depending on materiality and severity. The CRCU is responsible for communication of relevant issues to the senior management and for the ongoing dialogue about IRB models with the Danish FSA. The members of the CRCU are all senior experts with management responsibility in credit risk and modelling.

During 2023 the Groups non-CCP exposure decreased which was primarily driven by decreasing volatility in FX- and commodity markets in 2023, compared to the high volatility and higher trading activity encountered in 2022.

Counterparty Credit Risk

Counterparty Credit Risk is the risk of a financial loss due to a counterparty failing to fulfil its obligations. Counterparty Credit Risk is generated when Jyske Bank trades derivative contracts with clients and financial counterparties.

The financial loss is the market value of the derivative contract. The future market value of a contract is uncertain, due to the construction of the derivative contract, in which the value depends on the underlying market factors. Jyske Bank has a counterparty credit risk exposure towards a certain counterparty when the market value is positive, meaning that if the counterparty defaults, Jyske Bank has lost this value.

Policy and management

Jyske Banks policy for managing counterparty credit risk distinguishes between small and large counterparties, where the latter includes financial institutions. The basic principles for measuring risk on the two types of counterparties are identical, however the management of risk on large counterparties is extended to include additional management parameters.

Jyske Bank calculates its daily exposure to individual counterparties within the Group's counterparty credit risk management system. These exposures are included in the credit risk management in line with other credit exposures. Counterparties are granted lines in accordance with the instructions in force after

risk assessment of the individual counterparty. The lines are reviewed atleast once a year or in case of a change in creditworthiness of the respective counterparty.

The daily exposure is calculated as the sum of market values and market risks on a derivative portfolio with a counterparty, where the market risk, or the potential future exposure, is determined as an add-on of the nominal amount of each transaction intraday and by a portfolio calculation end-of-day. The size of the add-on depends on the type of trade, maturity, and currency.

Risk reduction

To manage and monitorlarge counterparty exposures, the Group calculates settlement risk. To reduce the settlement risk towards each individual counterparty, settlement of foreign exchange transactions will, to the extent possible, take place through a Continuous Linked Settlement system (CLS). Jyske Bank is a third-party member of the CLS system in which settlement is based on the principle of "payment to payment", thus reducing the settlement risk on foreign exchange derivative transactions between participants of the system.

For all derivatives transactions, the Group seeks to mitigate the risk further by:

Clearing through a Central Counterparty (CCP).
Requiring master netting agreements, which gives the Group the right to net

market values of derivative trades in case of counterparty default.

• Attaching collateral management agreements to the master netting agreements, which entitles the Group to collateral in case the counter-party's debt to Jyske Bank exceeds an agreed amount.

The table below shows to which extentthe Group clears derivatives through a CCP. Of the total amount of principals not cleared in 2023, around 88% was covered by collateral agreements (CSA).

Derivatives - notional amount
DKKm	2023	2022
CCP	1,222,765	1,258,384
Non-CCP	1,096,245	1,145,225
- Collateralized	966,164	1,019,376
-Non-collateralized	130,081	125,849
Total	2,319,009	2,403,609

From September 2021 the Group was obliged to fulfil the EMIR requirements on Initial Margin for non-cleared derivatives. At year-end 2023, no Initial Margin was posted or collected, but during 2023 OTC Initial Margin has been exchanged with a few counterparties. Security Agreements and Collateral Transfer Agreements are set up with counterparties approaching the 50m EUR threshold. For most of the Groups financial counterpar-ties, the

Threshold Monitoring Agreement will be sufficient.

Risk Profile

The current exposure is measured in terms of the market value of a portfolio with a given counterparty, considering any allowed netting and collateral ex-changedwith the counterparty. The table below shows the Groups exposure at end-2023 for counterparties except CCPs.

Counterparty credit risk exposure
DKKm	2023	2022
Gross exposure	15,138	21,953
Effect of netting	9,033	12,023
Exposure after netting	6,105	9,930
Effect of collateral	3,616	6,648
Exposure after netting and collateral	2,490	3,282

The overall decrease in the Groups non-CCP exposure is primarily driven by decreasing volatility in FX- and commodity markets, compared to the high volatility and higher trading activity encountered in 2022.

Collateral agreements with financial counterparties and large corporate clients are mutual agreements, which means that Jyske Bank is also obliged to pay margin to the counterparty if the market value in favour of the counterparty exceeds a pre-agreed threshold. At end-2023 78% of the Groups collateral holdings consisted of cash, the remaining 22% was composed by securities in the form of Danish mortgage bonds and government bonds issued in Denmark, Germany, France and the United States.

Jyske Bank currently has a handful of collateral agreements in which additional collateral must be posted to the counterparty in case of a rating downgrade of Jyske Bank. None of these minor independent amounts are currently triggered, and the vast majority of the Groups collateral agreement do not contain this rating dependent clause.

Wrong Way Risk

Wrong-way risk occurs when the exposure to a counterparty is negatively correlated with the credit quality of that counterparty. General wrong way risk (GWWR) occurs when the credit quality of a counterparty is correlated with specific macroeconomic factors that also affect the value of the derivative transaction. Specific wrong way risk (SWWR) arises when the exposure to a counterparty is positively correlated with the probability of default of that counterparty due to the type of transaction with the

counterparty.

In the event of SWWR, there is a legal relationship between the counterparty and the issuer of the under-lying OTC derivative or securitiesfinancing transactions. An example is if the Group receives collateral from a counterparty that is legally linked to the issuer of the securities received as collateral. Similarly, SWWR could also arise if the Group enters a repo transaction with a counterparty where the underlying security is issued by the same counterparty. It is Jyske Bank's policy not to assume considerable SWWR and the Group has procedures in place to monitor this.

Own funds requirements

Capital must be set aside for counterparty credit risk in accordance with CRR. Jyske Bank calculates its capital requirements using the Standard Approach for Counterparty Credit Risk (SA-CCR), in which the exposure at default (EAD) is calculated as the current market value of a portfolio recognising allowed netting and collateral exchanged plus an add-on for potential future credit risk exposure. The own funds requirement for counterparty credit risk is reported as part of the own funds requirement for credit risk.

Furthermore, capital must be set aside to cover the Credit Valuation Adjustment (CVA) risk. Jyske Bank uses the Standard Approach in CCR to calculate the corresponding Own Funds requirement. This capital charge covers only the Groups exposures towards financial counterparties, since other counterparties are exempted by the CRR. Jyske Bank therefore makes a capital addition to cover the risk that the probability of default for non-financial counterparties increases.

Market-risk exposure from tradingrelated activities was primarily driven by client flows in a volatile market.

The sensitivity to interest rate changes in the banking book has increased in 2023. The increase is a result of increasing expected net interest income in line with the increasing interest rates. The interest rate risk from deposits is partially hedged, and the hedge is increased during 2023.

Market Risk

Market risk is the risk that Jyske Bank will incur losses due to changes in market prices affecting market values or the Group's net interest income. Jyske Bank assumes market risk from position taking in the financial markets and general banking and mortgage-banking operations.

Certain financial instruments include elements of credit risk, which are managed and monitored in parallel with market risk.

Governance and responsibility

The Group Supervisory Board decides the Market Risk Policy, setting the Group's overall market-risk profile and framework. The policy is implemented through limits delegated to the Group Executive Board.

The Group Executive Board's limits are further restricted and delegated to the three heads of Jyske Markets, Group Treasury and Jyske Realkredit (first line). The three business units are the sole units of the Jyske Bank Group that may assume significant market risk.

Market Risk and Models is the second line unit that is responsible for the risk framework for market risk and oversees market risks and monitors delegated limits. This includes establishing methodologies for measuring and assessing

market risk, setting limits, and ensuring an appropriate risk control infrastructure.

The Internal Revision (third line) is the independent unit that evaluates the effectiveness of the risk management, monitoring, and governance setup.

The Group Treasury Committee monitors market developments closely and is therefore able to adjust for any discrepancies between the Group's actual risk profile and its desired risk profile.

Monitoring and reporting

All risk positions in the Group's trading portfolio are monitored daily. The Group Executive Board is notified immediately of any exposure that breaches the delegated limits or conflicts with the Market Risk Policy. Upon a breach, the responsible business unit is requested to provide an explanation and rectifying plan. The Group Supervisory Board is notified immediately if an exposure exceeds the overall authority of the Group Executive Board.

New products and services are reviewed in relation to the Group's risk management infrastructure and IT systems.

The development of the marketrisk exposure of the various units is reported monthly to the

Group Executive Board and quarterly to the Group Risk Committee.

Market risk management

In the management of market risk, the Group distinguishes between:

Trading-related market risks.
Non-trading-related market risks which are handled by Group Treasury.

Trading-related market risks arise primarily from portfolios in Jyske Markets where clientrelated transactions drive the risk profile. This means that differentiated portfolios characterise the market-risk profile across interest-rate risk, foreign-exchange risk and equity risk where interest-rate risk and foreign-exchange risk are the main market risks. Commodity risk is hedged daily. Group Treasury is responsible for strategic market-risk positions in the trading book, which primarily consists of interestrate risk and foreign-exchange risk.

Non-trading-related market-risk exposure arises from asset and liability management and is managed in the banking book. The exposure originates from exposure to interest-rate risk founded in core banking and mortgage-lending activities as well as funding and liquidity management. In addition, the Group holds a portfolio of shares not held for trading, which is

primarily relating to the ordinary operating activity of the Group.

Developments in trading-related market risk

The market risk exposure from the trading related activities is in large driven by market-making activities related to Danish mortgage bonds, Nordic FX and investment funds. The FX risk is concentrated in EUR and a diversified portfolio of investment funds drove the equity risk. The Group has only a minor portfolio of single shares.

The Danish Mortgage market has (as the global Fixed Income Market) been quite volatile in 2023 and the pricing of the Centralbanks hikes has been very central. The flow from the foreign investors has been more balanced in 2023 than in 2022. The last quarter of the year was dominated by a sharp decline in the rates. In fixed callable bonds the 5% coupon was the main issuing bond during the whole year and we did continue to see buybacks in low coupon callable bonds.

Own funds requirements for market risk

During 2023, REA from market risk increased with DKK 1.4bn to DKK 9.8bn. Risk from debt instruments and Groups' equity portfolio increased during 2023. The REA from foreign exchange remains zero, as the exposure is below

the minimum threshold according to CRR article 351.

A large part of the Group's own funds requirement in debt instruments is a result of hedging DKK interest rate risk with EUR instruments.

OWN FUNDS REQUIREMENT FOR MARKET RISK
DKKm	2023		2022
Risk type	REA	OFR*	REA	OFR*
Debtinstruments	7.893	631	6,756	540
Equity	1,935	155	1,624	130
Commodity	-	-	-	-
Foreign exchange	-	-	-	-
Total	9,828	786	8,380	670

Note: OFR = Own funds requirements

Methodologies

Every market risk type has its own characteristics and is managed by means of individual risk measurements as well as through stress testing like the Group's VaR (Value at Risk) model and interest-rate scenarios. The management of market risk associated with derivatives is supplemented by risk measurements developed in accordance with conventional option theory.

Interest-rate risk

The Group measures interest-rate risk as the gain or loss generated by shifts in the yield curve. In addition to a simple simultaneous 1 percentage point shift in all yield curves the Group also measures and limits the interestrate risk under different scenarios including variants of curve twists.

SHARES NOT HELD FOR TRADING
DKKm	2023	2022	Unrealised gain	Realised gain
Total		1,622 1,500	106	5

Interest-rate risk is calculated on contractual cash flows. Jyske Bank has no fixed-rate balances without an agreed due date. Certain loans are fixed-rate loans and can be prepaid. Jyske Bank has developed a risk-management model that adjusts the key-risk figures for mortgage bonds for the built-in option element of the bonds. Therefore, callable mortgage bonds are included in the interest-rate risk with the option-adjusted duration.

Interest-rate risk in the banking book

Interest-rate risk in the banking book (IRRBB) is measured and monitored separately from trading-related interest-rate risk.

On a monthly basis, the Group measures, and monitors IRRBB within a risk tolerance framework founded in the Market Risk Policy decided by the Group Supervisory Board. IRRBB is measured in respect to both economic value and earnings at risk within a 12-month horizon in different interest-rate scenarios, including both parallel and non-parallel shifts in interest rates. In addition to the monitoring of overall risk tolerance, sub-elements of IRRBB are

measured daily in respect to the additional limiting.

The asset and liability management of the Group drives the interest-rate risk in the banking book, and a number of activities and risk factors drive the interest-rate risk. These include factors such as funding and liquidity risk, interest-rate risk from non-maturing deposits, and optionality and interest-rate floors within client products.

Hedging the interest rate risk from deposits is of high attention. Management of interest-rate risk in the banking book is addressed by hedging with different instrument types and with a high attention on alignment in accounting principles.

The interest-rate sensitivity in the banking book, measured by economic value, is illustrated below in a 50-bp parallel shift in interest rates. The figures do not include the pickup in

NII from deposits, resulting from a realization of current forwards.

A sudden parallel increase in interest rates would positively impact the Group's economic value from the banking-book positions,

INTEREST-RATE RISK IN THE BANKING BOOK
DKKm	2023		2022
	+50bp	-50bp	+50bp	-50bp
DKK	603	-648	372	-421
EUR	-76	85	40	-33
Other	1	-1	-7	7
Total	528	-564	405	-446

whereas decreases in interest rates reduce the economic value.

The sensitivity to falling interest rates increased from DKK -446 million in 2022 to DKK - 564 million in 2023.

Foreign-exchange risk

Jyske Bank's foreign-exchange risk indicators are calculated based on currency indicator 1 in accordance with the Danish Executive Order on the Presentation of Financial Statements laid down by the Danish FSA.

Currency indicator 1 does not consider the fact that some currencies are more volatile and perhaps less liquid than others. For management purposes, Jyske Bank therefore uses more granular risk indicators.

Equity risk

The daily measuring of equity risk distinguishes between equities in- and outside the trading portfolio.

The exposure of the trading portfolio is measured based on the stock holdings as well as equity-based instruments. The equity risk is determined through risk measurements that indicate the maximum loss that Jyske Bank may incur in the event of different simultaneous changes in the underlying equity prices.

Equity exposure not included in the trading portfolio is primarily financial-sector shares relating to the ordinary operating activity of the Group.

Shares are valued at fair value though associate holdings are recognised in accordance with the equity method as described in the Group's annual report. Unrealised capital gains/losses have influenced the operating income.

Commodity risk

Jyske Bank's exposure to commodities is modest as commodity trades are made on back-toback basis. The commodity risk is determined and limited according to simple-risk measurements.

Credit-risk exposure

Jyske Bank's exposure to credit risk on financial instruments relates mainly to bond holdings. Jyske Bank manages the exposure by limiting concentration risk expressed as the credit quality of the instruments as defined by ratings granted by recognised international rating agencies. Based on the credit quality of the instruments, concentration risk is calculated for rating classes and bond types. This means that there are different limits depending on whether the instrument is a government, a corporate bond, or a securitisation. For equities, a concentration risk limit has been defined geographically and for individual exposures.

In addition, risk management of the Group's portfolio of mortgage bonds is supplemented with limits for credit-spread risk.

BREAKDOWN OF RATINGS (Standard & Poor's / Moody's)
DKKm	2023	2022
AAA / Aaa	7,429	7,422
AA / Aa	52	96
A / A	15	0
BBB / Baa	12	0
BB / Ba	-	-
Lower or no rating	-	-
Total	7,509	7,518

EXPOSURE TYPES FOR SECURITISATIONS
DKKm	European	American	Other	Total 2023	Total 2022
RMBS	217	-	-	217	96
CLO7	4,958	2,334	-	7,292	7,422
ABS8	-	-	-	-	-
Total 2023	5,175	2,334	-	7,509	7,518
Total 2022	5,281	2,237	-	7,518

Securitisations

The Group's activity within securitisation is investment in tranches issued by other institutions and legal entities. The Group does not invest in re-securitisations and acts as neither an originator nor a sponsor. Investment is made in traditional securitisations and distributed on the following securitisation types:

• RMBS (Residential Mortgage-Backed Securities) primarily consisting of AAA-rated senior tranches.

• CLOs consisting only of AAA.

Since credit risk on the underlying assets is the most significant, the Group limits itself to acquiring positions that are most senior in the capital structure and highly rated by rating agencies.

⁷ CLO: Collateralised Loan Obligation. An asset-backed security backed by receivables on loans. 8 ABS: Asset Backed Security. A general term for claims whose value is determined by a pool of specified underlying assets such as a certain type of loan.

The portfolio's positions are acquired with the intent of holding them until maturity and therefore held in the banking book. As such,

they are booked at amortised cost though a small amount of legacy positions is at fair value.

The level of the underlying market and credit risks in securitisations is monitored continuously and is analysed at least every quarter. The analyses are based on trustee reports9 and information from rating agencies or other external sources. The securitisation types and the geographical exposure of the underlying assets of the portfolio are depicted in the table below.

The Group acquired new securitizations during 2023. All new investments in CLO's have an AAA-rating and senior status in accordance with the Market Risk Policy.

Own funds requirements for securitisations

Jyske Bank applies the external ratings-based approach (SEC-ERBA) for the calculation of the own funds requirements.

Own funds requirements for securitisations
DKKm	2023		2022
Risk weight – ranges	Exposure	OFR*	Exposure	OFR*
≤ 20%	7,429	119	7,422	116
> 20% ≤ 50%	79	3	97	3
> 50% ≤ 100%	1	0	-	-
> 100% < 1,250%	-	-	-	-
1,250% / deduction	-	-	-	-
Total	7,509	122	7,518	120
Of which in the trading portfolio	-	-	-	-

Note: OFR = Own funds requirements

⁹ A status report from the securitisation's trustee describing the underlying loan portfolio of the securitisation and the development of this to be used by investors, among others.

For the regulatory liquidity measures LCR and NSFR the Group maintained a high excess coverage to both internal delegated limits and to a high extend the regulatory limits.

In spite ofthe banking crisis and market turmoil in March 2023, credit spreads have over the year 2023 narrowed in line with a normalization of inflation levels and improved fundamentals.

The Group successfully issued four public benchmark bonds in the international capital markets and by the end of 2023 Jyske Bank had seen a substantial tightening of credit spreads relative to peers of especially its outstanding non preferred senior bonds.

Liquidity Risk

Liquidity risk occurs due to funding mismatch in the balance sheet. The Group's liquidity risk can primarily be attributed to its bank-lending activities as the loan portfolio has a longer contractual duration than its average funding sources. The liquidity risk at Jyske Realkredit is contained due to the adherence to the balance principle 10 of the mortgage legislation for covered bonds. Jyske Realkredit on the other hand faces funding risk related to potential decline in real estate prices due to regulatory over-collateralisation requirements (OC requirements).

Objective and overall setup

The Group Supervisory Board determines the liquidity profile expressed as the balance between the risk level and the Group's costs of managing liquidity risk. Jyske Bank's liquidity management must ensure adequate shortand long-term liquidity so the Group can in due time honour its payment obligations by having reasonable funding costs. The risk level is reassessed on an ongoing basis, considering current market and economic conditions in Denmark and the financial sector.

Organisation, management, and monitoring

The Group Supervisory Board has adopted a liquidity policy which sets specific guidelines and limits including critical survival horizons for the

Group during three different stress scenarios. Other key ratios include an internal key objective for the LCR and NSFR, the size and quality of the Groups liquidity buffer and the relationship between bank loans and bank deposits. Based on the overall limits, the Group Executive Board has defined and delegated specific limits to those operationally responsible in Jyske Bank, who daily monitor and manage the Group's liquidity. Group liquidity management is conducted by Group Treasury.

Jyske Realkredit is subject to liquidity-related restrictions in respect of the investment profile in the securities portfolio, repo borrowing as well as money-market placements outside the Group to ensure that transactions of Jyske Realkredit are in line with statutory requirements as well as the internal guidelines at Jyske Realkredit and at Group level.

Market Risk & Models monitor liquidity positions daily for observance of the delegated limits. Liquidity positions that exceed the authorised limits are reported immediately according to the business procedure relating to liquidity risks.

The Group's responsibility for issuing bonds in the capital market is centralised at Group Treasury. As a mortgage-credit institution, Jyske Realkredit must comply with mandatory over-collateralization within the scope of the privileged position of covered bond investors in a bankruptcy scenario. In a scenario with

¹⁰ The balance principle means that the borrowers' payments of interest and instalments match the payments on the bonds issued to fund the mortgage loan.

declining real estate prices, Jyske Realkredit may need to have liquidity injected into its capital centres11 from Jyske Bank to fund supplementary collateral and to ensure the capital centre's compliance with S&P's OC requirements.

Short-term liquidity management

Jyske Markets manage short-term operational liquidity, which is active in the international money markets as a trader in all major currencies and related derivatives and as a marketmaker in the Nordic inter-bank money markets. Short-term funding in these markets' forms part of the overall Group limits for short-term funding within strategic liquidity management.

Strategic liquidity management

Strategic liquidity is managed by Group Treasury. Measurement of the Group's liquidity position in various stress scenarios is a cornerstone in managing the Groups strategic liquidity risk profile. The asset side of the liquidity balance is broken down and grouped in order of liquidity whereas the financial liabilities are grouped according to expected run-off risk in various scenarios. In the three current relevant stress scenarios, the Group's liquidity buffer is used to cover negative payment gaps. In addition to the survival horizon in these stress scenarios, the Group's compliance with the LCR ratio in stress scenarios is monitored. Three scenarios are analysed: an idiosyncratic scenario, a capital market/recession scenario, and a combination scenario.

For more detailed information on the stress scenarios used, see the Group's Annual Report 2023.

Liquidity contingency plan

The liquidity contingency plan comes into force if the Group can only meet the internally delegated limits at very high costs or is ultimately unable to come back to compliance with limits. The plan determines a broad range of initiatives that can be used to strengthen the Group's liquidity position.

During 2023, Jyske Bank had a very high degree of excess coverage in terms of the stressbased internally delegated limits and guidelines.

Group funding structure

The Group's largest funding source is covered bonds and mortgage bonds issued by Jyske Realkredit which according to the balance principle of the Danish mortgage legislation fund Jyske Realkredit's mortgage loans. Total covered bonds and mortgage bonds amounted to DKK 346bn corresponding to 44% of the balance sheet at the end of 2023. The Group's second largest source of funding is customer deposits representing DKK 200 bn (26 % of the balance sheet). The deposit base is granular and well-diversified reflecting a broad client base of private customers as well as small and

medium-sized companies. Other important funding sources are primarily short- and longterm bonds issued in the international capital markets. In addition, Jyske Markets funds its own wholesale-related activities by taking up unsecured as well as secured loans in the wholesale fixed-term and interbank markets. Continuous activity in the above-mentioned markets enhances the possibility of refinancing short-term positions and is a natural part of the business of Jyske Markets.

The Group's liquidity buffer

Jyske Bank's liquidity buffer consists solely of assets which can be sold immediately or pledged as collateral for loans and are therefore a swift and efficient source of liquidity. The procurement of secured funding does not depend on Jyske Bank's creditworthiness, but solely on the quality of the assets that can be offered as collateral. The measurement of the Group's liquidity buffer considers haircuts of the relevant assets.

Jyske Bank's holding of securities is divided into three groups in the internal liquidity management in order of liquidity:

Ultra-liquid assets (intra-day liquidity): Assets placed with the Danish Central Bank or the ECB (European Central Bank) with intra-day liquidity effect: Cash deposits at the ECB or the Danish

¹¹ Capital centers: Covered bonds and mortgage bonds are issued by capital centres with separate individual own funds requirements. At Jyske Realkredit, covered bonds (SDO) are issued at Capital Centre E and traditional mortgage bonds (RO) at Capital Centre B.

Central Bank, certificates of deposit with the Danish Central Bank.

Very liquid assets (central bank eligible): Assets eligible for borrowing transactions in the Danish Central Bank or the ECB: Danish government-, mortgage-, and covered bonds, as well as European covered bonds, residential mortgage-backed securities (RMBS) and government bonds.
Non-central bank eligible assets: Other negotiable securities with a longer realisation period. Securities in this group consist primarily of assets denominated in currencies other than DKK and EUR as well as emerging-market bonds, corporate and structured bonds, and equities.

Jyske Bank has adopted a general policy for the size and quality of its liquidity buffer, which is adjusted to suit the Group's balance-sheet composition and risk profile. In practice, the liquidity buffer policy implies that the liquidity buffer consists predominantly of assets from liquidity group 1 (ultra liquid) and group 2 (very liquid) as there is a high degree of consistency to the requirements for LCR-reserves.

At end-2023, the Group's liquidity buffer amounted to DKK 152bn compared to DKK 130bn end-2022.

DEVELOPMENT IN THE GROUP LIQUIDITY BUFFER

Not central bank eligible Very liquid Ultra liquid

As reflected in the above chart the reserve consists mainly of ultra-liquid or very liquid assets such as central bank deposits and Danish mortgage bonds and covered bonds. End of 2023 DKK 142 bn of the buffer was eligible at either the Danish Central Bank or the ECB.

Capital markets & issuance activity

After a volatile and challenging 2022, financial markets had a stable start to the year 2023 with moderate spread tightening as investors entered 2023 with unsustainably low risk exposure and good amounts of liquidity to deploy. "Higher for longer" was still the narrative, supported by the Central Banks' continued raising

of interest rates and inflation figures that surprised on the upside.

In March, the mood changed abruptly with three bank bankruptcies in the US and a "bank run" at Silicon Valley Bank, which sent shock waves through the global financial system. Shortly after, Credit Suisse collapsed, but in a swift maneuver to protect financial stability and the Swiss banking system, CS was bought by UBS in a structure where AT1 capital was written down to zero without the entire equity being wiped out. This maneuver led to a massive expansion of credit spreads, especially for NPS and Tier 2 – and the market for AT1 capital shut down.

Credit spreads slowly declined during the 2nd quarter and were relatively stable in the 3rd quarter.

Towards the end of the year central banks began to indicate that the interest rate peak had been reached and interest rate cuts could potentially come into question during 2024. Based on this new market expectation of lower interest rates, the year 2023 ended with a nice narrowing in credit spreads, which was further supported by a December with a low supply of new issues.

In spite ofthe banking crisis and market turmoil in March 2023, credit spreads have over the year 2023 narrowed in line with a normalization of inflation levels and improved fundamentals.

Jyske Bank Group issued five public benchmark transactions during 2023.

An overview of the bonds issued in the international capital markets during 2023 as well as until 27 February 2024 is provided in the table below:

At end-2023, senior unsecured debt amounted to DKK 33.5bn (EUR 4.5bn) against DKK 27.8bn (EUR 3.7 bn) at end-2022. Outstanding CRD IV compliant issues of subordinated Tier 2 notes and AT1 capital amounted to respectively DKK 6.1 bn (EUR 0.8 bn) and DKK 3.3bn (EUR 0.4bn) end of 2022 compared to DKK 6.2bn (EUR 0.9bn) and DKK 3.3bn (EUR 0.4bn) end of 2022.

At end-2023, outstanding bonds under the CP programme amounted to DKK 64 bn (EUR 8.6 bn) compared to DKK 71 bn (EUR 9.5bn) end-2022.

Group refinancing risk

Refinancing risk is the risk of a financial institution not being able to refinance maturing

deposits, senior debt, covered bonds or other liabilities, or the risk that the refinancing cost will be so high that it will adversely affect net-interest income.

The refinancing risk of deposits and senior unsecured funding at Jyske Bank is addressed, monitored, and managed via the Group's internal limits and the integration of stress scenarios in liquidity-risk management. Jyske

	Maturity	Credit spread
SEK 2.25 bn NPS (value date 02.02 2023)	02.02.2027 (call 2026)	3M CIBOR + 148bps
NOK 0.2 bn NPS (value data 09.02.2023)	09.02.2027 (call 2026)	3M CIBOR + 150bps
EUR 500m NPS (value date 26.04.2023)	26.10.2028 (call 2027)	3M CIBOR + 150bps
EUR 500m green NPS (value date 10.11.2023)	10.11.2029 (call 2028)	3M CIBOR + 157.5bps
EUR 500m Tier 2 (value date 01.02.2024)	01.05.2035 (call 2030)	3M CIBOR + 224bps
EUR 300m AT1 (value date 13.02.2024)	perpetual (call 2030)	3M CIBOR + 408bps
EUR 750m covered bond (value data 26.05.2023)	01.07.2030	3M CIBOR +18bps
EUR 750m covered bond (value data 02.02.2024)	01.04.2031	3M CIBOR +22bps

Realkredit's mortgage bonds dominate the Group's refinancing risk measured by volume.

Refinancing risk covered bonds

Through Jyske Realkredit, the Group is a major issuer in the Danish market for SDOs and has a high dependency on secured capital-market funding on a covered bond basis.

Jyske Realkredit's outstanding volume of covered bonds (premium) and covered bonds in nominal values increased from DKK 366bn at end-2022 to DKK 373bn at end-2023. The increase was driven by general lending growth especially within multifamily housing.

Long fixed-rate callable covered bonds have no refinancing risk.

Due to the relatively high fixed interest rates on 30-year mortgage loans of 5% during most of 2023 the shift from 30-year fixed interest loans to loans with a variable interest rate (interest rate reset every 1-5 years) as well as floating rate loans with interest rate ceiling continued in 2023.

The change in the interest rate profile of existing borrowers has during 2023 increased the proportion of loans with refinancing risk in Jyske Realkredit. As at end of 2023 loans with refinancing risk amount to DKK 256bn and 68,5% of Jyske Realkredit's lending volume.

The maturity profile for mortgage loans with refinancing risk, as of end-2023, is illustrated in the chart below.

Refinancing of senior debt and capital instruments

Refinancing risk at Jyske Bank A/S is related to the wholesale fixed-term market, the interbank market, the CP and the market for preferred and non-preferred debt. In addition, refinancing of the Group's capital instruments according to the Group's capital targets and capital policy must also be addressed.

Furthermore, monitoring and assessing the structure and quality of the deposit base is imperative to assess the overall need for longerdated funding to hedge overall refinancing risk.

The Jyske Bank Group has a high-quality deposit base with a high proportion of small deposits from SMEs and private individuals and "core deposits" represents approximately 68% of bank lending.

The run-off of wholesale fixed-term deposits, interbank deposits, CP and EMTN12 issues is monitored and managed via the use of stress scenarios to make sure that the Group does not become structurally dependent on these founding sources. In addition, the Group has limitations on the amount of senior debt maturing within a rolling 12- month horizon.

The run-off profile of the Group's preferred and non-preferred senior debt and the issuer call date profile of outstanding capital instruments

as of end-2023 is illustrated in the following chart.

Debt buffer requirement at Jyske Realkredit

As part of the Danish BRRD framework, mortgage-credit institutions are required to establish a debt buffer equal to 2% of their total unweighted mortgage lending to facilitate a more flexible resolution process.

MREL & MREL eligible debt

Since January 1st 2022, the Group MREL requirement has been the highest of either 8 % of the Group's total liabilities and own funds (TLOF) orthe general MREL requirement consisting of the sum of the MREL requirement for

banking activities plus the capital and debt buffer requirement in Jyske Realkredit. After full implementation of the countercyclical buffer at 2.5 % end of Q1 2023, the latter has been the highest and thus the binding MREL requirement. Group capital, that is utilised towards the mortgage bank's capital and debt buffer requirements, is not eligible to count towards the MREL requirement for banking activities.

The subordination requirement for MREL for banking activities end of 2023 as set by the Danish FSA was 27.7 % of the risk weighted exposure for banking activities increasing to 27.9% in Q1 2024. Medio 2024 it will increase due to the implementation of a systemic buffer of 7 % of risk weighted exposures to commercial real estate.Hence, the MREL requirement is expected to be up to 28.5% of risk weighted exposures for banking activities.

Implementation of the amendments to the European Crisis Management Directive (BRRD II), introduced a subordination cap on the MREL requirement (for banking activities). Consequently, Jyske Bank can meet part of the MREL requirement with PS debt. The total MREL requirement for banking activities incl. of the non-subordinated allowance was 31.7 % end of

¹² European Medium-Term Notes. Typically, with maturities of between two and ten years.

December 2023 but will increase up to 32.5 % as from 30 June 202413.

To ensure ongoing compliance with statutory requirements, including an internal buffer to statutory requirements, Jyske Bank expects to have an outstanding volume of MREL eligible debt instruments of approx. DKK 29-31bn, of which DKK approx. 6bn preferred senior debt (PS) and DKK 23-25bn non-preferred senior debt(NPS) outstanding in the market.

Liquidity risk legislation

The daily calculation of the LCR ratio is the key short-term limit for liquidity risk management.

As of end-2023, the Group's LCR was 211% compared to 417% as of end-2022. The yearly development in the underlying liquidity buffer and net liquidity outflow is shown in the table below. Furthermore, the composition of the Group's LCR buffer net of haircuts as of end-2023 is shown:

GROUP LCR 2022-2023
	2022	2023
Liquidity buffer	133.4	160.4
Net outflow	32.0	76.0
LCR	417%	211%

GROUP LCR LIQUIDITY BUFFER 2023
Asset classes	DKK bn	%
Level 1a	77.4	48.3
Level 1b	79.0	49.2
Level 2a+2b	4.0	2.5
Total	160.4	100.0

The minimum target for the LCR is 120% for the Group as well as at bank level.

As a Danish SIFI, Jyske Bank must also comply with a modified LCR requirement in EUR. Jyske Bank is fully compliant with a substantial buffer to the 100% requirement as of end-2023.

Net Stable Funding Ratio has been a statutory requirement since the end of June 2021. The "maturity extension trigger" in the Danish mortgage bond legislation means that all bonds qualify as "closely related to the loans" and can be excluded from the calculation.NSFR compliance at Jyske Realkredit is therefore relatively easy to achieve.

At Group level, Jyske Bank was fully NSFRcompliant throughout 2023. The Group NSFR as of end-2023 was 136% compared to 126% as of end-2022.

Funding plans

Early 2024 Jyske Bank has executed a substantial part of the funding plan of the year.

As part of optimization of the Group's capital structure Jyske Bank issued EUR 500m, 11.25NC6.25 Tier 2 on 23 January 2024. Subsequently on 6 February Jyske Bank issued EUR 300m perpNC7 AT1.

For the remainder of 2024 Jyske Bank intends to issue an EUR 500m non preferred senior benchmark bond together with EUR 200m-300m preferred senior.

¹³ See Information for Debt Investors (jyskebank.com) for an overview of the current MREL requirement for the Group and for the banking activities.

GROUP ENCUMBRANCE RATIO
DKKbn	2023	2022
Total encumbered assets and col lateral	435,66	418,84
of which: derivatives collateral	17,31	25,41
of which: Repo incl. Triparty	35,39	33,89
of which: Central Bank funding	0,00	0,00
of which: SDO-issuance	382,96	359,53
of which: other assets	0,00	0,00
Total assets and collateral	847,34	819,05
Encumbrance ratio	51,4%	51,1%

ensure that asset encumbrance is not extended to any inexpedient extent.

At Jyske Bank, the following types of asset encumbrance of material extent have been identified. The primary sources of asset and collateral encumbrance stem from:

Issuance of covered bonds
Repo financing
Derivatives and clearing activities
Periodical short-term funding in central banks (Danmarks Nationalbank and ECB)

As the amounts in the table above suggest, the issuance of covered bonds out of Jyske Realkredit is by far the most substantial source of encumbrance. Issuance of covered bonds is

a long-term and strategically important instrument to ensure stable and attractive funding.

Credit ratings

The Jyske Bank Group is rated by Standard & Poor's (S&P). Jyske Realkredit has the same rating as Jyske Bank.

On 21 July 2023 S&P upgraded Jyske Bank and Jyske Realkredit 's Issuer Credit Rating to 'A+' from 'A' with continued stable outlook. The upgrade was based on sustainably higher bail-inable debt buffers. Jyske Banks SACP of A- remained unchanged. Jyske Bank's stand-alone credit profile ("SACP") has been A- with a stable outlook since 2011.

Asset encumbrance

Assets are encumbered if they have been pledged or are subject to any form of arrangement to secure, collateralise or credit-enhance any on- or off-balance-sheet transaction from which it cannot be freely withdrawn.

Asset encumbrance is a natural and inevitable part of the Group's daily activities. However, a large asset encumbrance on the Group's assets will entail a structural subordination of the Group's unsecured creditors. To ensure that the Group always has access to unsecured funding, a policy has been established to

STANDARD & POOR'S RATINGS
Jyske Bank issuer rating profile	rating	outlook	Jyske Realkredit ratings of Mortgage bonds
Stand Alone Credit Profile (SACP)	A-	stable	CRD-compliant covered bonds from Capi tal Center E	AAA
Issuer Credit Rating ("ICR")	A +	stable
Short term unsecured rating (preferred senior)	A-1	stable
Long-term unsecured rating (preferred senior) A +		stable	UCITS-compliant mortgage bonds from Capital Center B and the Gen eral Capital Center	AAA
Long-term non-preferred senior ("NPS")	BBB+	stable
Tier 2 Additional Tier 1 (AT1)	BBB BB+	stable stable

Jyske Realkredit issues mortgage bonds from Jyske Realkredit's Capital Centre E (SDO), which are rated AAA. It is a key objective of the Group to maintain S&P's AAA rating for Jyske Realkredit's capital centres.

The capital requirement to maintain the AAA rating for Jyske Realkredit's capital centres is assessed continuously by S&P, among other things, based on Jyske Realkredit's issuer rating as well as the growth and composition of the loan portfolio at the capital centres. At end-2023 the over-collateralisation requirement from S&P totalled DKK 8.6bn against DKK 8.9bn at end-2022

Jyske Bank has throughout 2023 continued its efforts to strengthen the management of non-financial risk in the Group.

A major area of focus has in 2023 been the integration of Handelsbanken Denmark. A significant milestone in this integration was achieved with the successful IT-migration in November 2023.

Management of IT- and cyber risk remain top-priority, and the Group works continually to enhance its ITsecurity. In 2023, further initiatives were launched to combat cyber threats and improve the overall security of the IT-infrastructure.

In addition, fighting financial crime and violations of international sanctions continue to be high-priority areas in the Group. Substantial improvements to customer due diligence processes and mitigation of sanctions risk have been achieved in 2023.

Operational Risk

Jyske Bank is exposed to potential losses as a result of operational risk events, including inexpedient processes, human errors, IT errors as well as financial crime. Operational risk relates to all internal processes and can therefore not be eliminated entirely. The Group monitors and actively manages operational risk to reduce the risk of operational risk events resulting in material losses and damage to reputation.

Policy and strategic objective

Jyske Bank's Group Supervisory Board sets out a policy for operational risk that states the framework for identification, assessment, monitoring, and management of operational risk as well as the Group's operational risk appetite.

The purpose of the policy is to keep operational risk at an acceptable level with respect to the Group's overall strategic objectives and the cost associated with reducing the risks. Therefore, the Group Supervisory Board has laid down principles for the set-up and management of the Group where, among other things, attention must be paid to sufficient resources, IT support of material work processes, due

separation of functions as well as stable development and operational processes.

Risk identification and assessment

The primary ways in which risks are identified and assessed in the Group are via Risk and Control Self-Assessments (RCSA) conducted in all business units, and analysis of historical losses and near misses. Further, scenario analysis of tail-risk events strengthens the ability to manage operational risk effectively in the Group.

RCSA-analyses assess the Group's potential operational risk events in term of probability of occurrence and impacts in case of occurrence. All risk events that may cause losses of more than DKK 100,000 are within scope of the RCSA-analyses.

Each business unit maps out the risks that are significant based on substantial experience within their respective areas. Analysis of central processes and historical events using several internal as well as external inputs factor into risk identification as well as risk assessments. A broad range of risks are accounted for, such as the provision of incorrect advice, trading errors, errors in models, as well as errors in internal and external reporting. Operational risks at major business partners are included in the assessments, including errors in IT development or IT failure. Risks that could materially damage the

Group's reputation are also analysed and mitigated, if necessary.

An assessment of the effectiveness of the control environment reveals risks that are insufficiently mitigated by existing controls. The RCSA-analyses propose ways in which operational risks can be reduced.

The Operational Risk Function acts as a second line function, hence supports and facilitates the Group's business units throughout the RCSA process as well as challenges and ensures the quality of the work. The Operational Risk Function is centralised, to achieve consistency across the Group.

Registration is made of all operational incidents in the Group that cause losses or gains in excess of DKK 5,000. Near misses of significant amounts are also registered. Each registration includes information about the incident such as product, work process and cause of error. Data is used for analysis and reporting with a view to optimising processes and reducing future losses.

Management and monitoring

Developments in operational risk are monitored using a risk-based approach to ensure the best possible basis for risk management. High risk areas are reported on more frequently and thoroughly than other areas.

The Group Executive Board and the relevant unit directors oversee operational risk management. Thus, risk management is an integral part of daily operations through policies and controls established with the purpose of securing the best possible processing environment.

Regular reporting to the business unit directors, ensures that management are continually informed about developments in operational risk exposure in their respective business units.

Furthermore, quarterly reports to the Group Executive Board and the Group Supervisory Board are prepared by the Operational Risk Function. In these reports, important aspects with respect to the development in the Group's operational risk exposure are described and areas in need of senior management attention are highlighted.

Cyber security

The Group recognises cyber risk among the top operational risks. Throughout 2023, Jyske Bank continued its IT security activities and launched further initiatives to combat cyber threats and improve the overall security of the IT infrastructure.

Spurred by global and national increases in cyber threat trends, including Russia's uphold of the war in Ukraine, Jyske Bank has not been notably affected in terms of being targeted for advanced cyberattacks.

High volatility in the threat landscape was assumed in H1 2023 due to the Russian invasion, and early January 2023, Jyske Bank was in a targeted attack which consisted of periodic and systematic DDoS attacks over the course of a month, however most intensely in the first weeks of the attack. The DDoS attacks were likely to come from organised hacker groups with some affiliation to Russia. The attacks had very little to no business impact, yet large efforts were put into handling the attack, as it was an attack on the Danish banking sector. Jyske Bank believes that both the financial sector in general and Jyske Bank as an individual company have a responsibility to be as robust as possible and to deter such attacks despite low business impact. Therefore, the Group employed additional technological features to enhance our cyber defences in order to deter and/or absorb future similar attacks. Throughout 2023, these safety measures have proven themselves valuable affirming the deterrent effect, despite our cyber analysts observing increased scanning activities for cracks and exploits.

While the Group sees multiple indicators of attack attempts in day-to-day monitoring and cyber events, it has not seen any sophisticated, directly targeted attempts– proving that the

Group is maintaining its strategy well in terms of managing the attack surface.

The Group has not experienced any material losses stemming from cyber-attacks in 2023. The anticipation for 2024 is a "moderate to high" cyber threat activity against Jyske Bank in 2024. Volatility of cyber threats are expected, and the possibility that the Group is targeted again as a result of activism connected to the Russian invasion cannot be ruled out.

Focus of the initiatives in 2024 remains on improving the overall security posture. External security posture has already been improved significantly. In line with 2023 predictions, the Group anticipates that supply chain risks will increase again, including attacks on supply chains for the Group. This modus is observed more often, including the fact that threat intelligence has unveiled an increase in cyber criminals organizing a supply chain for committing cybercrime – meaning that certain threat actor groupings specialize in one type of attack or exploitation while others buy this information to include in their own attacks. The advances of AI/GenAI and increased digitization are also making the threat-landscape more complex and difficult to assert control of. Due to this the Group realises thatthe nature of cyber threats may develop in unknown directions and the fact that it must enhance IT capabilities and explore preventative measures even more to bolster

against the effects of the evolving complex threats.

During 2023, the Group was subject to an FSA inspection and an FSA-initiated Cyber stresstest. Results are still pending. From our cooperation with the with The Danish FSA we foresee even more scrutiny in the cyber security field due to the adoption of the new legislation on IT security – The digital operational resilience act (DORA). We already have a strong foundation in our IT risk management and controlling setup, which is a key area in DORA. Throughout 2024 the Group has prioritized significant resources to ensure compliance with DORA, and we will continue to grow and improve our entire security capabilities to meet these new and very stringent requirements, which we acknowledge to full extent.

Financial crime

Efforts to prevent financial crime and violations of international sanctions remains a high priority at the Jyske Bank Group. Substantial resources go into ongoing enhancements within a wide range of focus areas.

For 2023, special efforts in the following areas can be pointed out:

The Group focuses on improving customer due diligence and customer due diligence processes. In the course of 2023, the Group centralised the majority of its ongoing customer due diligence procedures for both retail and

corporate customers. This centralisation has made the processes more efficient, while heightening the quality of the Group's customer due diligence data.

In 2023, the Group has effectuated a reorganisation of its financial crime prevention department. The purpose of the reorganisation was to implement a more streamlined and clear governance structure, and the group money laundering reporting officeris now part of the group management. As a part of the restructuring of our financial crime prevention department, the Bank has established a new department, which is responsible for analysing, monitoring and mitigating risks to further strengthen the Group's focus on the prevention of financial crime and the mitigation of money laundering risks.

The Group facilitates transfers to and from Russia and Belarus for its own clients, provided that such transfers do not violate international sanctions. Clients who wish to send or receive transactions to and from Russia or Belarus are subject to rigorous due-diligence procedures and are subject to time-limited approval from the management. To counter the risk of sanctions being violated, control measures that address and manually review each transfer made to and from Russia and Belarus have been in place since February 2022. The Group has always been committed to counter sanction violations and is constantly revising its internal and external procedures. In 2023, the Group

implemented even more enhanced due diligence measures, in efforts to intercept transactions with underlying sanctions risks.

In November 2022, the Danish FSA conducted an inspection of Jyske Bank's cash handling. The inspection gave rise to four orders, which were published on 13 June 2023. The four orders concern the quality of customer due diligence procedures, the effectiveness of the Bank's internal control procedures, the monitoring of cash withdrawals in high-risk areas and, finally, the Bank's measures to prevent employees who are processing money laundering alerts from misusing their position. The first order was remediated in 2023, and the last three orders will be remediated within the first quarter of 2024.

Model risk

Models risk constitutes an important and still growing risk type within non-financial risk, due to an increase in digitalisation and need for efficient data-driven processes and decisions. The application of models to support decision making may result in risk due to errors in the development, operationalisation, and application of models.

Model risk is governed by the Group's Model Risk Policy, which defines the Group's framework for managing and governing model risk.

Model owners are responsible for the model risk connected to their models, which includes identifying models and ensuring ownership of tasks connected to models such as development, validation, monitoring, and processes related to application of their models.

The Model Risk Management (MRM) function is the Group's second line concerning model risk, and is responsible for developing and updating the model risk policy, composing guidelines and business procedures for working with model risk, classifying models in cooperation with business units and reviewing relevant model information. The MRM function also compose ongoing reports for areas with significant model risk and reports on the development of the overall model risk.

An essential part of the oversight and control of model risk is the validation of high-risk models, covering among others the risk models used for IRB, IFRS9, stress test and pricing derivatives. The Group has an internal framework for validating models. The validation unit performs model validation for all high-risk models. These models are subject to both initial validation and afterwards periodic validations by the validation unit.

The results of the validations performed by the validation unit are logged in a repository, which together with the model inventory and MRM function's review of the business units work with models are the basis of the evaluation the

Group's model risk, which is regularly reported to the Group Risk Committee.

Data protection

The Group continuously strives to ensure compliance with the General Data Protection Regulation (GDPR). The Group has during 2023 made substantial progress enabling solutions that safeguards privacy and data protection principles. In a collaborative effort with the Operational Risk Function, the Group's Data Protection Officer (DPO) is engaged in the integration of GDPR-related risks into the Risk Control Self-Assessment (RCSA) analyses conducted across the organization. Before each RCSA analysis, the Group's DPO provides insights to facilitate the identification of GDPR risks and contributes to the review and quality-assurance process of the analysis.

Data management

Data management is recognised as a highly important area for risk management in the Jyske Bank-group. Significant efforts go into ongoing assurance and control of data quality to ensure highly reliable risk reporting as well as riskbased decisions. The Group also recognizes the strategic importance of data management in light of the increasing digitization of the Bank and increased use of generative AI.

Further advances and strengthening of overall data governance and data management

processes throughout the entire Group is a highly prioritized area going into 2024.

Acquisitions

The Group's acquisition of Handelsbanken Denmark and ongoing work to integrate organisations, business models and IT-platforms, has implied an extraordinary temporary increase in the operational risk level in the Group.

The technical integration of IT-platforms was completed successfully in November 2023 and the integration of business processes is expected to be fully completed in the first half of 2024.

The Group made another acquisition, namely PFA Bank A/S in 2023 and the integration of this institution is well underway and expected to be fully completed in 2024.

Breakdown of losses

The breakdown of operational losses registered in 2023 by category shows that most incidents are related to 'external fraud' or 'execution, delivery, and process management'. These two categories make up 92 % of total incidents and 81 % of total losses. 'External fraud' alone accounted for 64 % of loss incidents and 41 % of the total loss amount. The number of

'external fraud' incidents has increased substantially 2023 despite significant ongoing improvements in preventative measures. This area has high priority in the Group going into 2024.

The registration of errors only includes direct losses that are recognised separately, for instance, compensation to clients, loss of means and extra expenses. Therefore, a category such as business disruption and system failures rank low on the list as such incidents will primarily result in loss of working hours.

Own funds requirement for operational risk

The own funds requirement for Jyske Bank is determined by means of the standardised approach. At end-2023, the overall own funds requirement for the Group amounted to DKK 1,212m against DKK 1,171m at end-2022. The increase in the own funds requirement is primarily due to increasing net income in the three years covered by the 2023 calculation.

In addition to the above-mentioned own funds requirement for operational risk, an addition of DKK 202m has been separately added due to the purchase of Handelsbanken Denmark to cover the operational risks of those assets. Similarly, the purchase of PFA Bank has given rise to an addition of DKK 12m to the own funds requirement.

The total own funds requirement for operational risk thus becomes DKK 1,426m.

Throughout 2023 the Group continued its efforts to strengthen the management of ESG risk. A fundamental part of this work has been the development of a framework for the identification and materiality assessment of ESG risk at a portfolio level and the introduction of a ESG profile for the Group's corporate customers. Both elements are central in the ongoing risk assessment and monitoring.

The Group's analyses still show that it is especially through transition risk that Jyske Bank is exposed to ESG risk. Physical risks are mainly relevant through acute risks and only for a smaller part of the portfolio.

In 2024 the work will continue where accessibility of ESG relevant data, strengthening of the analysis in the ESG framework and the set-up for climate stress testing are going to be important elements.

ESG Risk

ESG risk has attention across the Group and is an increasingly important topic.

ESG risk refers to the potential risk of a significant negative impact on the Group – both financial and reputation-wise – stemming from current or future environmental, social, and governance events or conditions.

ESG risk is considered an integral component of the Group's primary risk categories. Consequently, ESG risk is integrated into the management of credit risk, market risk, liquidity risk, and operational risk as outlined previously in this report. This implies, that ESG risk is not treated as a standalone risk category, butinstead ESG-related events can exacerbate the risks already identified by the Group. Nonetheless, the incorporation of ESG risk into the risk management framework is nontrivial and will continue to evolve as the setup, markets standards, and data availability matures.

Until now,the focus is particularly on climate and environmental risks from a credit risk perspective since the Group's current assessment indicates that these factors pose the most immediate material risks in the short term.

Governance and reporting lines

The responsibility for Jyske Bank's methods of assessing, analysing, and reporting the group's ESG risks is vested in the Risk unit under the group's risk officer. The Risk unit is divided into teams representing the different risk types and the Chief Risk Officer has appointed a climate risk responsible in each of the teams. This assures the necessary commitment and integration across all risk types.

ESG risk is an integrated part of the Group's risk reporting. This means, that the ongoing work is reported continuously through the channels as outlined in the chapter about risk management. This implies, that when the Risk unit identifies some areas of attention or recommended actions to be taken, the supervisory board can act upon this information.

Identification and materiality assessment of ESG risk at a portfolio level

It is important that the Group is capable of continuously identifying, assessing, and managing ESG risk – both to minimize potential losses and to ensure the resilience of the Group's investments and loans in the face of changes in ESG events. The identification and materiality assessment of ESG risk is nested in a framework developed by the Group. The framework serves the following main purposes:

• To have a comprehensive and documented understanding of how ESG risk affects Jyske Bank – both operationally and in relation to the Group's overall risk profile across risk types.

Business Model Risk Management Capital Management Credit Risk Counterpart Credit Risk Market Risk Liquidity Risk Operational Risk ESG Risk Management declaration

• To establish a foundation for prioritizing and focusing future work related to ESG events.

The approach to the framework is risk-based, where identification and assessments continuously are updated and expanded – not least as the data availability is improved. The framework is based on "best practices" as described by, among others, ECB and EBA.

The topics covered in the framework are the Group's identified relevant ESG events e.g., a storm surge or increased temperature fluctuations. This enables a response to specific and current events. With respect to environmental events a distinction is made between physical and transition risks. Physical risks are further dived into acute and chronic risks, as it is important in the subsequent assessment whetherthere is an immediate danger or instead a more prolonged or structural change.

ESG risk materializes differently in the short, medium, and long term, depending on the specific scenario being considered. In the framework, assessments are made based on scenarios developed by the NGFS (Network of Central Banks and Supervisors for Greening the Financial System), which have been adjusted to Jyske Bank's specific context, particularly as a Danish financial institution.

For all ESG matters, the potential negative consequences are assessed. The materiality is determined as a function of both the severity of the consequence and the probability, i.e. a high

Material ESG events for the Group
	· Material	Potentially material
ESGevent	Description	Materiality assessment
Physical risks
Temperature fluctuations and variations in precipitation	Unpredictable weather conditions can affect across industries, but agriculture in particular is expected to be impacted, where this can have a major effect on yield.	· Agriculture
Water consumption and scarcity	Yield loss due to drought for the agricultural portfolio as well as indirect effect on raw material extraction for manufacturing companies.	· Industry and agriculture
Transition risks
Climate policies (Emissions and energy)	Properties with high energy consumption as well as the production, agriculture, and transportation sectors could be subject to CO2 taxes.	· Industry, agriculture, real estate, and transport
Technological advances	High costs, especially for the transportation sector, due to new technology and rapid development, with investments associated with shorter lifespans. Current assets can end up as stranded assets.	Transport Industry, agriculture, and real estate
Legal risk	Insufficient explanation of the sustainability of a product can lead to accusations of greenwashing, which can result in the loss of customer base as well as legal costs.	● Operational risk
Reputation due to change of business	Increased focus on sustainable products can affect demand among companies that are slow to adapt.	· Industry, agriculture, and transport

(low) probability combined with a high (low) consequence implies that the topic is assessed as material (not material). In the table at the previous page an overview of topics, which the Group has identified as material from an ESGrisk perspective, is shown. Two examples of the analysis behind the assessment of climate policies are described in more details in box 1 and 2, respectively.

The Group's overall analyses of the current ESG risk profile show that it is particularly through transition risks thatthe Group is exposed. The reason for this is a combination of the Group having loans to industries characterized as energy-intensive and Denmark having ambitious goals for the green transition. This results in both a high probability of regulatory changes, technological shifts, and significant attention to the area from the Group's stakeholders.

For physical risks, it is mainly acute risks such as temperature fluctuations and precipitation variations that require forward-looking focus, albeit only for a small part of the portfolio. For chronic risks, only water consumption and scarcity pose potential risks, also affecting only a smaller part of the portfolio.

As part of the Group's stress test framework, a climate stress test is conducted, which serves as a crucialtool for evaluating potential

consequences across all risk types encountered by the Group.

Identification of ESG risk at a customer level

Based on legal requirements for assessing customer ESG risks and Jyske Bank's credit policy, an internally developed ESG profile was implemented in 2023, where the risk of corporate customers is assessed either through machine screening or a questionnaire filled out by the customer's responsible bank advisor. This profile is now an integral part of credit decisions.

The ESG profile ensures a more consistent approach to customer assessment, providing each advisor with a structured framework for customer dialogue. It translates into the identification and evaluation of corporate customers' status in the ESG area, while also achieving a better common understanding of the future opportunities or risks related to the customer's business model.

The information from the ESG profile is also an important source of information in the ongoing monitoring and risk management, where among other things the information is part of the Group's key risk ESG indicators.

Accessibility of ESG data

As a financial institution, Jyske Bank is capable of influencing the ESG agenda through our interactions with customers in relation to lending and investing activities. To measure the ongoing progress, data is essential. With the

ambition to have a strong ESG data foundation that is consistent across the organization this provides a foundation for analytical work and the ongoing risk monitoring and management. Therefore, efforts are being made on multiple fronts and across various time horizons to enhance the coverage and quality of this data.

There are increasing demand for ESG data, such as additional reporting requirements in CSRD (Corporate Sustainability Reporting Directive) which large companies (including Jyske Bank) are required to report by end of 2024. The Pillar 3 reporting will also expand by mid-2024. Moreover, the growing attention to ESG from stakeholders necessitates much more granular data for analysing and understanding its impact.

Jyske Bank wishes to contribute to the development of ESG solutions making it simple and effective for our customers to monitor and report on ESG matters. The Finans Denmark joint model for calculating CO2 is used in Jyske Bank to ensure common sectorial methodology. Also, Jyske Bank has participated in the development of a free Danish ESG reporting solution for the commercial real estate sector.

Box 1: A CO2 tax on agriculture will affect dairy farmers the most

The Danish government has announced its intention to introduce a tax on CO2 emissions on the agricultural sector. Currently, the specific design,time, and the final adoption of the tax are not clarified. The Danish Economic Councils have proposed a uniform tax on 1,000 DKK per ton CO2, while an already imposed tax on oil and gas is 750 DKK per ton CO2. Therefore, Jyske Bank has conducted an analysis of these two cases to access the potential implication of such a tax.

The analysis of the consequences of a CO2 tax on Jyske Bank's agricultural portfolio of full-time farmers shows that dairy farmers will be affected the most. This is due to the fact that cattle emit have a significant amount of methane, which has a high emission factor when converted to CO2. For the operating branches pig farmers and crop farmers, the tax level will also have a significant effect, but for both levels the tax can be absorbed by their earnings. The figure below shows the earnings before tax and owner remuneration minus the CO2 tax for Jyske Bank's agricultural portfolio.

Effect on Jyske Banks agriculture portfolio by introducing a CO2 tax

Note: A negative (positive) index means that the farmer has a negative (positive) result after the CO2 tax. The figure is based on an average of three years earnings and estimated GHG emissions for full-time farmers. The estimated CO2 emissions are calculated using the method from SEGES's ESGreenTool.

There is no final clarification on either the tax level or the method for calculating the CO2 tax. Considering a "worst-case" scenario when calculating the CO2 emissions and the tax levels of DKK 750 and DKK 1,000 DKK, the results show that it is only the dairy farmers who will be negatively affected. This also means, that the overall effect will be limited on the Group's overall risk picture.

Box 2: Revised building directive changes energy requirements for the property portfolio

In December 2023, an agreement was reached in the trilogue negotiations on the revision of EU's building directive, which is part of the "Fit-for-55" package with the goal of reducing EU's greenhouse gas emissions by at least 55% by 2030 at the latest. The settlement resulted in a combination of the various proposals that have been made by the Commission, the EU Parliament, and the Council of Ministers to reduce CO2 emissions from buildings. This is an area with high attention as these account for over a third of CO2 emissions in the EU. The revised proposal still contains the requirement that all new buildings must be zero-emission buildings from 2030 i.e., buildings that must use zero or a very small amount of energy for space heating, space cooling, lighting, etc. However,there have been changes to the requirements and how the reduction of CO2 emissions on the existing building stock is measured. The requirement for residential buildings is measured on the energy consumption, which on average must be reduced by 16% in 2030 and 20-22% in 2035. For non-residential buildings, the requirements have been tightened so that it is now the 16% worst buildings that must be renovated in 2030 and the 26% worst already in 2033.

The directive's potential impact on Jyske Realkredit's property lending

Although the main lines for the revision of the building directive have been published, there is still great uncertainty about how the revision of the directive will be implemented in the individual countries and what consequences it will have for existing buildings. In Denmark, there will be a natural reduction in the energy consumption for heating buildings through the schemes that exist around the replacement of fossil heat sources. A large part of the improvement in energy consumption will result from natural development through renovation and replacement of the heat source. Therefore, at this stage it is still difficult to say anything definitive about how it will affect the buildings Jyske Bank finances.

Target and expected achieved energy reduction in Jyske Realkredit's property portfolio

A calculation based on Jyske Realkredit's property portfolio shows a lack between targets and expected achieved reduction in primary energy use for residential and non-residential buildings in 2030 and 2035, but the calculations are highly uncertain. At present, Jyske Bank is assured of the risk and the consequence of the directive is continuously monitored by the risk management.

Management declaration

The Group is according to article 435(1) of CRR obligated to provide a declaration and risk statement approved by the Group Executive Board.

Board declaration by the management body on the adequacy of risk management arrangements of the institution providing assurance that the risk management systems are adequate with regard to the institution's profile and strategy.

Risk statement: a concise risk statement approved by the management body succinctly describing the institution's overall risk profile associated with the business strategy. This statement shall include key ratios and figures providing external stakeholders with a comprehensive view of the institution's management of risk, including how the risk profile of the institution interacts with the risk tolerance set by the management body.

Board declaration

The Group Supervisory Board establishes the general principles for risk and capital management. The Group Supervisory Board assess the Group's risk on an ongoing basis. A thorough assessment based on a report presented by the Group Executive Board is conducted yearly. The Group Executive Board is responsible for the day-to-day risk management of the Group and will ensure compliance with the implemented policies and instructions. The Group

Executive Board finds that the Group has adequate risk management arrangements in place considering the Group's risk profile and strategy.

Risk Statement

The Jyske Bank Group's business model is designed to offer financial products and other related services to private individuals, businesses, and institutions. The Group primarily offers financial services within Denmark.

Jyske Bank's Group Supervisory Board lays down the overall guidelines for credit granting within the Group, and the largest exposures are presented to the Group Supervisory Board for approval. The Group Supervisory Board delegates limits to the members of the Group Executive Board. Credit risk is managed through Jyske Bank's credit policy with the objective to keep risk at an acceptable level in relation to the capital base and business volume of the Group,

given the general trend in the Danish economy. Hereto, the ongoing monitoring and reporting on credit risk ensure alignment with the approved risk appetite.

The Group undertakes market risk, primarily represented by interest-rate risk. The Group Supervisory Board is responsible for the Market Risk Policy, setting the Group's overall marketrisk profile and framework. The policy is implemented through limits delegated to the Group Executive Board. The Group adjusts its market risk in accordance with market developments, maintaining a suitable risk appetite based on the risk profile agreed upon by the management body.

The business model engenders liquidity risk. These risks are controlled and supervised through active liquidity management, which ensures sufficient liquidity, enabling the Group to meet its obligations. The Group Supervisory

Board determines the liquidity profile expressed as the balance between the risk level and the Group's costs of managing liquidity risk. The liquidity risk is monitored and managed daily to comply with the liquidity policy implemented by the Group Supervisory Board.

Moreover, the group faces non-financial risks. The operational risk policy seeks to ensure that the Group's exposure to operational risk and resultant losses are at an acceptable level in relation to the Group's overall objectives. The policy is approved by the Group Supervisory Board at least once a year. The total risk is adjusted regularly to harmonize with the Group's risk profile and capital structure in adherence with the Group's capital-management objective. The Group Supervisory Board and the Group Executive Board regularly receive reports regarding the development of the risk types and how the Group maneuvers within the relevant policies. This allows the Board to supervise the compliance of the approved policies, as well as evaluate whether the policies continue to be suitable for the Group and its activities.

AI Terminal

Jyske Bank

3370_10-k_2024-02-27_d07930b3-2c9e-4c4d-8036-cad7982cad90.pdf