Pillar 3 Disclosures 2024

Pillar 3 Disclosures 2024

Forward-Looking Statements

This document contains certain forward-looking statements which can usually be identified by terms used such as 'expect', 'should be', 'will be' and similar expressions or variations thereof or their negative variations but their absence does not mean that a statement is not forward-looking. Examples of forward-looking statements include, but are not limited to, statements relating to the Bank of Cyprus Holdings Group's (the 'Group') near term and longer term future capital requirements and ratios, intentions, beliefs or current expectations and projections about the Group's future results of operations, financial condition, the level of the Group's assets, liquidity, performance, return of tangible equity, projected levels of growth, capital distributions (including policy on dividends and share buybacks) prospects, anticipated growth, provisions impairments, business strategies and opportunities, any commitments and targets (including environmental, social and governance (ESG) commitments and targets).

By their nature, forward-looking statements involve risk and uncertainty because they relate to events, and depend upon circumstances, that will or may occur in the future. Factors that could cause actual business, strategy and/or results to differ materially from the plans, objectives, expectations, estimates and intentions expressed in such forward-looking statements made by the Group include, but are not limited to: general economic and political conditions in Cyprus and other European Union (EU) Member States, interest rate and foreign exchange rate fluctuations, legislative, fiscal and regulatory developments and information technology, litigation and other operational risks, adverse market conditions, the impact of outbreaks, epidemics or pandemics, and geopolitical developments as well as uncertainty over the scope of actions that may be required by us, governments and other to achieve goals relating to climate, environmental and social matters, as well as the evolving nature of underlying science and industry and governmental standards and regulations. This creates significantly greater uncertainty about forward-looking statements. Should any one or more of these or other factors materialise, or should any underlying assumptions prove to be incorrect, the actual results or events could differ materially from those currently being anticipated as reflected in such forward-looking statements. Further, forward-looking statements may be affected by changes in reporting frameworks and accounting standards, including practices with regard to the interpretation and application thereof and emerging and developing ESG reporting standards.

The forward-looking statements made in this document are only applicable as at the date of publication of this document. Except as required by any applicable law or regulation, the Group expressly disclaims any obligation or undertaking to release publicly any updates or revisions to any forward-looking statement contained in this document to reflect any change in the Group's expectations or any change in events, conditions or circumstances on which any statement is based.

1.	EXECUTIVE SUMMARY	6
2.	INTRODUCTION	10
2.1	CORPORATE INFORMATION 10
2.2	PILLAR III REGULATORY FRAMEWORK10
3.	RISK MANAGEMENT OBJECTIVES AND POLICIES	17
3.1	STRATEGIES AND PROCESSES TO MANAGE RISKS17
3.1.1	Principal Risks17
3.1.2	Risk Management Framework 26
3.1.3	Effectiveness of the Risk Management Framework 27
3.1.4	Risk Governance 27
3.1.5	Accountability and Authority28
3.1.6	Risk Identification 29
3.1.7	Three Lines of Defence29
3.1.8	Risk Management Division (RMD)31
3.1.9	Risk Culture32
3.1.10	Risk Appetite Framework (RAF)32
3.1.11	Risk Taxonomy34
3.1.12	Risk Management Policies34
3.1.13	Risk Measurement and reporting 34
3.1.14	Recovery Plan 35
3.1.15	Stress Testing35
3.1.16	ICAAP, Pillar II and SREP 36
3.2	RISK MANAGEMENT OBJECTIVES AND POLICIES 37
3.2.1	Credit Risk Management37
3.2.2	Market Risk Management44
3.2.3	Liquidity Risk and Funding 49
3.2.4	Operational Risk Management (ORM) 51
3.3 3.3.1	GOVERNANCE ARRANGEMENTS59 Recruitment Policy59
3.3.2	Other Directorships61
3.3.3	Diversity61
3.3.4	Board Risk Committee (RC)63
3.3.5	Reporting and Control 64

4.	SCOPE OF APPLICATION	65
4.1	RECONCILIATION OF REGULATORY OWN FUNDS TO BALANCE SHEET IN THE AUDITED FINANCIAL STATEMENTS 67
4.1.1	EU LI1 - Differences between accounting and regulatory scopes of consolidation and mapping of financial
	statement categories with regulatory risk categories69
4.1.2	Main sources of differences between regulatory exposure amounts and carrying values in the Financial Statements 74

5.	OWN FUNDS	77
5.1	CRD REGULATORY CAPITAL77
5.2	SUMMARY OF THE TERMS AND CONDITIONS OF CAPITAL RESOURCES 87
5.3 5.4	FULL TERMS AND CONDITIONS OF REGULATORY OWN FUNDS INSTRUMENTS AND ELIGIBLE LIABILITIES INSTRUMENTS88 MINIMUM REQUIREMENT FOR OWN FUNDS AND ELIGIBLE LIABILITIES (MREL) 89

6.	OWN FUNDS REQUIREMENTS AND RISK WEIGHT ASSETS	94
6.1	MINIMUM REQUIRED OWN FUNDS FOR CREDIT, MARKET AND OPERATIONAL RISK GROUP'S APPROACH TO ASSESSING THE ADEQUACY
	OF ITS INTERNAL CAPITAL94
6.2	INSURANCE PARTICIPATIONS 97

6.3	COMPARISON OF INSTITUTION'S OWN FUNDS AND CAPITAL AND LEVERAGE RATIOS WITH AND WITHOUT THE APPLICATION OF TRANSITIONAL ARRANGEMENTS FOR IFRS 9 OR ANALOGOUS ECLS, AND WITH AND WITHOUT THE APPLICATION OF THE TEMPORARY TREATMENT IN ACCORDANCE WITH ARTICLE 468 OF THE CRR98
7.	COUNTERPARTY CREDIT RISK (CCR)	102
7.1	INTERNAL CAPITAL AND CREDIT LIMITS FOR COUNTERPARTY CREDIT EXPOSURES 110
7.2	POLICIES FOR SECURING COLLATERAL AND ESTABLISHING CREDIT RESERVES111
7.2.1	Policies with Respect to Wrong-Way Risk Exposures 112
7.2.2	Collateral the Group would have to provide given a Downgrade in its Credit Rating 112
8.	COUNTERCYCLICAL CAPITAL BUFFERS	113
9.	CREDIT RISK	119
9.1	PAST DUE AND CREDIT IMPAIRED LOANS 119
9.1.1	Net exposures by residual and exposure classes 121
9.2	NON-PERFORMING EXPOSURES 122
9.3	CREDIT RISK ADJUSTMENTS 140
9.3.1	ECL of Loans and Advances to Customers 140
9.3.2	Credit Risk Adjustments recorded to Income Statement140
9.4	FORBEARANCE/RESTRUCTURING 141
9.5	EXPOSURES IN EQUITIES IN THE BANKING BOOK 145
10.	ASSET ENCUMBRANCE	146
10.1	ENCUMBERED AND UNENCUMBERED ASSETS BY ASSET TYPE147
10.2	COLLATERAL RECEIVED BY PRODUCT TYPE 149
10.3	ENCUMBERED ASSETS/COLLATERAL RECEIVED AND ASSOCIATED LIABILITIES 151

11.	CREDIT RISK UNDER THE STANDARDISED APPROACH	152
12.	MARKET RISK	158
13.	OPERATIONAL RISK	159

14.	KEY METRICS	160
15.	EXPOSURE TO INTEREST RATE RISK ON POSITIONS IN THE BANKING BOOK	163
15.1	NATURE OF THE INTEREST RATE RISK AND KEY ASSUMPTIONS 163
15.2	IMPACT OF DOWNWARD AND UPWARD RATE SHOCKS165

16.	ENVIRONMENTAL, SOCIAL AND GOVERNANCE RISKS	166
16.1	ENVIRONMENTAL RISK166
16.1.1	Business strategy and processes166
16.1.2	Governance209
16.1.3	Risk Management217
16.2 16.2.1	SOCIAL RISK 244 Business strategy and processes244
16.2.2	Governance255
16.2.3	Risk Management257
16.3	GOVERNANCE RISK 258
16.3.1	Governance258
16.3.2	Integration of Governance performance of counterparties in Governance arrangements258
16.3.3	Risk Management264
17.	REMUNERATION POLICY AND PRACTICES	265
17.1	BOARD HUMAN RESOURCES AND REMUNERATION COMMITTEE (HRRC)265
17.1.1	The Role of the HRRC265
17.1.2	Composition and Meetings of the HRRC266
17.1.3 17.2	Relevant Stakeholders266 REMUNERATION SCHEMES 267

17.2.1	Fixed Remuneration267
17.2.2	Variable Remuneration267
17.2.3	Short-Term and Long-Term Incentive Plans (e.g. Performance Shares or Share Option Plans)268
17.2.4	Non-Monetary Incentives270
17.2.5	Control Functions Pay 270
17.2.6	Pension Fund obligation risk270
17.3	DESIGN AND STRUCTURE OF REMUNERATION 270
17.3.1	Non-Executive Directors 270
17.3.2	Executive Directors270
17.4	FEES AND EMOLUMENTS OF MEMBERS OF THE BOARD OF DIRECTORS AND OTHER IDENTIFIED STAFF 272
17.5	ADDITIONAL INFORMATION281
18.	LEVERAGE	282
18.1	SUMMARY RECONCILIATION OF ACCOUNTING ASSETS AND LEVERAGE RATIO EXPOSURES 283
18.2	LEVERAGE RATIO COMMON DISCLOSURE 284
18.3	SPLIT-UP OF ON-BALANCE SHEET EXPOSURES (EXCLUDING DERIVATIVES AND SFTS)288
19.	LIQUIDITY REQUIREMENTS	289
20.	CREDIT RISK MITIGATION TECHNIQUES	297
20.1	INFORMATION ON CREDIT RISK MITIGATION TECHNIQUES297
20.2	DISCLOSURE OF THE USE OF CREDIT RISK MITIGATION TECHNIQUES 297
20.3	MAIN TYPES OF COLLATERAL ACCEPTED299
20.3.1	Collateral Valuation Policy299
	APPENDIX I – BIOGRAPHIES OF THE DIRECTORS INCLUDING EXPERIENCE AND KNOWLEDGE	301
	APPENDIX II – BASIS OF CONSOLIDATION OF GROUP ENTITIES FOR REGULATORY PURPOSES	310
	APPENDIX III – MAIN FEATURES OF REGULATORY OWN FUNDS INSTRUMENTS AND ELIGIBLE LIABILITIES INSTRUMENTS	322
	APPENDIX IV- RESULT OF THE MATERIALITY ANALYSIS OF THE LEGAL ENTITIES AS AT 31 DECEMBER 2024	333
	APPENDIX V - SPECIFIC REFERENCES TO CRR ARTICLES	334
	APPENDIX VI- LIST OF EBA TEMPLATES DISCLOSED AND MAPPING TO PILLAR 3 REPORT	339
GLOSSARY		342

1. Executive Summary

The executive summary discloses a high-level summary of the risk profile of Bank of Cyprus Holdings Public Limited Company Group (the 'Group'), and its interaction with its risk appetite. Bank of Cyprus Holdings Public Limited Company (the 'Company' or 'BOCH') is the holding company of Bank of Cyprus Public Company Limited (the 'Bank' or 'BOC PCL'). The Group comprises the Company, its subsidiary BOC PCL and the subsidiaries of BOC PCL. Risk appetite describes the types and level of risk that the Group chooses to accept in pursuit of its strategy whilst at the same time fulfilling regulatory requirements.

The Group is the leading, financial and technology hub in Cyprus, with a diversified and sustainable business model. The Group's financial performance for the year ended 31 December 2024 remained strong, benefitting from the high-interest rate environment and recorded a profit after tax of €508 million, 4% higher compared to prior year. As a result, the Group has successfully exceeded its financial targets for 2024 across all metrics, generating a ROTE of 21.4% (compared to a ROTE of 24.8% for the year ended 31 December 2023). This strong financial performance in 2024 facilitated further the rapid build-up of equity base, with tangible book value per share growing by 17% on prior year.

The Group remains focused on growing revenues in a more capital efficient way through growth of highquality new lending and the growth in areas, such as insurance and digital products that provide further market penetration and diversify through non-banking operations. The Group has continued to provide high quality new lending in the year ended 31 December 2024. Growth in new lending in Cyprus has been focused on selected industries in line with the Bank's target risk profile.

Striving for a lean operating model is a key strategic pillar for the Group in order to deliver shareholder value, without constraining investment in the business and funding in its digital transformation.

Strategy and Outlook

As the Group navigates through the cycle of widening of the monetary policy, it has established key priorities going forward to maintain a strongly capitalised and highly profitable organisation delivering attractive returns to shareholders, while simultaneously supporting the Group's stakeholders and the broader economic environment.

These priorities are set below:

Driving new growth initiatives in both banking and non-banking areas (such as international and digital respectively) to complement the strength of the domestic franchise whilst managing the current interest rate headwinds;
Maintaining a lean operating model via ongoing cost management discipline while continuing to reinvest in the business;
Protecting the quality of the balance sheet with continuous meticulous underwriting standards to ensure asset quality in line with European sector;
Providing attractive shareholder returns in line with European sector with focus on prudent management of surplus capital and value creation;
Leading the transition of Cyprus to a sustainable future and building a forward-looking organisation embracing ESG in all aspects.

Pillar 3 Disclosures 2024

1. Executive Summary (continued)

The following key metrics reflect largely the Group's risk profile.

	2024 (Pro forma)1	2024	2023
Key Balance sheet ratios
NPE ratio	1.90%	2.50%	3.60%
NPE coverage ratio	111%	100%	73%
Leverage ratio2	8.75%	8.75%	7.65%
Cost of risk (bps)	30	30	62
Liquidity Coverage Ratio (LCR)	309%	309%	359%
Net Stable Funding Ratio (NSFR)	162%	162%	159%
Capital ratios and Risk Weighted Assets	2024 (Regulatory)2	2023 (Regulatory)3
Common Equity Tier 1 (CET1) ratio (transitional)	19.16%	17.39%
CET1 (fully loaded)	19.14%	17.33%
Total Capital ratio (transitional)	24.02%	22.42%
Risk weighted assets (RWAs) (€ million)	10,834	10,341
RWAs intensity		40.91%	38.83%

1 References to pro forma figures as at 31 December 2024 refer to the agreement for the sale of two non-performing loan portfolios, which is expected to be completed in the first half of 2025 subject to necessary approvals. The portfolios are classified as non-current assets held for sale with a net book value of €23 million as at 31 December 2024. Numbers on a pro forma basis are based on 31 December 2024 underlying basis figures and assume completion of the sale.

2 Includes profits for the year ended 31 December 2024 net of distribution at 50% payout ratio. More information is provided in Section 5.1 EU CC1 - Composition of regulatory own funds.

3 Includes profits for the year ended 31 December 2023 net of distribution at 30% payout ratio, following ECB approval in March 2024.

Throughout this Report, all relevant figures are based on 31 December 2024 financial results, unless otherwise stated. Numbers on a pro forma basis are based on the 31 December 2024 figures and are adjusted for the portfolios classified as non-current assets held for sale, and assume their completion, which remain subject to required customary regulatory and other approvals. Where numbers are provided on a pro forma basis this is explicitly stated as pro forma.

Credit Risk is managed in accordance with the Risk Appetite which sets targets for several key asset quality metrics described below.
- o Non-Performing Exposures (NPEs) as per the underlying basis were reduced to €255 million at 31 December 2024, compared to €365 million at 31 December 2023. As a result, the NPEs reduced to 2.5% of gross loans as at 31 December 2024, compared to 3.6% of gross loans as at 31 December 2023.
- o The Group's priorities remain intact, maintaining high quality new lending with strict underwriting standards and preventing asset quality deterioration. Loan credit losses for the year ended 31 December 2024 were €30 million, compared to €63 million for the year ended 31 December 2023, down by 52% year-on-year, supported by the continued robust performance of the credit portfolio and improved macroeconomic assumptions, partially offset by charges on IFRS9 model calibrations. Cost of risk for the year ended 31 December 2024 is equivalent to 30 basis points, compared to a cost of risk of 62 basis points for the year ended 31 December 2023, as in prior year there were higher credit losses on specific customers with idiosyncratic characteristics assessed as 'Unlikely to pay'('UTPs').
- o The NPE coverage ratio stands at 100% at 31 December 2024, compared to 73% at 31 December 2023.

1. Executive Summary (continued)

o The Group has in place limits to manage concentration risk which can arise, among others, from sector, product, counterparty, currency, collateral and funding source concentration. Appropriate monitoring and reporting processes are in place and are frequently reviewed. There are restrictions on loan concentrations which are imposed by the Cyprus Banking Law, the relevant Central Bank of Cyprus (CBC) Directives, European Central Bank (ECB) Directives and the Capital Requirements Regulation (CRR). According to these restrictions, a credit institution shall not incur an exposure after taking into account the effect of the credit risk mitigation and exempt exposures to a client or group of connected clients, the value of which exceeds 25% of Tier 1 Capital. The Group's Risk Appetite Statement (RAS) imposes stricter concentration limits and the Group is taking actions to run down those exposures which are in excess of the internal limits over time.
As at 31 December 2024, the leverage ratio of the Group was 8.75% (2023: 7.65%) on a transitional basis and 8.75% (2023: 7.62%) using a fully phased in definition of Tier 1 (T1). This ratio is well above the 3% regulatory limit.
As at 31 December 2024, the Liquidity Coverage ratio (LCR) stood at 309% compared to 359% at 31 December 2023 and was in compliance with the minimum regulatory requirement of 100%.
As at 31 December 2024, the Net Stable Funding ratio (NSFR) stood at 162% compared to 159% at 31 December 2023 and was in compliance with the minimum regulatory requirement of 100%.
The Common Equity Tier 1 (CET1) ratio on a transitional basis stood at 19.16% as at 31 December 2024, compared to 17.39% as at 31 December 2023. During the year ended 31 December 2024, CET1 ratio was mainly affected by pre-provision income, provisions and impairments, the payment of Additional Tier 1 (AT1) coupon, other movements and the movement in risk-weighted assets. The CET1 ratio is also impacted by the deductions for distribution in respect of 2024 earnings and charges in line with the applicable framework.
The CET1 fully loaded ratio amounted to 19.14% as at 31 December 2024, compared to 17.33% as at 31 December 2023.
The Total Capital ratio stood at 24.02% as at 31 December 2024, compared to 22.42% as at 31 December 2023.
The Standardised Approach has been applied to calculate the Risk Weighted Assets (RWAs) across all risks. The total RWA in 2024 (€10,834 million) increased in comparison to 2023 (€10,341 million) with the main drivers being the increase in operational risk RWAs due to higher income, the increase in placements with banks and the overall increase of loans to customer advances partly offset by decreases in "Other assets" related exposures (such as investment properties and deferred tax asset) and the decrease in the portfolio of investments RWA, due to a shift towards lower risk weight classes (such as Central governments and Covered bonds) and International Financial Reporting Standard (IFRS) 9 phasing in on 1 January 2024.
Credit Risk RWAs continue to be the main component of minimum capital requirements.

1. Executive Summary (continued)

Risk Profile

The Group is exposed to several key risks that include credit risk, market risk, liquidity and funding risk, concentration risk, business model and strategic risk, geopolitical risk, property price risk, climate related and environmental risk, insurance and reinsurance risk, and operational risk which includes but not limited to, regulatory compliance risk, legal risk, information security and cyber risks, technology risk, digital transformation risk and third-party risk. Further details on these risks are provided in Section 3 of the current disclosures.

The Board, through the Risk Committee, is responsible to ensure that a coherent and comprehensive Risk Management Framework for the identification, assessment, monitoring and controlling of all risks is in place. The framework, described in detail in Section 3 of the current disclosures, provides the infrastructure, processes and analytics needed to support effective risk management. It also ensures that material risks are identified, including, but not limited to, risks that might threaten the Group's business model, future performance, liquidity, and solvency. Such risks are taken into consideration in defining the Group's overall business strategy ensuring alignment with its risk appetite. In setting its risk appetite, the Group ensures that its risk bearing capacity is considered so that the appropriate capital levels are always maintained. Furthermore, the risk appetite framework sets specific limits on credit risk including the level of NPEs, the cost of risk as well as concentration limits which are considered when defining the level of new lending in the business strategy.

To ensure that the risk profile of the Group is within the approved risk appetite a consolidated risk report and a risk appetite dashboard is regularly reviewed and discussed by the Board and the Risk Committee. Where a breach occurs, the Risk Appetite Framework provides the necessary escalation process to analyse the materiality and nature of the breach, notify the appropriate authorities, and decide the necessary remediation actions.

The concise risk statement is derived from the Risk Profile section in conjunction with the acceptance of this disclosure Report by the Executive Director Finance and the Chief Risk Officer (CRO).

2. Introduction

2.1 Corporate Information

The Company was incorporated in Ireland on 11 July 2016, as a public limited company under company number 585903 (LEI code: 635400L14KNHZXPUZM19) in accordance with the provisions of the Companies Act 2014 of Ireland (Companies Act 2014). Its registered office is 10 Earlsfort Terrance, Dublin 2, D02 T380, Ireland.

The Company is the holding company of BOC PCL with principal place of business in Cyprus. The Bank of Cyprus Holdings Group (the 'Group') comprises the Company, its subsidiary, BOC PCL, and the subsidiaries of BOC PCL. Bank of Cyprus Holdings Public Limited Company is the ultimate parent company of the Group.

The principal activities of BOC PCL and its subsidiary companies (the 'BOC Group') involve the provision of banking services, financial services, insurance services and the management and disposal of property predominately acquired in exchange of debt.

BOC PCL is a significant credit institution for the purposes of the SSM Regulation and has been designated by the CBC as an 'Other Systemically Important Institution' (O-SII). The Group is subject to joint supervision by the ECB and the CBC for the purposes of its prudential requirements.

2.2 Pillar III Regulatory Framework

Regulatory framework overview

The Pillar 3 report is prepared in accordance with Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions (Capital Requirements Regulation – CRR) and Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions (Capital Requirements Directive - CRD) as amended. The European Banking Authority (EBA) guidelines on Pillar 3 disclosure requirements have been fully adopted.

The CRR and CRD establish the prudential requirements for capital, liquidity and leverage that entities need to abide by. CRD governs access to deposit-taking activities, internal governance arrangements including remuneration, board composition and transparency. CRR introduced significant changes in the prudential regulatory regime applicable to banks including amended minimum capital adequacy ratios, changes to the definition of capital and the calculation of RWAs and the introduction of new measures relating to leverage, liquidity and funding. CRR permits a transitional period for certain of the enhanced capital requirements and certain other measures, such as the leverage ratio, which was largely effective by 2019. In addition, the Regulation (EU) 2016/445 of the ECB on the exercise of options and discretions available in Union law (ECB/2016/4) provides certain transitional arrangements which supersede the national discretions unless they are stricter than the EU Regulation 2016/445.

As of 27 July 2019, the CRR was updated by the CRR Amendment Regulation (EU) 2019/876. As Regulation (EU) 2019/876 is an amendment to Regulation (EU) 575/2013, the term CRR is used consistently throughout this document. Unless further specified, the term CRR always means the currently applicable version, as last amended by Regulation (EU) 2020/873 of the European Parliament and of the Council of 24 June 2020, in force since 27 June 2021.

Regulation (EU) 2019/876 which is applicable from June 2021 includes the introduction of a minimum leverage ratio of 3%, the new standardised EAD calculation for counterparty risk, known as Standardised Approach for Counterparty credit Risk (SA-CCR), a minimum Net Stable Funding Ratio (NSFR) of 100%, the new limits for large exposures and the requirement to report under the standardised approach for market risk. The NSFR is calculated as the amount of "available stable funding" (ASF) relative to the amount of "required stable funding" (RSF).

Pillar 3 Disclosures 2024

2.2 Pillar III Regulatory Framework (continued)

The current regulatory framework comprises three pillars:

Pillar I covers the regulatory capital calculations, including calculation of RWAs for credit risk, counterparty risk, market risk and operational risk.
Pillar II covers the Supervisory Review and Evaluation Process (SREP), which assesses the internal capital adequacy processes and whether additional capital is required over and above the Pillar I and provides for the monitoring and self-assessment of a bank's capital adequacy and internal processes.
Pillar III covers external disclosures that are designed to provide transparent information on regulatory capital adequacy, risk exposures and risk management and internal control processes.

The Group's 2024 year end disclosures comply with all relevant CRD, CRR and associated EBA and ECB guidelines and technical standards in force at 31 December 2024.

Future Regulatory Developments

The Group continues to closely monitor EU and Cyprus regulatory developments, including among others the following:

• The 2021 Banking Package (CRR III and CRD VI and Bank Recovery and Resolution Directive (BRRD))

In October 2021, the European Commission adopted legislative proposals for further amendments to the CRR, CRD and the BRRD (the '2021 Banking Package'). Amongst other things, the 2021 Banking Package would implement certain elements of Basel III that had not yet been transposed into EU law. In the case of the proposed amendments to CRD and the BRRD, their terms and effect will depend, in part, on how they are transposed in each member state. In December 2023, the preparatory bodies of the Council and European Parliament endorsed the amendments to the CRR and the CRD and the legal texts were published on the Council and the Parliament websites. In April 2024, the European Parliament voted to adopt the amendments to the CRR and the CRD; Regulation (EU) 2024/1623 (the 'CRR III') and Directive (EU) 2024/1619 (the 'CRD VI') were published in the EU's official journal in June 2024, with entry into force 20 days from the date of the publication. Most provisions of the CRR III have become effective on 1 January 2025 with certain measures subject to transitional arrangements or to be phased-in over time. Member states shall adopt and publish, by 10 January 2026, the laws, regulations and administrative provisions necessary to comply with CRD VI and shall apply most of those measures by 11 January 2026. The implementation of CRR III is estimated to have a positive impact of approximately 1% on the CET1 ratio (transitional) of the Group on initial application on 1 January 2025. However, during 2025 the publication of ECB guidelines on options and discretions and EBA mandates could result in additional impacts on CET1 ratios across the industry.

• Bank Recovery and Resolution Directive (BRRD)

The Bank Recovery and Resolution Directive (BRRD) requires that from January 2016, EU member states shall apply the BRRD's provisions requiring EU credit institutions and certain investment firms to maintain a Minimum Requirement for Own Funds and Eligible Liabilities (MREL), subject to the provisions of the Commission Delegated Regulation (EU) 2016/1450. On 27 June 2019, as part of the reform package for strengthening the resilience and resolvability of European banks, the BRRD ΙΙ came into effect and was required to be transposed into national law. BRRD II was transposed and implemented in Cyprus law in May 2021. In addition, certain provisions on MREL have been introduced in CRR ΙΙ which also came into force on 27 June 2019 as part of the reform package and were immediately effective.

2.2 Pillar III Regulatory Framework (continued)

Capital requirements

The minimum ratios presented below apply for the Group, BOC PCL and the BOC Group. In addition, the ECB has also provided non-public guidance for an additional Pillar II CET1 buffer.

Minimum Capital Requirements

	01 January 2025	2024	2023
	%	%	%
Pillar 1
CET1	4.50	4.50	4.50
Tier 1	6.00	6.00	6.00
Total Capital requirement - Pillar 1	8.00	8.00	8.00

Pillar 2
CET1	1.55	1.55	1.73
AT1	0.52	0.52	0.58
Tier 2	0.69	0.69	0.77
Total Capital requirement - Pillar 2 - Note 1	2.75	2.75	3.08

Buffers
Capital Conservation Buffer (CCB) - Note 2	2.50	2.50	2.50
Countercyclical Capital Buffer (C cyB) - Note 3	0.92	0.92	0.48
Other Systematically Important Institutions (O-SII) - Note 4	1.94	1.88	1.50
Total minimum requirements CET1 - Note 5	11.40	11.34	10.72
Overall Capital requirement - Note 5	16.11	16.05	15.56

Notes:

In the context of the annual SREP conducted by the ECB in 2022 and based on the final SREP decision received in December 2022 effective from 1 January 2023, the Pillar II Requirement (P2R) was revised to 3.08%, compared to the previous level of 3.26%. The revised P2R included a revised P2R add-on of 0.33%, compared to the previous level of 0.26%, relating to ECB's prudential provisioning expectations. When disregarding the P2R add-on relating to ECB's prudential provisioning expectations, the P2R was reduced from 3.00% to 2.75%. The ECB also maintained the Pillar II Guidance (P2G) unchanged.

As of 30 September 2023, the amount corresponding to the abovementioned Pillar II add-on relating to ECB's prudential provisioning expectations is being deducted from CET1 capital and therefore the P2R was decreased to 2.75% as of 1 January 2024.

The Capital Conservation Buffer (CCB) was gradually phased in at 0.625% in 2016, 1.25% in 2017, and 1.875% in 2018 and was fully implemented on 1 January 2019 at 2.50%.

2.2 Pillar III Regulatory Framework (continued)

1. The CBC, in accordance with the Macroprudential Oversight of Institutions Law of 2015, sets, on a quarterly basis, the Countercyclical Capital Buffer (CcyB) rates in accordance with the methodology described in this law. The CcyB is effective as of 1 January 2016 and is determined for all the countries in the European Economic Area by their local competent authorities ahead of the beginning of each quarter. On 30 November 2022, the CBC, following the revised methodology described in its macroprudential policy, decided to increase the CcyB rate from 0.00% to 0.50% of the total risk exposure amount in Cyprus of each licensed credit institution incorporated in Cyprus effective from 30 November 2023. Moreover, on 2 June 2023, the CBC, announced its decision to raise the CcyB rate to 1.00% of the total risk exposure amount in Cyprus, effective from 2 June 2024. The CcyB for the Group as at 31 December 2024 was calculated at approximately 0.92% (31 December 2023: 0.48%). In January 2025, the CBC, based on its macroprudential policy, decided to increase the CcyB rate from 1.00% to 1.50% of the total risk exposure amount in Cyprus effective from January 2026. Based on the above, the CcyB for the Group is expected to increase further.
1. In accordance with the provisions of this law, the CBC is also the responsible authority for the designation of banks that are O-SIIs and for the setting of the O-SII buffer requirement for these systemically important banks. BOC PCL has been designated as an O-SII. The O-SII Buffer as at 31 December 2023 stood at 1.50% and increased by 37.5 bps to 1.875% on 1 January 2024, following a revision of the O-SII buffer by the CBC in October 2023. In April 2024, following a revision by the CBC of its policy for the designation of credit institutions that meet the definition of O-SII institutions and the setting of an O-SII buffer to be observed, the Group's O-SII buffer has been set to 2.00% from 1 January 2026 (from the previous assessment carried out in October 2023 of 2.25% from 1 January 2025) to be phased-in by 6.25 bps annually to 1.9375% on 1 January 2025 and 2.00% as of 1 January 2026.
1. In the context of the annual SREP conducted by the ECB in 2023 and based on the final 2023 SREP, the Group's minimum phased in CET1 capital ratio requirement as at 31 December 2024 was set at 11.34%, comprising a 4.50% Pillar I requirement, a P2R of 1.55%, the CCB of 2.50%, the O-SII Buffer of 1.875% the CcyB of c.0.92%. The Group's minimum phased in Total Capital requirement was set at 16.05%, comprising an 8.00% Pillar I requirement, of which up to 1.50% can be in the form of AT1 capital and up to 2.00% in the form of Tier 2 (T2) capital, a P2R of 2.75%, the CCB of 2.50%, the O-SII Buffer of 1.875% and the CcyB of c.0.92%.

Following the annual SREP performed by the ECB in 2024 and based on the final SREP decision received in December 2024, effective from 1 January 2025, the Group's minimum phased in CET1 capital ratio and Total Capital ratio requirements remained unchanged from prior year, when disregarding the phasing in of the O-SII buffer. On 1 January 2025, the Group's minimum phased in CET1 capital ratio was set at 11.40%, comprising a 4.50% Pillar I requirement, a 1.55% P2R, the CCB of 2.50%, the O-SII Buffer of 1.9375% and CcyB of approximately 0.92%. Likewise, on 1 January 2025, the Group's minimum phased in Total Capital ratio requirement was set at 16.11%, comprising an 8.00% Pillar I requirement, of which up to 1.50% can be in the form of AT1 capital and up to 2.00% in the form of T2 capital, a 2.75% P2R, the CCB of 2.50%, the O-SII Buffer of 1.9375% and the CcyB of approximately 0.92%. The non-public guidance for an additional Pillar II CET1 buffer (P2G) remains unchanged compared to 2024.

2.2 Pillar III Regulatory Framework (continued)

The EBA final guidelines on SREP and supervisory stress testing and the SSM 2018 SREP methodology provide that own funds held for the purposes of P2G cannot be used to meet any other capital requirements (Pillar I requirement, P2R or the combined buffer requirement), and therefore cannot be used twice.

The capital position of the BOC PCL and the Group at 31 December 2024 exceeds both their Pillar I and their Pillar II add-on capital requirements. However, the Pillar II add-on capital requirements are a point-in-time assessment and therefore are subject to change over time.

The subsidiaries of the Group which are not included in the prudential consolidation and have capital requirements to comply with, are the following insurance subsidiaries:

General Insurance of Cyprus Ltd (Genikes Insurance) and
EuroLife Ltd (EuroLife)

The insurance subsidiaries of the Group complied with the requirements of the Superintendent of Insurance including the minimum solvency ratio throughout 2024. Therefore, there is no capital shortfall to report with respect to the insurance subsidiaries of the Group in accordance with CRR Article 436(g). The Solvency and Financial Condition Report of the General Insurance of Cyprus Ltd and EuroLife Ltd is made public on a yearly basis beginning of April and is published on their websites, www.genikesinsurance.com.cy and www.eurolife.com.cy (Solvency and Financial Condition Reports).

The regulated Cyprus Investment Firm (CIF) of the Group, The Cyprus Investment and Securities Corporation Ltd (CISCO), complied with the minimum capital adequacy ratio requirements throughout 2024. In December 2019, the European Parliament approved the new prudential regime for Investment Firms ("IFs") in the Investment Firm Regulation (EU) 2019/2033 ("IFR") on the prudential requirements of IFs and the Investment Firm Directive (EU) 2019/2034 ("IFD") on the prudential supervision of IFs. IFR on the prudential requirements of IFs became directly applicable in all EU Member States on 26th June 2021 whereas IFD on the prudential supervision of IFs was transposed into national legislation by the Cyprus Securities and Exchange Commission (CySEC) by issuing Law L.97(I)/2021 on the capital adequacy of IFs applicable as from 26th June 2021, Amending Law L.164(I)/2021 on the capital adequacy of IFs applicable as from the 5th November 2021 and Law L.165(I)/2021 on the prudential supervision of IFs applicable as from 5th November 2021. The new prudential framework introduced a new classification for IFs, the Systemic and Non-Systemic. Systemic firms are larger firms with assets over €30 billion, that carry out risky activities (e.g. bank activities) and will remain under CRR/CRD and subject to banking supervision ("Class 1A" and "Class 1B"). Non-Systemic, are firms of either "Class 2" or "Class 3", based on certain criteria, which are subject to the new IFR/IFD Regime in full or with certain exceptions. The new classification of the IFs determines their new capital requirements and reporting obligations. CISCO has been classified as a Non-Systematic "Class 2" company. CISCO complies with the capital requirements under the IFD/IFR as at 31 December 2024. The payment services subsidiary of the Group, JCC Payment Services Ltd, complies with the regulatory capital requirements throughout 2024.

Pillar 3 Disclosures 2024

2.2 Pillar III Regulatory Framework (continued)

Comparative information

Comparative information was restated Section 16 Environmental, Social and Governance Risks:

ESG Template 1 Climate change transition risk: GHG emissions (column i): gross carrying amount percentage of the portfolio derived from company-specific reporting has been restated to indicate the % of actual data used in the estimation of GHG emissions based on PCAF Data Quality Score.
ESG Template 6 Summary of KPIs on the Taxonomy-aligned exposures and ESG Template 8 GAR %: % coverage has been restated to indicate the % of total assets in the denominator (GAR) over total assets.

Disclosure policy

The Group maintains a Pillar 3 Disclosure Policy to support compliance with Articles 431-455 of the CRR and associated EBA guidelines and technical standards. The following sets out the key elements of the disclosure policy including the basis of preparation, frequency, media and location verification. Regarding the risk profile disclosure and their overall appropriateness please refer to Section 3.

Basis and preparation

The 2024 Pillar 3 Disclosures report (the 'Report') of the Group sets out both quantitative and qualitative information required in accordance with Part 8 'Disclosures by Institutions' of the CRR. Articles 431 to 455 of the CRR specify the Pillar 3 framework requirements (refer to Appendix V Specific References to CRR Articles at the end of the Report). The regulation is supplemented by the EBA implementing technical standards EBA/ITS/2020/04 of 24 June 2020 and the corresponding Commission implementing regulation (EU) 2021/637 of 15 March 2021, respectively, which specify the tables integrated in this Report (refer to Appendix VI List of EBA templates at the end of the Report), which are now in force for the purposes of this Report. A CRR mapping table has been included in Appendix V which details how the Group has complied with each article under Part Eight.

A number of significant differences exist between accounting disclosures published in accordance with IFRS and Pillar 3 disclosures published in accordance with prudential requirements, which prevent direct comparison in a number of areas. There are differences in the scope of consolidation (Section 4) and the definition of credit risk exposure.

The Report is presented in Euro (€), which is the functional and presentation currency of the Company and its operating subsidiaries in Cyprus and all amounts are rounded to the nearest million, except where otherwise indicated. A comma is used to separate million and a dot is used to separate decimals. Due to rounding created from specific Pillar III regulation, numbers presented throughout this document may not add up precisely to the totals we provide and percentages may not precisely reflect the absolute figures.

Frequency, media and location

The Report is published annually and in conjunction with the Group's Annual Financial on the Group's website. The Group publishes semi-annually and quarterly disclosures based on the Requirements of Art. 433a (1) CRR. Similar to the annual Report, the semi-annual and quarterly disclosures are also published on the Group's website and approved by the Board and published in conjunction with the Mid-Year Financial Report and Quarterly Group Results.

CRR clarifies that Pillar 3 disclosures shall be published on the same date on which the institution publishes its financial report or as soon as possible. To comply with the requirement, it is defined in the Pillar 3 Disclosure Policy that the Group's Pillar 3 disclosures are to be published the latest within one month from the publication of the financial statements.

Copies of the Group's Annual Report 31 December 2024 along with the Group's Pillar III Disclosures can be obtained from Group's website www.bankofcyprus.com/en-gb/group/investor-relations.

2.2 Pillar III Regulatory Framework (continued)

Verification

This Report is published by the Group as per the formal disclosure policy approved by the Board.

Group Compliance Division had an oversight of the framework and assurance procedures and Group Internal Audit performed a review of the process followed by the Group for the preparation of Pillar 3 Disclosures for 2024.

The Pillar 3 report pre its submission to the Board is reviewed and approved by the Executive Committee (EXCO). The Board, through the Risk and Audit Committees scrutinises and approves the Pillar 3 report. This governance process ensures that both management and the Board are given sufficient opportunity to challenge the disclosures.

The Report was approved by the Board through the Audit and Risk Committees.

Attestation

'We, the Chief Risk Officer and the Executive Director Finance, confirm that, to the best of our knowledge, Bank of Cyprus Holdings Public Limited Group's 2024 Pillar 3 disclosures comply with Part Eight of the CRR and the EBA ITS related disclosure requirements have been prepared in accordance with the internal control processes agreed upon at the Board level, as well as that we provide assurance that the Risk Management Framework and the system of internal controls put in place are adequate taking into account the institution's risk profile and its strategy.'

Demetris Th. Demetriou Eliza Livadiotou Chief Risk Officer Executive Director Finance

3. Risk Management Objectives and Policies

3.1 Strategies and Processes to Manage Risks

3.1.1 Principal Risks

As part of its business activities, the Group faces a variety of risks, the most significant of which are described further in Section 3.2. Furthermore, a high-level summary of the principal risks facing the Group and the mitigating considerations are set out. The summary should not be regarded as a complete and comprehensive statement of all potential risks, uncertainties or mitigants. Furthermore, other factors either not yet identified or not currently material, may adversely affect the Group.

	Principal Risks
	Risk	Mitigating considerations
	Business Model and Strategic Risk
-	Business and strategic risk arises from changes in the external environment including economic trends, competition, geopolitics and regulatory changes, or due to operational factors, such as inadequate planning or implementation.	The Group has a clear strategy with key objectives - to enable delivery and operates within defined risk appetite limits which are calibrated to be within the Group's Risk bearing capacity.
-	The Group faces competition from domestic banks, international banks and financial technology companies operating in Cyprus and in other parts of Europe and insurance companies offering savings, insurance and investment products.	The strategy is monitored closely on a regular basis. - The Group remains ready to explore opportunities - that complement its strategy, including the diversification of income.
-	A possible deterioration of the macroeconomic environment could lead to poor financial performance impacting on the Group's profitability, asset quality or capital resources.	As the Group's business model is pivotal to strategic - risk, it has to be viable and sustainable and produce results that are consistent with its annual targets.
- ˗	The Group's business and performance are heavily dependent on the economic conditions in, and future economic prospects of, Cyprus where the Group's operations and earnings are predominantly based and generated. The Group is also dependent on the economic conditions and prospects in the countries of the main counterparties it conducts business with.	The Group manages business model risk within its - Risk Appetite Framework, by setting limits in respect of measures such as financial performance, portfolio performance and concentration and capital levels. At a more operational level, the risk is mitigated through periodic monitoring of variances to the Financial Plan. During the year, periodic forecast updates for the full year's financial outcome are produced. The frequency of forecast updates during each year will be determined based on prevailing business and economic conditions. Performance against plan is monitored at a Group and business line level on a monthly basis and reported to the EXCO and the Board.
		The Group closely monitors the risks and impact of - changing macroeconomic conditions on its lending portfolio, strategy and objectives and takes mitigating actions, where necessary. An internal stress testing framework as part of the - Group's Internal Capital Adequacy Assessment Process (ICAAP) is in place to provide insights and to assess capital resilience to shocks.

Geopolitical Risk
- -	The Group, operating in a small, open, services-based economy with a large external sector and high reliance on tourism and international business services, is susceptible to adverse changes in economic conditions caused by geopolitical uncertainties. A number of macro and market related risks, including weaker economic activity, a higher interest rate environment for longer, and higher competition in the financial services industry, could negatively affect the Group's business environment, results, and operations.	The Group is continuously monitoring the current - affairs and the impact of the forecasted macroeconomic conditions on the Group's strategy to proactively manage emerging risks. Where necessary, bespoke solutions are offered to the affected exposures and close monitoring on those is maintained. The Group includes related events in its stress - testing scenarios in order to gain a better understanding of the potential impact. The Group is closely monitoring the developments, - utilising dedicated governance structures including a Crisis Management Committee as required and has assessed the impact the crisis has on the Group's operations and financial performance.
		Credit risk
- -	Credit risk is defined as the current or prospective risk to earnings and capital arising from an obligor's failure to meet the terms of any contract with the Group (actual, contingent or potential claims both on and off-balance sheet) or failure to perform as agreed. Within the general definition of credit risk, the Group identifies and manages the following types of risk; counterparty credit risk, settlement risk, issuer risk, concentration risk, country risk environmental, social, governance risk (ESG).	The Group sets and monitors risk appetite limits - relating to credit risk. A lending policy, related circulars and a limits - framework, incorporating prudent lending criteria, aligned with the Group's RAS are in effect and are revised on an annual basis or a more frequent ad hoc basis if deemed necessary. - The management remains committed to carefully and swiftly manage NPEs leveraging on the experience and expertise gained through the de risking of its balance sheet, including organic actions.
		Market risk
-	The risk that the Group's capital or earnings are affected by adverse movement in market rates, in particular interest rates, credit spreads, currency/ foreign exchange movements, equity and property prices (refer to property price risk below).	A proper policy and limit framework is in place for - all market risk areas ensuring the Bank operates within its risk appetite. The Group does not maintain a trading book while - equity holdings are not material.

Property Price risk
A significant proportion of the Group's loan - portfolio is secured primarily by mortgages over Cypriot real estate. Furthermore, the Group retains a portfolio of real estate in Cyprus, mainly as a result of the enforcement of loan collateral and debt-for-asset swaps.	The Group has an established Real Estate - Management Unit (REMU), a specialised division to manage, promote and monetise the repossessed portfolio, including other non-core assets, through appropriate real estate disposal initiatives.
The Group's business and financial condition is - affected by: o Changes in the demand for, and prices of, Cypriot real estate; or Regulatory requests which may increase o the capital requirement for stock of property.	The Group has placed great emphasis on the - efficient and quick disposal of on-boarded properties and on their close monitoring and regular reporting. RAS indicators and other Key Performance Indicators (KPIs) are in place monitoring REMU properties in terms of value, ageing and sales levels.
The Group is exposed to the risk of negative - changes in the fair value of property which is held either as stock of property or as investment property. Stock of property has	The Group assesses and quantifies property risk as - one of the material risks for ICAAP purposes under both the normative and economic perspective. The Group monitors the changes in the market -
been predominately acquired in exchange of debt with a clear plan and intention to be disposed of in line with the Group's strategy.	value of the collateral and, where necessary, requests the pledging of additional collateral in accordance with the relevant agreement.
	As part of the valuation process, assumptions are - made about the future changes in property values, as well as the timing for the realisation of collateral, taxes and expenses on the repossession and subsequent sale of the collateral as well as any other applicable haircuts.
	For the valuation of properties owned by the Group - judgement is exercised which takes into account all available reference points, such as comparable market data, expert valuation reports, current market conditions and application of appropriate illiquidity haircuts where relevant.

Pillar 3 Disclosures 2024

Funding & Liquidity Risk
Funding risk is the risk that the Group does not - have sufficiently stable sources of funding or access to sources of funding may not always be available at a reasonable cost and thus the Group may fail to meet its obligations, including regulatory ones (e.g. MREL). Liquidity risk is the risk that the Group is unable - to fully or promptly meet current and future payment obligations as and when they fall due. This risk includes the possibility that the Group may have to raise funding at high cost or sell assets at a discount to fully and promptly satisfy its obligations.	Surpluses in all regulatory (e.g. LCR, NSFR) and - internal liquidity indicators. Close monitoring of customer deposits. - Weekly internal stress testing. - An updated and tested Liquidity Contingency Plan - and an internal stress testing framework are in place. The Bank is in compliance with its MREL - requirement ahead of the compliance date (i.e. 31 December 2024) and with significant surplus.
Concentration Risk
Concentration risk is the risk of loss due to - exposures to any single entity or group of related entities with the potential to produce losses large enough (relative to capital, total assets, or overall risk level), to threaten the Group's health, reputation, or ability to maintain its core operations. Concentration risk arises also through the - Bank's exposure to the Cyprus sovereign bonds. Other sources of concentration risk arise from - exposures to a specific sector (i.e. construction), property exposures held as collateral or have been repossessed (property risk) or undue concentration in a specific geographical area.	The Group's risk appetite statement imposes strict - concentration limits and the Group is taking actions to run down problematic exposures which are in excess of these internal limits over time. Internal limits are stricter than the ones provided by the Banking Law. Concentration Risk Policy and related guidelines - aligned with the Risk Appetite Statement are in place. Exposures are monitored and reported on a - monthly basis. Thresholds are set for potential losses from changes - in market prices

Pillar 3 Disclosures 2024

Operational Risk
- -	The risk of direct or indirect impact/loss resulting from inadequate or failed internal processes, people and systems, or from external events. This definition includes External Fraud risk, Internal Fraud Risk, Financial Crime risk, Physical Security and Safety risk, Transaction Processing and Execution risk, Compliance risk, Business Continuity risk, Data accuracy risk, as well as Reputational risk. It also includes Information Security and Cyber risk, Legal risk, Regulatory risk, Technology risk and Third-Party risk. Operational risks can arise from all business lines and from all activities carried out by the Bank and its third-party suppliers and are thus diverse in nature.	- -	The RAS sets limits on aggregate operational losses as well as across sub-categories of operational risk including, among others, fraud, conduct, legal, compliance and reputational risk. In addition, several processes, control and procedures are in place, such as: o A Risk and Control Self-Assessment (RCSA) process. o A rigorous monitoring of risk mitigation action implementation plans. Loss/Incident recording and analysis o o Established Key Risk Indicators. o Disaster Recovery.
	Information Security & Cyber Risk
- - - -	Information security and cyber-risk is a significant inherent risk, which could cause a material disruption to the operations of the Group. The Group's information systems have been and will continue to be exposed to an increasing threat of continually evolving cybercrime and data security attacks. Customers and other third parties to which the Group is significantly exposed, including the Group's service providers (such as data processing companies to which the Group has outsourced certain services), face similar threats. Current geopolitical tensions have also led to increased risk of cyber-attack from foreign state actors.	- - -	The Group has an internal specialised Information Security team which constantly monitors current and future cyber security threats (either internal or external, malicious or accidental) and invests in enhanced cyber security measures and controls to protect, prevent and appropriately respond against such threats to its systems and information. The Group collaborates with industry bodies, the National Computer Security Incident Response Team (CSIRT) and intelligence-sharing working groups to be better equipped with the growing threat from cyber criminals. The Group maintains insurance coverage which covers certain aspects of cyber risks, and it is subject to exclusion of certain terms and conditions.

Pillar 3 Disclosures 2024

	Digital Transformation Risk
- -	Digital transformation risk arises as banking models are rapidly evolving both locally and globally as available technologies have resulted in the customers' accelerated shift towards digital channels. Money transmission, data driven integrated services and Digital Product Sales are also rapidly evolving. How the Group adapts to these developments could impact the realisation of its market strategies and financial plans.	- - -	The Group assesses and develops its Digital Strategy and maintains a clear roadmap that provides for migration of transactions to the Digital Channels, fully Digital and Digital Assisted Product Sales, embedded banking and self-service banking support services. The Group's emphasis on the Digital Strategy is reflected in the Operating Model with a designated Chief Digital Officer supported by staff with the appropriate skills that work closely with Technology and Control functions to execute the strategy. The Group's policies, standards, governance and controls undergo ongoing review to ensure continued alignment with the Group's strategy for digital transformation and effective management of the associated risk.
Legal Risk
- -	The Group may, from time to time, become involved in legal or arbitration proceedings which may affect its operations and results. Litigation risk arises from pending or potential legal proceedings and regulatory investigations against the Group. In the event that legal issues are not properly dealt with by the Group, this may result in financial and/or reputational loss to the Group.	- - -	The Group has procedures in place to ensure effective and prompt management of Legal risk including, among others, regulatory developments, new products and internal policies. The Legal Services Department (LSD) monitors pending litigation against the Group and assesses the probability of loss for each legal action against the Group based on International Accounting Standards as well as estimate the amount of the potential loss were deemed as probable. The Legal Services Department reports pending litigation and latest developments to the Board of Directors.

Regulatory Compliance Risk
The Group conducts its businesses subject to on - going regulations and associated regulatory risks, including the effects of changes in laws, regulations, policies, codes of conduct, etc.	There is strong commitment by the Management of the - Group for an on-going and transparent dialogue with the Regulators (including the ECB, the CBC and others, such as CySEC and Cyprus Stock Exchange (CSE)).
Regulatory compliance risk is the risk of - impairment to the organization's business model, reputation and financial condition from failure to meet laws and regulations, internal standards and policies, and expectations of key stakeholders such as shareholders, regulator, customers, employees and society. Failure to comply with regulatory requirements - or identify and plan for emerging requirements could lead to, amongst other things, increased costs for the Group, regulatory fines, limitations on the Bank's capacity to lend and could have a material adverse effect on the business, financial condition and results, operations and prospects of the Group.	The Regulatory Steering Group, chaired by the Chief - Executive Officer (CEO) and consisting of executive management, is regularly updated on Regulators Engagement and Requests through the Regulatory Affairs Department to ensure that all regulatory matters are brought to the attention of management in a timely manner and handled accordingly. Additional updates as regards new laws and amendments to existing laws, are provided from information obtained by Regulatory Affairs from Group Compliance and other sources. Regulatory compliance risks are identified and - assessed using diverse methods as outlined in the Group Compliance Policy. This policy details the compliance framework for the Bank and its subsidiaries, covering their business and legal environment, and assigning compliance responsibilities at both Group and Entity levels. Additionally, it ensures the Bank adheres to CBC Internal Governance Directive and EBA Guidelines on Internal Governance. The Compliance Risk Assessment Methodology outlines - how to evaluate compliance risks. The Compliance team identifies and informs business areas about new or updated regulations, enabling them to conduct impact assessments or regulatory gap analyses, while the Compliance function reviews and challenges as the second line of defence.
	Technology Risk
Technology risk arises from system downtimes - impacting business operations and/ or customer service. Downtimes may be caused by hardware or software failures due to malfunctions, failed processes, human error, or cyber incidents. Use of outdated, obsolete and unsupported systems increase this risk.	The Group has in place a Technology strategy designed - to support business strategy and customer centric view. The strategy includes investments in skills and technology to minimize system downtimes and security risks, modernization of legacy applications, a risk based approach to leverage the benefits of Cloud technologies, and investments in new and innovative applications to support business requirements. The Group's policies, standards, governance and - controls undergo ongoing review to ensure continued alignment with the Group's Technology strategy, compliance with regulation and effective management of the associated risks.

Third Party Risk
The risk brought onto the organisation by external - parties in its ecosystem or supply chain. Such parties include vendors, suppliers, partners, contractors or service providers who have access to internal company or customer data, systems, processes or other privileged information. Third Party Risk, remains of significant importance, and this is primarily due to the increased number of outsourcing engagements and the risks identified through the Third-Party risk assessments.	A number of controls are in place which include - regular third-party risk assessments on outsourcing/intragroup and strategic contracts, third-party performance assessments, and established third party risk trainings to ensure third-party risk awareness by the Group's staff. The outsourcing contracts of the Group should be - fully aligned with the EBA Guidelines on Outsourcing Arrangements and/or the Third Party & Outsourcing Risk Management Policy. In cases where the arrangements in scope are not aligned with the EBA Guidelines and/or policies of the Group, risks are identified, and mitigating controls are put in place. Examples of potential risks include inadequate contract clauses, third party resilience/inadequate due diligence, and over-reliance on third parties.
Insurance and Reinsurance Risk
The Group, through its subsidiaries EuroLife Ltd - and General Insurance of Cyprus Ltd, provides life insurance and non-life insurance, respectively, and is exposed to certain risks particular to these businesses. Insurance events are unpredictable and the actual - number and amount of claims and benefits will vary from year to year from the estimate established using actuarial and statistical techniques. Insurance risk therefore is the risk that an insured - event under an insurance contract occurs and uncertainty over the amount and the timing of the resulting claim exists. Although the Group has reinsurance coverage, it - is not relieved of its direct obligations to policyholders and is thus exposed to credit risk with respect to ceded insurance, to the extent that any reinsurer is unable to meet the contractual obligations assumed under such reinsurance arrangements.	Both Insurance companies perform their annual - stress tests (ORSA) which aim to ensure among others: • The appropriate identification and measurement of risks; • An appropriate level of internal capital in relation to each Company's risk profile; • The application and further development of suitable risk management and internal control systems; The risk exposure is mitigated by the Group - through the diversification across a large portfolio of insurance contracts. The variability of risks is also reduced by careful selection and implementation of underwriting strategy guidelines, as well as the use of reinsurance arrangements. The creditworthiness of reinsurers is evaluated - by considering their solvency and credit rating and reinsurance arrangements are monitored and reviewed to ensure their adequacy as per the reinsurance policy. In addition, counterparty risk assessment is - performed on a frequent basis.

3.1.1 Principal Risks (continued)

	Climate Related & Environmental Risk (C&E)
-	Climate risk is a growing consideration for financial institutions given the increasing effects of climate change globally and the sharp regulatory focus on addressing the resultant risks. The Group's businesses, operations and assets could be affected by C&E risks over the short, medium and	-	The Group is committed to integrate C&E risk considerations into all relevant aspects of the decision-making, governance, strategy and risk management and has taken the necessary steps to achieve this.
	long term.	-	The Group has put in place targets which set transparent ambitions on its climate strategy and decarbonization of its operations and
-	Accelerating climate change could lead to sooner than anticipated physical risk impacts to the Group and the wider economy and there is uncertainty in the scale and timing of technology, commercial		portfolio. An overall ESG strategy and working plan is thus in place to facilitate these ambitions and address the ECB expectations.
	and regulatory changes associated with the transition to a low carbon economy.	-	Dedicated teams both within Risk Management and Investor Relations & ESG Department, as well as other resources, have been mobilised across the Group and are engaged in various streams of work such as the measuring of own and financed emissions, the integration of climate risk in the risk management framework and the enhanced green products offering.

3.1.2 Risk Management Framework

The Board of Directors, through the Risk Committee, is responsible to ensure that a coherent and comprehensive Risk Management Framework (the 'framework' or 'RMF') is in place, for the identification, assessment, monitoring and controlling of all risks. The framework ensures that there is proper governance and process for the identification of material and emerging risks, including, but not limited to, risks that might threaten the Group's business model, future performance, liquidity, and solvency. Such risks are taken into consideration in defining the Group's risk appetite, ensuring that the Group's overall business strategy aligns with the Group's risk appetite and remains within the Group's risk bearing capacity, always maintaining appropriate capital and liquidity levels.

The RMF is supported by a strong governance structure and is comprised of several components that are analysed in the sections below. The RMF is reviewed, updated and approved by the Board at least annually to reflect any changes to the Group's business or consideration of external regulations, corporate governance requirements and industry best practices.

Pillar 3 Disclosures 2024

3.1.3 Effectiveness of the Risk Management Framework

The Risk Management Framework has been developed based on the applicable governance requirements included in:

a) The CBC Directive on Internal Governance of Credit Institutions of 2021, and
b) The EBA Final report on Guidelines on Internal Governance under CRD 2021.

The Group's management and Board needs to be satisfied that the Risk Management Framework is appropriate given the risk profile of the Group and its strategy. As such, the Group has in place a process whereby certain confirmations/representations and warranties as to the effectiveness of Risk policies, procedures and monitoring activities, as part of the Corporate Governance Code's (Code) obligations, are provided by all the business lines and subsidiary companies to the Board through its Audit Committee (AC) on an annual basis.

The Risk Management Division (RMD), having received such quarterly confirmations/representations from the business lines and subsidiary companies, subsequently provides confirmations/representations and warranties as to the effectiveness of its policies, procedures and monitoring activities to the Board through its AC.

The RMD is subject to independent internal reviews performed by the internal audit function as well as external assessments as requested, from time to time, by the regulator (ECB and CBC) or other relevant authorities. Such assessments may address any part of the Risk Management Framework including the Group's compliance with the risk appetite statement. Any resultant findings are addressed in a timely and effective manner.

3.1.4 Risk Governance

The responsibility for the governance of risk at the Group lies with the Board of Directors (the 'Board') which is ultimately accountable for the effective management of risks and for the system of internal controls in the Group. The Board is assisted in its risk governance responsibilities by the Board Risk and Board Audit Committees (RC and AC respectively) and at executive level by the EXCO, Asset and Liability Committee (ALCO), Asset Disposal Committee (ADC), Technology Committee, Sustainability Committee (SC) and the Credit Committee.

The RC supports the Board on risk oversight matters including the monitoring of the Group's risk profile and of all risk management activities whilst the AC supports the Board in relation to the effectiveness of the system of internal controls. In addition, discussion and escalation processes are in place through both the Board and Executive Committees that provide for a consistent approach to risk management and decisionmaking.

Discussion around risk management is also supported by the appropriate risk information submitted by RMD and Executive Management. The CRO or his representatives participate in all such key committees to ensure that the information is appropriately presented, and that RMD's position is clearly articulated.

Furthermore, certain roles within the Group are critical as they carry specific responsibilities with respect to Risk Management and include the CRO and the CEO.

Pillar 3 Disclosures 2024

3.1.5 Accountability and Authority

The RMD operates independently. That is achieved through:

Organisational independence from the activities assigned to be controlled;
Unrestricted and direct access to Executive Management and the Board of Directors (Board), either through the RC or directly;
Direct and unconditional access to all business lines that have the potential to generate material risk to the Group. Front Line managers are required to cooperate with the RMD Managers and provide access to all records and files of the Group as well as any other information necessary;
A separate budget submitted to the RC for approval;
The CRO is a member of the Executive Management Committee and holds voting or veto presence in key executive committees as well as operational committees.

Furthermore, this independence is also ensured as:

The CRO is assessed annually by the RC that is jointly responsible with Human Resources & Remuneration Committee;
The CRO maintains a close working relationship with both the RC and its Chairman which includes regular and frequent communication both during official RC meetings as well as unofficial meetings and discussions.

The RMD reports to the CRO and is ultimately accountable to the Board through the RC in coordinating the effective and efficient running of the Group's Risk Management Framework. The Board and Executive Management provide the necessary support to the Division. The role of RC is described in Section 3.3.4.

Board and Management Committees

Risk related topics are regularly covered by the various Board and Management Committees in the discharge of their duties. This contributes to the overall monitoring of Risk Management while the CRO's participation in these committees ensures both that the topics are appropriately presented, and that Risk Management's position is clearly articulated.

Topics regularly covered include:

Update on material and emerging risks and performance trends;
Risk perspective on the Group and divisional strategic plans;
Risk appetite formulation;
Stress test, ICAAP and Internal Liquidity Adequacy Assessment Process (ILAAP) results and analysis;
Product, sector and country limits;
Risk policies review;
Asset disposal;
On-boarding of risk.

In addition to regular topics, the committees consider ad-hoc papers on current risk topics such as economic and market developments, political events etc.

Senior Management

Certain roles within the Group are critical as they carry specific responsibilities with respect to Risk Management. These include:

Chief Executive Officer (CEO)

The CEO is accountable for leading the development of the Group's strategy and business plans in a manner that is consistent with the approved risk appetite and for managing and organising Executive Management to ensure these are executed. It is the CEO's responsibility to manage the Group's financial and operational performance within the approved risk appetite.

Pillar 3 Disclosures 2024

3.1.5 Accountability and Authority (continued)

Chief Risk Officer (CRO)

The CRO leads an independent RMD across the Group including its subsidiaries. The CRO is responsible for the execution of the Risk Management Framework and the development of risk management strategies. The CRO is expected to challenge business strategy and overall risk taking and risk governance within the Group and independently submit his findings, where necessary, to the RC. The CRO reports to the RC and for administrative purposes has a dotted line to the CEO.

3.1.6 Risk Identification

The risk identification process is comprised by two simultaneous but complementary approaches, namely, the top-down and the bottom-up approaches. The top-down process is led by Senior Management and focuses on identifying the Group's material risks whilst the bottom-up approach risks are identified and captured through several methods such as the RCSA process, incident capture, fraud events, regulatory audits, direct engagement with specialized units and other. The risks captured by these processes are compiled during the annual ICAAP process and its quarterly updates and form the Groups' material risks.

To ensure a complete and comprehensive identification of risks, the Group has integrated several key processes into its risk identification process, including the:

Group Financial Plan compilation process;
Internal Capital Adequacy Assessment Process ("ICAAP");
Internal Liquidity Adequacy Assessment Process ("ILAAP");
Stress testing;
Regulatory, internal and external reviews, and audits.

3.1.7 Three Lines of Defence

The Group complies with the regulatory guidelines for corporate governance and has established the "Three Lines of Defence" model as a framework for effective risk and compliance management and control. The three lines of defence framework defines the responsibilities in the risk management process ensuring adequate segregation in the oversight and assurance of risk.

3.1.7 Three Lines of Defence (continued)

First Line of Defence

The first line of defence includes functions that own and manage risks as part of their responsibility for achieving objectives and are responsible for implementing corrective actions to address, process and control deficiencies identified in their processes. It comprises of the management and staff of business lines and support functions who are directly responsible for the delivery of products and/or services. Support functions include but are not limited to the HR, the Legal Services, IT, Central Operations, etc. The first line of defence ensures that controls are designed into systems and processes under the guidance of the second line of defence.

Second Line of Defence

The second line of defence includes functions that oversee the compliance of the first line management and staff with the regulatory framework and risk management principles. It comprises of the RMD, Information Security and Compliance functions. The second line of defence sets the corporate governance framework of the Group and establishes policies and guidelines that the business lines and support functions, Group entities and staff should operate within. The second line of defence also provides support, as well as independent oversight of the risk profile and risk framework.

Third Line of Defence

The third line of defence is the Internal Audit Division (IA) which provides independent assurance to the Board and the EXCO on the design, adequacy and operating effectiveness of the Group's internal control framework, corporate governance and risk management processes, including the manner in which the first and second lines of defence achieve risk management and control objectives. Findings are communicated to the Board through the committees and senior management and other key stakeholders, with remediation plans monitored for progress against agreed completion dates.

3.1.7 Three Lines of Defence (continued)

Risk Management Division (RMD) relation with control functions

Control functions meet on a quarterly basis at Manager (Control Functions Forum) and Director (Control Functions Heads) level in order to assess and propose areas for further enhancement of cooperation and communication amongst them, as well as for taking advantage of synergies and avoiding duplication of work.

3.1.8 Risk Management Division (RMD)

The RMD is the business function set up to manage the risk management process of the Group on a day-today basis. The risk management process is integrated into the Bank's internal control system. Headed by the CRO, the Division is organized into several departments, each of which is specialized in one or several categories of risks. The organization of the Division reflects the types of risks inherent in the Group.

*The Data Quality and Governance Unit of the Data Office & Risk Analytics Department directly reports through its manager to the Data Quality & Governance committee chaired by the Executive Director People & Change.

The RMD organisational model is structured so as to:

Define risk appetite and report regularly on the status of the risk profile;
Ensure that all material and emerging risks have proper ownership, management, monitoring and clear reporting;
Promote proper empowerment in key risk areas that will assist in the creation of a robust risk culture;
Provide tools and methodologies for risk management to the business units;
Report losses from risks identified to the EXCO, the RC and the Board and, where necessary, to the Regulatory Authorities;
Collect and monitor Key Risk Indicators (KRIs).

The RMD is responsible for the risk management across the Group companies.

3.1.9 Risk Culture

A robust risk culture is a substantial determinant of whether the Group will be able to successfully execute its strategy within its defined risk appetite. The Division is committed to fostering a robust governance and risk culture that aligns with the Group's strategic objectives and risk appetite. This includes ensuring that risk management practices are integrated into all aspects of the business, promoting a culture of risk awareness, and maintaining effective communication and accountability across the Group.

An action plan towards the implementation of a firm-wide risk culture is in place across the Group involving various stakeholders including all the Control Functions, HR, Legal Services, Company's Secretary Office and other, and aims to address, among other, the recent 2024 SREP letter requirements on risk culture. The action plan is under the auspices of the CRO and the Executive Director People and Change and the Board retains close oversight through Mr Adrian John Lewis, Senior Independent Director.

The RMD has a leading role in the action plan which includes, among other actions, the measurement of risk culture, both at bank wide and divisional level, through a specific Risk Culture Dashboard, the communication of a series of topics aiming at re-enforcing risk culture and the provision of specific training for areas such as credit underwriting and other risk management related topics.

Other actions include the introduction and formalisation of the role of the "Business Risk and Control Officers", dedicated Control Functions liaisons for non-financial risks, within the Front-Lines of the Bank (Consumer, Corporate, IBUs and Affluent Banking).

3.1.10 Risk Appetite Framework (RAF)

The objective of the RAF is to set out the level of risk that the Group is willing to take in pursuit of its strategic objectives, outlying the key principles and rules that govern the risk appetite setting. It comprises the RAS, the associated policies and limits where appropriate, as well as the roles and responsibilities for the implementation and monitoring of the RAF.

The RAF has been developed in order to be used as a key management tool to better align business strategy (financial and non-financial targets) with risk management, and it should be perceived as the focal point for all relevant stakeholders within the Group, as well as the supervisory bodies, for the assessment of whether the undertaken business activities are consistent with the set risk appetite.

The RAF is one of the main elements of the Risk Management Framework which includes, among others, a number of frameworks, policies and circulars that address the principal risks of the Group.

Pillar 3 Disclosures 2024

3.1.10 Risk Appetite Framework (RAF) (continued)

Risk Appetite Statement (RAS)

The RAS is the articulation, in written form, of the aggregate level and types of risk that the Group is willing to accept in the course of executing its business objectives and strategy. It includes qualitative statements as well as quantitative measures expressed relative to Financial and Non-Financial risks. The RAS also includes indicators relative to insurance subsidiaries risk.

Financial Risks	Non-Financial Risks
Capital Risk	Operational Risk
Business Risk	Transaction Processing & Execution
Credit Risk	Reputational Risk
Market Risk	Legal Risk
Interest Rate Risk Information Security Risk
Concentration Risk	Project Risk
Funding & Liquidity Risk	Third Party Risk
Property Price Risk	External and Internal Fraud Risk
Climate & Environmental	Data Accuracy & Integrity Risk
Counterparty Risk	Model Risk
Credit Spread Risk	Technology Risk
	Regulatory Compliance / Conduct Risk
	Financial Crime Risk

Risk Appetite and Financial Plan Interaction

The RAS is subject to an annual review process close to the period which the Group's Financial Plan as well as the divisional strategic plans are being devised. The interplay between these processes provides for a cycle of feedback during which certain RAS indicators (such as ones related to minimum regulatory requirements) act as a backstop to the Financial Plan while for other indicators the Group's Strategy and Financial Plan provides input for risk tolerance setting. Furthermore, the Group Financial Plan and Reforecast exercises are tested to ensure they are within the Group's risk appetite.

3.1.11 Risk Taxonomy

In order to ensure that all risks the Group may face are identified and managed, a risk taxonomy is in place which is a key component of the ICAAP and the ILAAP. The taxonomy ensures that the coverage of risks is comprehensive and identifies potential linkages between risks.

3.1.12 Risk Management Policies

The entire Risk Management Policy universe enables a comprehensive and coherent framework for risk management linked to the Group's Risk Appetite. The policies, methodologies and procedures for the Risk Management Function are reviewed, updated and refined to better reflect market conditions and new regulatory requirements.

Each policy has a policy owner who is responsible to ensure its application across the Bank and the Group, provide advice to business units regarding its application, provide training on policy where required and undertake its annual review of the Policy.

The policies and / or any substantial changes to them are approved by the RC following recommendation by the ALCO or by the EXCO and are subject to annual review. Each subsidiary is expected to have in place its own risk policies which will be based on the principles of these Group Risk Policies. All staff of the Group should be aware of the Risk policies.

3.1.13 Risk Measurement and reporting

The RMD uses several systems and models to support key business processes and operations, including stress testing, credit approvals, fraud risk and financial reporting. The RMD has established a model governance and validation framework to help address risks arising from model use.

Additionally, the RMD:

Maintains a categorization and definitions of risks and terminologies which are used throughout the Group;
Collates reports of KRIs and other relevant risk information. When limit violations occur, escalation and reporting procedures are in place;
Checks that risk information provided by management is complete and accurate and management has made all reasonable endeavour to identify and assess all key risks;
Ensures that the risk information submitted to the RC and the Board by RMD and management is appropriate and enables monitoring and control of all the risks faced by the Group;
Discloses risk information externally and prepares reports on significant risks in line with internal and external regulatory requirements.

Pillar 3 Disclosures 2024

3.1.14 Recovery Plan

The Group Recovery Plan (RP) is drawn up and maintained by the Group and is required to be updated at least annually or after a material change to the legal or organisational structure, the Group's business, or financial situation (which could have a material effect on the RP) or when the competent authority requires more frequent update.

The Group's RP:

Distinguishes between critical and non-critical functions, as well as core and non-core business lines including major subsidiaries;
Provides for the governance mechanism, available during recovery emergency situations, which sets the escalation and decision-making process and ensures timely and appropriate action plan during crisis situations;
Defines the key recovery and early warning indicators to promptly identify stress situations;
Includes stress scenarios in order to identify the level of losses in a near default situation;
Determines specific recovery options that could be implemented to address liquidity and capital issues arising as a result of stress situations that leverage on the Group's own resources;
Includes a communication plan in the event of a crisis;
Describes the preparatory measures for the operationalisation of the RP in cases of stress.

The Group prepared and submitted to the ECB the updated RP in October 2024 in line with the ECB's guidance.

3.1.15 Stress Testing

Stress testing is a key risk management tool used by the Group to provide insights on behaviour of different elements of the Group in a crisis scenario and to assess the Group's resilience and capital and liquidity adequacy. To make this assessment, a range of scenarios is used, based on variations of market, economic and other operating environment conditions. Stress tests are performed for both internal and regulatory purposes and serve an important role in:

Understanding the risk profile of the Group;
Evaluating whether there is sufficient capital or liquidity adequacy under stressed conditions (ICAAP and ILAAP) and put in place the appropriate mitigants;
Evaluating of the Group's strategy;
Establishing or revising limits;
Assisting the Group to understand the events that might push the Group outside its risk appetite.

The Group carries out stress testing through a combination of bottom up and top-down approaches. Scenario and sensitivity analysis follow a bottom-up approach, whereas reverse stress testing follows a top-down approach.

If the stress testing scenarios reveal vulnerability to a given set of risks, management should make recommendations to the Board, through RC, for remedial measures or actions.

The Group's stress testing programme embraces a range of forward-looking stress tests and takes all the Group's material risks into account. These key internal exercises include:

ICAAP stress testing undertaken on an annual basis in support of the Internal Capital Adequacy Assessment Process. Quarterly ICAAP reviews are also undertaken;
Annual ILAAP stress testing applied to the funding and liquidity plan to formally assess the Group's liquidity risks. Quarterly ILAAP reviews are also undertaken;
Ad hoc stress testing as and if required including requests from the regulator.

Other business and specific risk type stress tests

• The Market & Liquidity Risk Department performs additional stress tests relating to Liquidity Risk, Interest Rate Risk, Marketable Securities, Derivatives, Equities and Foreign Exchange (FX).

3.1.15 Stress Testing (continued)

2025 EU-wide stress test ("EBA Stress Test")

The Group is participating in the 2025 EU-wide stress test exercise as one of the "other SSM Significant Institutions". The Stress Test exercise was launched in January 2025, and the results will be published in August 2025. The stress test results are used to update each bank's Pillar 2 Guidance in the context of the SREP. Qualitative findings on weaknesses in banks' stress testing practices could also affect their Pillar 2 Requirements and inform other supervisory activities.

The 2025 EU-wide stress test adopts a constrained bottom-up approach, incorporating some top-down elements. Balance sheets are assumed to remain constant, with the primary focus being the evaluation of the impact of adverse shocks on banks' solvency. Participating banks will be required to estimate the progression of common risk factors (credit, market, counterparty, and operational risks) under a baseline and an adverse scenario. Additionally, banks must project how these scenarios will affect key income streams. For net fee and commission income, securitisation risk weights, and the credit loss trajectory of sovereign exposures, banks will use pre-defined parameters. In addition, the projections of net interest income will be centralised.

3.1.16 ICAAP, Pillar II and SREP

3.1.16.1 ICAAP

The ICAAP is a process whose main objective is to assess the Group's capital adequacy in relation to the level of underlying material risks that may arise from pursuing the Group's strategy or from changes in its operating environment. More specifically, the ICAAP analyses, assesses and quantifies the Group's risks, establishes the current and future capital needs for the material risks identified and assesses the Group's absorption capacity under both the baseline scenario and stress testing conditions, aiming to demonstrate that the Group has sufficient capital, under both the base and stress case scenarios, to support its business and achieve its strategic objectives as per its Board approved Risk Appetite and Strategy.

The Group undertakes quarterly reviews of its ICAAP results, as well as on an ad-hoc basis if needed, which are submitted to the ALCO and the RC, considering the latest actual and forecasted information. During the quarterly review, the Group's risk profile is reviewed and any material changes/ developments since the annual ICAAP exercise are assessed in terms of capital adequacy.

The 2024 ICAAP submitted to the ECB in March 2025, indicates that the Group has sufficient capital and available mitigants to support its risk profile and its business and to enable it to meet its regulatory requirements, both under baseline and stressed conditions.

3.1.16.2 Pillar II and SREP

The ECB, as part of its supervisory role, has been conducting the SREP and onsite inspections on the Group. SREP is a holistic assessment, amongst other things, of the Group's business model, internal governance and institution-wide control arrangements, risks to capital and adequacy of capital to cover these risks and risks to liquidity and adequacy of liquidity resources to cover these risks. The objective of the SREP is for the ECB to form an up-to-date supervisory view of the Group's risks and viability and to form the basis for supervisory measures and dialogue with the Group. Additional capital and other requirements could be imposed on the Group as a result of these supervisory processes, including a revision of the level of Pillar II add-ons capital requirements as these are a point-in-time assessment and therefore subject to change over time.

The minimum Pillar I Total Capital (TC) requirement is 8.00% and may be met, in addition to the 4.50% CET1 requirement, with up to 1.50% by AT1 capital and with up to 2.00% by T2 capital. The Group is also subject to additional capital requirements for risks which are not covered by the Pillar I capital requirements (Pillar II add-ons).

Applicable Regulation allows a part of the said P2R to be met also with AT1 and T2 capital and does not require solely the use of CET1.

3.1.16.2 Pillar II and SREP (continued)

The Group's minimum phased in CET1 capital ratio requirement for 2024 was 11.34% (2023: 10.72%), comprising a 4.50% Pillar I requirement, a 1.55% P2R, the CCB of 2.50%, the O-SII Buffer of 1.875% and the CcyB of 0.92%.

The Group's minimum phased in TC ratio requirement for 2024 was 16.05% (2023: 15.56%), comprising an 8.00% Pillar I requirement (of which up to 1.50% could be in the form of AT1 capital and up to 2.00% in the form of T2 capital), a 2.75% P2R, the CCB of 2.50%, the O-SII buffer of 1.875% and the CcyB of c.0.92%.

On 1 January 2025 the Group's minimum phased in CET1 capital ratio requirement is set at approximately 11.40%, comprising a 4.50% Pillar I requirement, a 1.55% P2R, the CCB of 2.50%, the O-SII Buffer of 1.9375% and CcyB of approximately 0.92%.

On 1 January 2025, the Group's minimum phased in Total Capital ratio requirement is set at approximately 16.11%, comprising an 8.00% Pillar I requirement, of which up to 1.50% can be in the form of AT1 capital and up to 2.00% in the form of T2 capital, a 2.75% P2R, the CCB of 2.50%, the O-SII Buffer of 1.9375% and the CcyB of approximately 0.92%.

The non-public guidance P2G has also remained unchanged compared to 2024.

Following the 2024 final SREP decision, the requirement for prior regulatory approval for the declaration of dividends is lifted, effective from 1 January 2025.

3.2 Risk Management Objectives and Policies

3.2.1 Credit Risk Management

Credit Risk Definition

Credit risk is defined as the current or prospective risk to earnings and capital arising from an obligor's failure to meet the terms of any contract (actual, contingent or potential claims both on and off-balance sheet) with the Group or failure to perform as agreed. Within the general definition of credit risk, the Bank identifies and manages the following types of risk:

Counterparty credit risk (CCR): the Group's credit exposure with other counterparties;
Settlement risk: the risk that a counterparty fails to deliver the terms of a contract with the Group;
Issuer risk: the risk to earnings arising from a credit deterioration of an issuer of instruments in which the Group has invested;
Concentration risk: the risk that arises from the uneven distribution of exposures to individual borrowers or by industry, collateral, product, currency, economic sector or geographical regions;
Country risk: the Group's credit exposure arising from lending and/or investment or the presence of the Group to a specific country;
Environmental, Social, Governance Risk (ESG): these risks are managed through dedicated guidelines/ questionnaires and assessment, including an environmental and social due diligence process, which have been incorporated in the loan origination process.

3.2.1 Credit Risk Management (continued)

The Group takes a comprehensive approach to risk management with a defined Risk Management Framework and a specific RAS which is approved annually by the RC and the Board as indicated in Sections 3.1.2 – 3.1.13.

The Credit Risk Management Department (CRMD) covers a wide range of activities, which commences at the stage of the assessment of credit risk, continues at the stage of credit risk identification and measurement through reporting and provisions respectively, and ending up at the workout and collection stage.

There are various tools involved in the management of credit risk, including systems used to measure and assess customer risk, credit approval limits and structure, lending criteria, monitoring of customer advances and methods of mitigating risk. In addition, Credit Risk Management is involved in the review of new products offered by the Bank, the strategies put forward by the various Divisions as well as being involved in key Group projects such as the automation of the credit submission and approval process.

The functional activities of Credit Risk Management are organised through the following sub-departments, each of which has distinct responsibilities and covers specific risk areas.

Credit Risk Policy (CRP)

The CRP department develops policies, guidelines and approval limits necessary to address the credit risk in the Group. These documents are reviewed and updated at least annually or earlier if deemed necessary to reflect any changes in the Group's risk appetite and strategy and the work environment/economy.

The Group has implemented prudent policies and a proactive approach for the monitoring of credit risk.

Corporate & SME Credit Risk (CSCR)

CSCR has the primary role of independently reviewing from a credit risk perspective, all the credit applications that fall under the approval authority of Credit Committee 3, and additionally specific applications falling under the approving authorities of Credit Sanctioning Department, in order to support the role of observer with a veto power, ensuring compliance to the Bank's Policies and guidelines.

Data Analysis and Provisions department (DA&P)

The DA&P is responsible for monitoring the Group's credit portfolio, implementing the credit provisioning policy and reports on the relevant credit risk metrics.

3.2.1.1 Credit Limits and Process

Regarding credit risk, the Bank sets and monitors Risk Appetite limits. Furthermore, in relation to the credit granting process, a limit framework is in place where both its structure and its general rules are documented in the Bank's Lending Policy.

Credit Risk Management has the responsibility to review the structure and level of approval limits on an annual basis or earlier if deemed necessary and to communicate the limits to the relevant Bank's departments.

The structure of the limits takes into account:

The type / size of each credit facility;
The type / quality / value of the collateral;
The security gap;
The group funded and non-funded exposure;
The GRG/ Application Scoring for natural persons per risk grade for legal entities as calculated by CreditLens;

Pillar 3 Disclosures 2024

3.2.1.1 Credit Limits and Process (continued)

Any adverse data regarding the client (e.g. arrears/excesses, bankrupt, caution listed, judgement guarantors, watch listed);
Any deviations to policy.

Relevant circulars and guidelines are in place that provide limits and guidelines for the approval of credit applications. The Bank currently has approving authorities which have limits and are authorized to approve granting, review and restructuring of credit facilities (e.g. Credit Sanctioning Department, Credit Committee 3, Restructuring & Recoveries Committee etc).

3.2.1.2 Risk Identification, Measurement, Control and Reporting

The Group has adopted methodologies and techniques for risk identification, measurement and reporting of credit risk. These methodologies are revised and modified whenever deemed necessary to reflect changes in the financial environment and adjusted to be in line with the Group's overall strategy and its short-term and long-term objectives.

Management, monitoring and control of customer advances

Monitoring of credit quality

The Group dedicates considerable resources to assess credit risk and to correctly reflect the value of the assets on its balance sheet in accordance with regulatory and accounting guidelines. This process can be summarised in the following stages:

Analysing performance and asset quality;
Measuring exposures and concentrations;
Raising allowances for impairment.

Post-approval monitoring is in place to ensure adherence to both, terms and conditions set in the approval process and Credit Risk policies and procedures. Such monitoring includes:

Quality assurance and sample testing to analyse and report adherence to the main pillars of various Credit Risk policies, relating, among others, to assessment of the repayment ability and sensitivity analysis on borrowers' repayment ability, data quality checks and whether deviations/exceptions from policies are properly justified and approved.
Quantitative analysis of existing bank's portfolio relating to:
- Performing exposures & early warning indicators: arrears, excesses, limit utilization, undisbursed loan balance, loan repayments and cash collections, customers marked as high risk;
- Non-performing & forborne exposures: Daily and monthly exit and entry, problematic restructurings, performance post restructurings and expected NP and forbearance exit dates;
- New lending analysis;
- Portfolio analysis by sector/industry/other characteristics.

A key aspect of credit risk is credit risk concentration which is defined as the risk that arises from the uneven distribution of exposures to individual borrowers, specific industry or economic sectors, geographical regions, product type or currencies. The monitoring and control of concentration risk is achieved by limit setting (e.g. sector and name limits) and reporting them to senior management.

It is noted that within Risk Management a separate department is in place, the Credit Risk Control & Monitoring Department, that independently reports to the CRO and is tasked with carrying both a control and a monitoring function in relation to credit risk.

Pillar 3 Disclosures 2024

3.2.1.2 Risk Identification, Measurement, Control and Reporting (continued)

Collateral revaluations

Credit Risk Control & Monitoring produces a comprehensive report, on a monthly basis, of all mortgaged properties that require revaluation, broken down per unit and per banker. The report is communicated to the responsible business line directors in order to take necessary actions to minimise the number of mortgaged property revaluations that are overdue. In addition, mortgaged collateral is monitored through the relevant CBC property indices (Central Bank Commercial and Residential Property indices).

Indexed values of mortgaged properties have been incorporated in the customer's collateral report, so that credit officers can take the appropriate action when submitting an application for credit/restructuring.

Borrowers' audited financial statements

Risk Solutions & Model Risk Management monitors the submission of borrowers' audited financial statements as well as management accounts on a quarterly basis by preparing an analysis of all pending financial statements. The report is communicated to the line directors so that the appropriate corrective measures are taken.

Internal Audit

The Internal Audit department conducts, on a periodic basis, compliance audits in order to determine that credit activities and in particular approval authorities are in compliance with the Bank's credit policies and procedures and to ensure that approved credits are authorised within the established guidelines and limits.

Concentration

The Data Analysis & Provisions Unit actively monitors on a monthly basis the concentration limits set and reports these to the senior management through the monthly Risk Report.

New products/services

The Group's products and services have an inherent credit risk, therefore Credit Risk Management is in close cooperation with other departments (e.g. Retail) and examines all new, expanded or modified products and services from a credit risk perspective; that is, whether the new product satisfies the Group's RAS, its characteristics are according to the credit policy and the financial analysis includes all related risks.

Portfolio Quality Indicators/KPIs

Monitoring closely the quality/performance of the Group's client portfolio is of great importance. Sound credit monitoring practices can help the Group detect early signs of credit deterioration and thus take promptly remedial action to minimise losses. Monitoring is done both on a single loan/customer level/customer group (where applicable) and on an overall portfolio level.

Customer Reviews

Frequent reviews of customer facilities depending on the risk level and customer exposure in adherence with the relevant CBC Directive on Credit Granting and Review Processes. In general, legal entities are reviewed on an annual basis while physical entities every three years (except for exposures over €300 thousand which are reviewed every two years). A more frequent review is deemed necessary for customers with specific characteristics e.g. forborne. The Bank has also introduced an automated process for the review of both physical and legal entities, based on specific criteria and thresholds set by Credit Risk Management.

Pillar 3 Disclosures 2024

3.2.1.3 Credit Risk with Correspondent Banks and Countries

The Market & Liquidity Risk Department (MLR) is responsible for the credit risk, with correspondent banks and countries. CCR is discussed in Section 7 and Country risk is analysed below.

Country Risk

Country Risk refers to the possibility that sovereign or other borrowers of a particular country may be unable or unwilling to fulfil their foreign obligations for reasons beyond the usual risks which arise in relation to all lenders.

Country risk affects the Group via its operation in other countries and also via investments in other countries (Money Market (MM) placements, bonds, shares, derivatives, etc.) and through lending to non-residents. In addition, the Group is indirectly affected by credit facilities provided to customers for their international operations or due to collateral in other countries.

In this respect, country risk is considered in the risk assessment of all exposures, both on-balance sheet and off-balance sheet.

Risk Reporting and measurement system for Country Risk

ALCO reviews the Country Risk exposures (for Treasury and Non-Treasury activities) as compared to limits on a quarterly basis and the Board, through its Risk Committee, reviews the Exposures and the Country limits at least annually. Country risk is monitored at the level of the below transactions and on an aggregate basis.

Treasury transactions: relate to investments in bonds, MM placements, nostros, pledged amounts, FX, derivative, Repos, Reverse Repos and commercial transactions with banks;
Lending: relates to loans given by the bank or through funding the operations of a branch/subsidiary. For loans where the borrower and guarantor reside in different countries, exposure counts against both countries;
Commercial transactions with non-banks: relate to letters of credit, letters of guarantee or other similar products;
Committed lines of credit;
Properties owned by the Bank;
Investments in branches/subsidiaries abroad: relate to the amounts invested, excluding goodwill, since this is deducted from the capital base.

The country limits are allocated based on the CET1 capital of the Group, the country's credit rating and internal scoring.

The internal scoring is based on the assessment of economic and political parameters specific to each country.

In addition to the above, other factors are also taken into account before setting any limits, such as the:

Strategy of the Group in respect of its international activities;
Group's Risk Appetite Statement;
Perceived business opportunities in a country;
Risk/reward ratio of an investment;
The Group's capital base;
The needs of the different units of the bank (e.g. Treasury, Business lines).

All limits are reviewed and approved at least annually. All policy documents relating to country and counterparty risk are approved by the BOD at least annually.

MLR monitors the Treasury country limits on a daily basis. Any breaches are reported following the escalation process depending on the limit breach as per the approved Framework.

Pillar 3 Disclosures 2024

3.2.1.4 Policies for Credit Risk Mitigation (CRM)

Credit Risk Mitigation is implemented through a number of policies and circulars /procedures such as:

Lending Policy

Lending policy sets the standards and effective guidelines to be used during the credit granting process and is aligned with the Bank's risk tolerance and approved limits. It includes customer, credit facility and collateral types, submission of financial and other customer information, assessment of financial and other information/repayment ability (e.g. purpose of credit facility/facility types, credit facility amount and duration, loan to value ratio, loan to cost ratio, housing loan ratio, repayment schedule, collaterals), review of existing facilities, restructured/forborne and non-performing exposures, leveraged transactions etc.

Asset acquisition and disposal policy for Debt Settlement

This Policy sets out the guidelines and limits, for the acquisition of assets for debt settlement and for the disposal of assets that were acquired by the Bank for debt settlement.

Write-off policy

This policy sets out the guidelines, authorities, limits and governance for write-off process i.e., write-offs (contractual) and accounting write-offs (set-offs / non-contractual). Additionally, it ensures write-offs and accounting write-offs (set-offs) are performed in accordance with the regulatory framework.

Concentration Risk Policy

This Policy defines the limits and the methodology for limit setting for exposures in specific Bank assets, liabilities and off-balance sheet items to ensure that concentration risk is within the Bank's Risk Appetite. It covers industry sector, name, country risk, collateral, product, shadow banking entity (SBE), leveraged transactions, capital repayment at maturity (CRAM) Loans, counterparty, funding sources, derivatives Concentration and brokers limits concentration.

Valuation policy

This policy sets the guidelines on how collaterals obtained as security by the Bank are valued at origination and how such value is monitored and reviewed at regular intervals, to ensure:

That they provide adequate coverage for the credit facilities granted by the Bank and provide an accurate picture of the value of collateral in case of enforceability, provisioning or capital calculations.
Valuation risk is prevented and deterred and, where it does occur, it is addressed in a timely and expeditious manner.

Environmental and Social Policy

The Bank is committed to applying certain environmental and social policies and procedures to its lending activities based on specific criteria. This policy covers the Bank's responsibilities under this commitment.

Green Lending Policy

The purpose of the Bank's Green Lending Policy, which is based on the Green Loan Principles ("GLP"s), is to provide the framework for the procedures and the requirements the Bank will implement for the creation of "green" loan products and ultimately the development of a green loan portfolio.

Early Warning Policy

The Early Warning Policy sets the standards and effective guidelines on how the Bank should identify and manage early signs of distress, i.e., credit risk, and ensures relevant actions are performed in accordance with the regulatory and legal framework.

Credit Risk Monitoring policy

The Credit Risk Monitoring policy addresses the Bank's commitment to monitor the implementation of Credit Risk policies and procedures in collaboration with quality and efficiency. Various actions are performed by RMD to ensure the implementation of the policy and reports are produced presenting results of compliance. Monitoring actions and procedures and the resulting reports produced are described in the Credit Risk Monitoring policy.

Pillar 3 Disclosures 2024

3.2.1.5 Measurement and Assessment - Systems

The effective management of the Group's credit risk is achieved through a combination of training and specialisation as well as appropriate credit risk assessment systems. The Group aims to continuously upgrade its systems and models used in assessing the creditworthiness of Group customers.

Credit Scoring Systems

Retail (In-house Python solution)

The Bank maintains in-house credit scoring systems for new customers through Application Scorecards providing real time score. For existing customers, the Bank uses, amongst others, behavioural scoring which takes into account factors such as the conduct of existing accounts and whether the customer has been in arrears, has consumed their overdraft limits, etc.

Small Medium Enterprises (SMEs) and Corporates (Credit Rating Models – Moody's Credit Lens Risk Analyst) Moody's Credit Lens Risk Analyst is a system used to set the basis for consistent and accurate credit risk analysis on commercial borrowers by collecting, analysing and storing financial statement and qualitative/judgmental data.

This credit scoring system calculates the following customer ratings/scores:

The financial index (based on Moody's Credit Lens Risk Analyst): The assessment of the financial position of the customers is performed based on recent audited financial statements as well as management accounts, assessing performance with respect to operational efficiency, liquidity, debt service and capital structure. This index is used for assessing financial position/credit worthiness of business/corporate customers.
The borrower rating: The assessment of the customers' credit worthiness is performed taking into account the financial index, the customer behaviour with the Bank, the management of the enterprise and sectorial risks, as well as the liquidity and capital structure of the business.

Shipping exposures - scorecards

The Bank has developed a customised scorecard for rating shipping exposures. The score that is produced is based on assessment of both the customer and the underlying object (vessel). Some of the drivers of the assessment are current fleet gearing, projected interest coverage, management experience, diversification outside of shipping for the customer and current brake even coverage, projected brake even coverage, geographic diversification, quality of security vessel for the project, etc.

Special Purpose Vehicle exposures

The Bank has developed a scorecard for rating special purpose vehicles. The scorecard is based on an expert judgement approach with the main drivers being financial ratios that indicate borrower's ability to repay, asset/transaction characteristics, strength of sponsor and security package such as the nature of lien etc.

Project Finance exposures

The Bank also developed a project finance scorecard, also based on an expert judgment approach. The main drivers of the scorecard are the financial ratios that indicate borrower's ability to repay, asset/transaction characteristics and security package such as assignment of contracts and accounts, lender's control over cash flow etc.

Pillar 3 Disclosures 2024

3.2.2 Market Risk Management

Market Risk is defined as the current or prospective risk to earnings and capital arising from adverse movements in the prices of interest rate instruments, foreign exchange and from any other changes in market prices. The main types of market risk to which the Bank is exposed to, are listed below:

Interest Rate Risk (IRR);
FX risk;
Securities price risk (bonds, equities);
Properties Price risk.

Each of the risks is defined and further analysed in the subsections below.

3.2.2.1 Interest Rate Risk in the Banking Book & Credit Spread Risk in the Banking Book

Definition

Interest rate risk in the banking book ("IRRBB") refers to the current or prospective risk to both the earnings and capital of the Group which arise from adverse movements in interest rates. The four components of Interest rate risk are: repricing risk, yield curve risk, basis risk and option risk.

Repricing risk arises from the timing mismatch in the repricing of assets, liabilities and off-balance sheet items.
Yield curve risk arises from changes in the slope and the shape of the yield curve.
Basis risk arises from the imperfect correlation between the different variable reference rates.
Option risk arises from option positions, e.g. floor or cap on loan rates, or from embedded options, e.g. consumers redeeming fixed rate products when market rates change.

The Group does not operate any trading book and thus all interest rate exposure arises from the banking book.

Credit Spread Risk in the Banking Book (CSRBB) is driven by changes in the market price of credit risk, liquidity and potentially other characteristics of credit-risky instruments, not captured by any other risk such as IRRBB or expected credit default risk.

Limits

Limits are set as a percentage of Tier 1 capital and as a percentage of the Group net interest income (when positive) and relate to the change in Net Interest Income (NII) and Economic Value of Equity (EVE) based on internal and regulatory scenarios.

It is noted that all efforts take place to avoid limit breaches. Any breaches are reported following the escalation process depending on the limit breach.

Breaches, upon identification, are immediately reported to the relevant authority. Mitigating actions are taken unless ALCO recommends to the Risk Committee that it is not beneficial to proceed with hedging alternatives.

Management

Treasury is responsible for managing the Interest Rate/Credit Spread exposure. Corrective actions and hedging strategies are taken by Treasury with a view of minimizing the risk exposure following relevant approvals.

Corrective actions relating to IRRBB include:

on balance sheet solutions e.g. purchase of fixed rate assets, introduction of new customer accounts or loans with the desired characteristics, and
the use of derivatives, e.g. interest rate swaps or interest rate options.

3.2.2.1 Interest Rate Risk in the Banking Book & Credit Spread Risk in the Banking Book (continued)

Monitoring

For internal management purposes and compliance with limits, the Group calculates on a monthly basis, the impact on NII and Economic Value (EV) for EUR and USD and combined impact under the various internally developed interest rate shock scenarios. It also calculates on a quarterly basis, the impact on NII and EV from changes in credit spreads based on internal scenarios. The results are reported to the ALCO for information purposes. RC is also informed on the Bank's IRRBB/CSRBB mainly through the monitoring of the IRRBB/CSRBB RAS indicators.

The change in the economic value and NII resulting from the standard regulatory shocks of sudden +/-200 basis point shift of the yield curve is also calculated on a monthly basis. Any resulting decline in economic value or NII is compared to the internal and regulatory thresholds.

The Group also calculates on a quarterly basis, the impact on NII and EV for EUR and USD and jointly under the standardised interest rate shock scenarios as specified in Basel Committee on Banking Supervision. ΔNII and ΔEVE results are compared to internal and regulatory limits.

The impact on NII and EV under stress scenarios which are aligned to the ICAAP scenarios used for the calculation of the economic capital requirement is also calculated on a quarterly basis. Results are not compared to any limits but are used to quantify Interest Rate Risk for ICAAP purposes.

3.2.2.2 Currency Risk

Definition

Currency/FX risk is the risk that the fair value of future cash flows of a financial instrument will fluctuate because of changes in foreign exchange rates.

Limits

In order to limit the risk of loss from adverse fluctuations in exchange rates, overall Intraday and Overnight open currency position limits have been set. These limits are small compared to the maximum permissible by the CBC. Internal limits serve as a trigger to the management for avoiding regulatory limit breaches.

Due to the fact that there is no FX Trading Book, Value at Risk (VaR) is calculated on a quarterly basis on the position reported to CBC.

The table below shows the current approved FX limits:

	Intraday	Overnight
2024	€ million	€ million
Cyprus	20	20 (10 per currency)
Total	20	20 (10 per currency)
2023
Cyprus	20	20 (10 per currency)
Total	20	20 (10 per currency)

Management

The Treasury is responsible for managing the FX Open position of BOC PCL emanating from its balance sheet. The FX position emanating from customer transactions is managed by the Global Markets & Treasury Sales Department. Treasury also performs the hedging for the FX open positions of the foreign non-Banking units of the Group.

3.2.2.2 Currency Risk (continued)

	Change in	Impact on profit/loss	Impact on equity
2024	foreign exchange rate	after tax
	%	€ 000	€ 000
US Dollar	+5	14	-
Russian Rouble	+60	1,237	393
Romanian Lei	+5	1	(4)
Swiss Franc	+5	(1)	-
British Pound	+5	7	-
Japanese Yen	+5	-	-
Other currencies	+5	6	-
		-	-
US Dollar	- 5	(13)	-
Russian Rouble	-30	(190)	(60)
Romanian Lei	- 5	(1)	3
Swiss Franc	- 5	1	-
British Pound	- 5	(6)	-
Japanese Yen	- 5	-	-
Other currencies	- 5	(6)	-

	Change in	Impact on profit/loss	Impact
2023	foreign exchange rate	after tax	on equity
	%	€ 000	€ 000
US Dollar	+5	48	-
Russian Rouble	+60	963	452
Romanian Lei	+5	-	-
Swiss Franc	+5	(1)	-
British Pound	+5	(6)	-
Japanese Yen	+5	-	-
Other currencies	+5	5	-
US Dollar	- 5	(44)	-
Russian Rouble	-30	(148)	(70)
Romanian Lei	- 5	-	-
Swiss Franc	- 5	1	-
British Pound	- 5	6	-
Japanese Yen	- 5	-	-
Other currencies	- 5	(4)	-

3.2.2.3 Equity Risk

Definition

The risk of loss from changes in the price of equity securities arises when there is an unfavourable change in the prices of equity securities held by the Group as investments.

Management and Monitoring

Investments in equities are outside the Group's risk appetite but may be acquired in the context of delinquent loan workouts. The Group monitors the current portfolio mostly acquired by the Group as part of the acquisition of certain operations of Laiki Bank, or through delinquent loan workouts, with the objective to gradually liquidate all positions for which there is a market. Equity securities are disposed of by the Group as soon as practicable.

Analysis of equity and fund holdings are reported to ALCO on a quarterly basis.

The table below shows the impact on the profit/loss before tax and on equity of the Group from a change in the price of the equity securities held, as a result of reasonably possible changes in the relevant stock exchange indices.

3.2.2.3 Equity Risk (continued)

	Change in index	Impact on profit/ loss before tax	Impact on equity

2024	%	€ 000	€ 000
Cyprus Stock Exchange	+40	-	575
Athens Exchange	+50	419	-
O ther stock exchanges and unlisted	+40	-	1.343
Non-listed (Real Estate)	+10	-	693

Cyprus Stock Exchange	-40	-	(575)
Athens Exchange	-50	(419)	-
O ther stock exchanges and unlisted	-40	-	(1.343)
Non-listed (Real Estate)	-10	-	(693)

	Change in index	Impact on profit/ loss before tax	Impact on equity
2023	%	€ 000	€ 000

Cyprus Stock Exchange	+40	1	900
Athens Exchange	+50	419	-
O ther stock exchanges and unlisted	+40	26	1.270
Non-listed (Real Estate)	+25	-	1.732

Cyprus Stock Exchange	-40	(1)	(900)
Athens Exchange	-50	(419)	-
O ther stock exchanges and unlisted	-40	(26)	(1.270)
Non-listed (Real Estate)	-10	-	(693)

3.2.2.4 Debt Securities Price Risk

Definition

Debt securities price risk is the risk of loss as a result of adverse changes in the prices of debt securities held by the Group. Debt security prices change mainly as the credit risk of the issuers change and/or as the interest rate changes for fixed rate securities.

The Group invests a significant part of its liquid assets in highly rated securities. Changes in the prices of debt securities classified as investments at Fair value through Profit or Loss (FVPL), affect the profit or loss of the Group, whereas changes in the value of debt securities classified as Fair value through other comprehensive income (FVOCI) affect directly the equity of the Group. Changes in prices of securities held at amortised cost have no impact on P&L or equity.

Limits

Debt security investment limits are in place covering for all securities irrespective of their accounting book. These limits include RAS limits on counterparty concentrations and acceptable potential market losses, Credit Limits, Investment Concentration Limits and Bond guidelines. Market and Liquidity Risk unit is responsible for setting and calibrating bond related limits.

Management

The debt security portfolio is managed by Treasury and governed by the Bond Investment Policy. Treasury continuously monitors markets and the bond positions and takes any necessary actions. The annual bond investment strategy is proposed by Treasury and approved by ALCO. Treasury proceeds with bond investment amounts in accordance with the approved strategy ensuring that the portfolio remains within the bond investment policy, limits and parameters set in the various policies and frameworks.

Pillar 3 Disclosures 2024

3.2.2.4 Debt Securities Price Risk (continued)

Monitoring

Market and Liquidity Risk unit is primarily responsible for debt securities limit monitoring. Limit monitoring is performed on a daily basis. Any breaches are reported following the escalation process depending on the limit breach.

The table below indicates how the profit/loss before tax and equity of the Group will be affected from reasonably possible changes in the price of the debt securities held, based on Value at Risk.

2024	Impact on profit/ loss before tax	Impact on equity
	€ 000	€ 000
Up Scenario
Aa3 and above rated bonds	1,250	2,168
A3 and above rated bonds	281	655
Baa1 and below rated bonds	6	437
Cyprus Governm ent bonds	-	12,273
Down Scenario
Aa3 and above rated bonds	(1,250)	(2,168)
A3 and above rated bonds	(281)	(655)
Baa1 and below rated bonds	(6)	(437)
Cyprus Governm ent bonds	-	(12,273)

2023	Impact on profit/ loss before tax	Impact on equity
	€ 000	€ 000
Up Scenario
Aa3 and above rated bonds	2,614	4,068
A3 and above rated bonds	151	1,938
Baa3 and below rated bonds	53	430
Cyprus Governm ent bonds	-	27,618
Down Scenario
Aa3 and above rated bonds	(2,614)	(4,068)
A3 and above rated bonds	(151)	(1,938)
Baa3 and below rated bonds	(53)	(430)
Cyprus Governm ent bonds	-	(27,618)

Other non-equity instruments price risk

The table below shows the impact on the profit/loss before tax and on equity of the Group from a change in the price of other non-equity investments held, as a result of reasonably possible changes in the price index of the relevant instrument.

	Impact on profit/ Change in index loss before tax		Impact on equity
2024	%	€ 000	€ 000
Other (non-equity instruments)	+40	4,281	-
Other (non-equity instruments)	-10	(1,070)	-
2023
Other (non-equity instruments)	+45	1,625	-
Other (non-equity instruments)	-10	(361)	-

3.2.2.5 Property Risk

Definition

Property price risk is the risk that the value of property will decrease, either as a result of:

Changes in the demand for, and prices of, Cypriot real estate; or
Regulatory requests which may increase the capital requirement of stocks of properties

The Group is exposed to the risk on changes in the fair value of property, which is held either for own use or, as stock of property or as investment property. Stock of property is predominately acquired in exchange of debt and is intended to be disposed in line with the Group's strategy.

Management and Monitoring

The Group has in place a number of actions to manage and monitor the exposure to property risk as indicated below:

It has set up and operates since 2016 a specialized division, REMU, that manages the repossessed portfolio, including other non-core assets, through appropriate real estate disposal strategies that are adjusted and updated based on market evidence, the remaining stock composition and historical trades and investor interest;
It has placed great emphasis in the efficient and quick disposal of on-boarded properties and in the close monitoring and reporting. RAS indicators and other KPIs are in place monitoring REMU properties in terms of aging, value and sales levels;
It assesses and quantifies property risk as one of the material risks ICAAP purposes under both the normative and economic perspective;
It monitors the changes in the market value of the collateral and, where necessary, requests the pledging of additional collateral in accordance with the relevant agreement;
As part of the Group's provisioning process, assumptions are made about the future changes in property values, as well as the timing for the realisation of collateral, taxes and expenses on the repossession and subsequent sale of the collateral as well as any other applicable haircuts;
For the valuation of properties owned by the Group judgement is exercised which takes into account all available reference points, such as comparable market data, expert valuation reports, current market conditions and application of appropriate illiquidity haircuts where relevant.

Market and Liquidity Risk unit is primarily responsible for REMU property Group RAS limit monitoring. Limit monitoring is performed on a monthly basis. Any breaches are reported following the approved escalation process.

3.2.3 Liquidity Risk and Funding

Definition

Liquidity risk is the risk that the Group is unable to fully or promptly meet current and future payment obligations as and when they fall due. This risk includes the possibility that the Group may have to raise funding at high cost or sell assets at a discount to fully and promptly satisfy its obligations.

Funding risk is the risk that the Group does not have sufficiently stable sources of funding or access to sources of funding may not always be available at a reasonable cost and thus the Group may fail to meet its obligations, including regulatory obligations (e.g. MREL).

Governance and Oversight

Every year, with the completion and approval of ILAAP package, the Board signs the Liquidity Adequacy Statement (LAS) which is sent to the ECB as part of the annual ILAAP package. Last year's LAS states among others that 'The Bank has a sound Liquidity Risk Management Framework with a balanced Risk Appetite and Liquidity Risk Policy. Processes, methods, systems including Governance with lines of defence separation and controls are in place which enable the Bank to identify measure, manage and monitor liquidity risk. This ensures that the Bank maintains liquidity resources which are adequate to ensure its ability to meet obligations as they fall due under ordinary and stressed conditions'.

3.2.3 Liquidity Risk and Funding (continued)

The Board ensures that senior management takes the steps necessary to monitor and control liquidity and funding risk and provides adequate reporting regarding liquidity and funding.

The Board of Directors, through its Risk Committee, approves the Liquidity Risk Policy, at least annually. Every month, the Market & Liquidity Risk submits the liquidity updates to the RC. While the Board has the ultimate responsibility for liquidity management, ALCO is appointed to ensure the timely and effective implementation of the liquidity policy.

The ALCO is responsible for setting the policies for the effective management and monitoring of liquidity across the Group.

The Treasury Division is responsible for liquidity management, to ensure compliance with internal policies and regulatory liquidity requirements and to provide direction as to the actions to be taken regarding liquidity needs.

Liquidity is also monitored by the Market & Liquidity Risk department, which is an independent department responsible to monitor compliance, with both internal policies and limits as well as requirements set by the regulatory authorities. The Market & Liquidity Risk department reports to ALCO and Board RC the liquidity position, at least monthly. It also provides the results of various stress tests to ALCO and the Board RC on a quarterly basis as part of the quarterly ILAAP review.

The Market & Liquidity Risk department runs liquidity stress test scenarios on a regular basis for bank specific, market wide and combined scenarios. The combined stress scenario is the longest and most severe liquidity scenario performed by the Bank. The requirement is to have sufficient liquidity buffer to survive a twelvemonth stress period, including capacity to raise funding under all scenarios.

The designing of the stress tests follows best practices. The stress test assumptions are reviewed and approved by the Board at least annually.

As part of the Group's procedures for monitoring and managing liquidity risk, there is an approved Liquidity Contingency Plan (LCP) for handling liquidity difficulties. The LCP details the steps to be taken in the event that liquidity problems arise, which escalate to a special meeting of the Crisis Management committee for LCP (CMC-LCP). The LCP sets out the members of this committee and a series of possible actions that can be taken.

Limit breaches follow relevant defined escalation process.

Following the deleveraging of the Bank and the disposal of all its foreign units, the Group's main operations comprise the BOC banking unit. The rest of the other local units (the insurance companies, JCC and CISCO) are immaterial in size and they manage their liquidity independently.

Risk Reporting and measurement system

The Bank has an automated daily/monthly/quarterly reporting process for liquidity and funding in place. The system utilised covers for (a) internal reporting and stress testing and (b) regulatory reporting. The system is constantly enhanced to cover the increasingly demanding needs stemming from both internal and external requirements. This tool enables the Bank to increase efficiency and effectiveness of liquidity monitoring.

Pillar 3 Disclosures 2024

3.2.4 Operational Risk Management (ORM)

3.2.4.1 Definition and Structure

Operational risk is defined as the risk of direct or indirect impact/loss resulting from inadequate or failed internal processes, people, and systems or from external events. This definition includes compliance and legal risk.

The Group uses a broader scope when defining operational risk (to include other important risks such as reputational risks), for the purposes of its ORM Framework. As such, operational risk encompasses the following risks (which are reflected by the Level 1 categories of the Bank's Risk Taxonomy):

• Regulatory Compliance/Conduct Risk
• Financial Crime Risk
• Internal Fraud Risk
• External Fraud Risk
• People Risk
• Business Continuity Risk
• Information Security Risk (including Cyber Risk)
• Technology Risk
• Data Accuracy and Integrity Risk
• Statutory Reporting and Tax Risk
• Transaction Processing and Execution
• Project Risk
• Physical Security and Safety Risk
• Model Risk
• Legal Risk
• Third-Party Risk
• Reputational Risk

Operational regulatory risk policies and procedures contribute to the management of these risks, some of which are also directly managed by specialised departments, i.e. Information Security Department and Group Compliance. The ORM Department is responsible for embedding explicit and robust ORM practices into all areas of the business process from the initial design of the Bank's business strategy to the sale of services and products to its customers.

Pillar 3 Disclosures 2024

3.2.4.1 Definition and Structure (continued)

This is achieved by implementing a sound, coherent and comprehensive framework for the identification, assessment, monitoring and control of operational risk within the Bank (Section 3.2.4.2) that improves the service provided to customers, the Bank's productivity and cost effectiveness and which ultimately protects shareholder value. ORM also ensures that the level of operational risk faced by the Bank is consistent with the Board's overall risk appetite and corporate objectives.

ORM Structure

Operational Risk Management Unit

The Operational Risk Management unit is responsible -inter alia - for:

Providing direction to the first line of defence through policy, education, tools and training;
- Developing and maintaining a framework and supporting policies for the management of operational risks, to ensure timely and effective identification, assessment, monitoring, control and mitigation of operational risks, as well as alignment with regulatory requirements;
- Exercising oversight and challenge to the process of identification and assessment of operational risk and the necessary follow-up for remedial actions, including the operational risk for new products, services, or implementation of new systems, or processes, and all Tier 1 / Tier 2 Projects.

Business Continuity Risk Management Unit

The Business Continuity Risk Management unit is responsible to maintain a comprehensive Business Continuity Management Policy and establish an automated System which follows best practice and the relevant ISO standard requirements ("ISO 22301 – Business Continuity Management"), and the Directive on Internal Governance of Credit Institutions of 2021.
Business continuity risks are managed to ensure that the Group has business resiliency and Business Continuity Plans (BCPs) in place for all Business Units and is able to operate on an on-going basis and limit losses in the event of severe business disruption. In addition to the BCPs, the Business Continuity Management Framework includes an IT Disaster Recovery (DR) plan, an Incident Response & Escalation Process, a Crisis Management Plan and Specialized Incident Response Plans, all of which are reviewed and tested.

Fraud Risk Management Unit

The Fraud Risk Management unit is responsible for:

Oversighting and co-ordinating the Group's approach to Fraud Risk management;
Developing and maintaining the framework, supporting policies and procedures for the management of internal and external fraud risks;
Promoting and adopting automated fraud preventive systems and technology, data analytics tools and effective controls for the prevention and early detection of external and internal fraud;
Establishing comprehensive Fraud Incident Response plan(s) across the Bank to ensure effective and timely management of external and internal fraud incidents;

Pillar 3 Disclosures 2024

3.2.4.1 Definition and Structure (continued)

Performing Fraud Risk Assessments on business activities and processes for the timely identification and monitoring of fraud risks across Group;
Ensuring that divisions and business departments have sound processes for identifying new and emerging fraud risks;
Assessing new regulations or amendments with regards to fraud related issues and performing regulatory gap analysis in cooperation with Compliance division and other related stakeholders;
Providing direction through policy, education, tools and training.

Third-Party Risk Management (TPRM) Unit

The TPRM unit is responsible for:

Co-ordinating the Group's approach to Third-Party Risk management;
Developing and maintaining the framework, supporting policies and procedures for the management of Third-Party risks;
Assessing new regulations or amendments with regards to outsourcing related issues and performing regulatory gap analysis in cooperation with Compliance division and other related stakeholders;
Assessing arrangements qualified as outsourcing, strategic or intragroup (based on the EBA Guidelines on outsourcing arrangements 2019 and CBC's Directive to Credit Institutions on Governance and Management Arrangements 2021);
Performing risk assessments for all aforementioned types of arrangements of the Group, in coordination with the other control functions;
Providing direction through policy, education, tools and training.

3.2.4.2 Management and Control of Operational Risk

The following diagram summarises the ORM Framework and its components:

The ORM framework addresses the following objectives:

Fostering awareness and understanding of operational risk among all staff and promoting a culture where staff is more conscious of risks;
Ensuring effective operational risk monitoring and reporting;
Providing transparent reporting of operational risks and material exposure to losses, to the management and providing all stakeholders with updates on implementation of action plans as well as the risk profile of the Group;
Promoting the implementation of a strong system of internal controls to ensure that operational incidents do not cause material damage to the Group's franchise and have a minimal impact on the Group's profitability and reputation;
Improving productivity, efficiency and cost effectiveness, with an objective to improve customer service and protect shareholder value.

Pillar 3 Disclosures 2024

3.2.4.2 Management and Control of Operational Risk (continued)

It should be noted that the Group conducts all its dealings with customers within high ethical standards and follows a very prudent and cautious strategy with regards to compensation or provision of incentives that could lead to risks of mis-selling. A thorough framework is in place for assessing all the relevant risks for new or changed products/services as a key control for minimising the risk of products or services being promoted to the customers that create the potential for unfair treatment or are otherwise not appropriate or relevant for certain customers. Additionally, the Group maintains a Customers Complaints Management process, the purpose of which is to provide the foundation for implementing a consistent, diligent, efficient, and impartial approach throughout the Group for the handling of customer complaints. The Group cultivates a culture where complainants are treated fairly and the complaints handling mechanism is perceived as a valuable opportunity to rebuild and enhance relationships with customers.

Risk Appetite

A defined Operational RAS is in place, which forms part of the Group's RAS. Thresholds are applied for conduct and other operational risk related losses.

Risk Control Self-Assessment (RCSA)

A RCSA methodology is established across the Group. The methodology follows a three-phase process: (i) Preparation (ii) Workshop and (iii) Reporting and Follow-up. It is a process that enables/empowers the business unit management and employees to: (i) identify the inherent and residual risks to the achievement of their objectives, (ii) assess and manage critical/high risk areas of the business processes, using a uniform Likelihood x Impact scale that forms a central point of reference within the ORM framework, (iii) self-evaluate the adequacy of controls and identify the lack of controls and (iv) develop and prioritize risk treatment action plans.

According to the RCSA methodology, business owners are requested to place emphasis on identifying risks that arise primarily from the risk areas under a full Risk Taxonomy (as outlined under Section 3.2.4.1).

With primary input from the process of RCSA, ORMD maintains a detailed risk register for each Unit, which forms an important component of the ORM analysis and reporting. Updating/enriching the risk register in terms of existing and potential new risks identified and their mitigation is an on-going process, sourced from RCSAs as mentioned above, but also from other risk and control assessments (RCAs) performed, e.g. by the Information Security Department, Third-Party Risk Assessments, New Product/Services Risk Assessments, Data Protection Impact Assessments, etc.

Risk-based Business Process Management

Risk based Business Process Management involves the assessment of risks, the provision of opinions on the acceptability of the risks assessed and the recommendation of additional controls in relation to changes made in business processes, new products or services, outsourced activities and new projects/initiatives. ORMD actively participates in the evaluation of new or amended procedures/policies, Tier 1/2 projects, new technology systems and other important decisions or developments, with an objective to facilitate and carry out the identification and assessment of any operational risks.

Pillar 3 Disclosures 2024

3.2.4.2 Management and Control of Operational Risk (continued)

Incident recording and analysis

Data on operational risk events (actual and potential losses, as well as near misses) is collected from all Group entities, with a threshold of €100 per actual/potential loss. An operational risk event is defined as any incident where through the failure or lack of a control, the Group could actually or potentially have incurred a loss. The definition includes circumstances whereby the Group could have incurred a loss, but in fact made a gain, as well as incidents resulting in potential reputational or regulatory impact.

The data collected is categorised and analysed to facilitate the management of operational risks and, where possible, to prevent future losses by implementing relevant mitigating actions. Emphasis is constantly placed on carrying out root-cause analysis of both operational risk incidents with a significant impact and repeated operational risk incidents which present worrying trends. In 2024, 519 loss events with gross loss equal to or greater than €1,000 were recorded including incidents of prior years (mostly legal cases) for which losses materialised in 2024, compared to 710 loss events in 2023.

Key Risk Indicators (KRIs)

A KRI is an operational or financial variable, which tracks the likelihood and/or impact of a particular operational risk. KRIs serve as a metric, which may be used to monitor the level of particular operational risks. KRIs are similar to, and often coincide with, KPIs and Key Control Indicators. KRIs are established from a pool of business data/indicators considered useful for the purpose of risk tracking. These indicators are used for the on-going monitoring of the Bank's operational risks, and mitigating actions are initiated in the case KRI limit violations are observed. Key observations from the KRIs are reported to top management and the RC.

Operational Risk Capital Requirements and ICAAP

Regulatory and economic capital requirements for operational risk are calculated using the Standardised Approach. Additional Pillar II Regulatory capital is calculated for operational risk on a scenario-based approach. Scenarios are built after taking into consideration the Key Risk Drivers, which are identified using a combination of methods and sources, through top-down and bottom-up approaches. Both approaches are complementary and are simultaneously used in order to identify all key risks the organization is faced with. The Key Risk identification process is reviewed every quarter as part of the ICAAP process and new risks identified are added, while others that become obsolete are removed. Risk scores are updated depending on changes to circumstances (e.g. added controls, changes in the regulatory environment, etc.). The Bank, following the EBA's methodology guidelines on stress-testing for Conduct and other operational risks, projects the P&L impact of losses arising from material and non-material conduct risks as well as other operational risks.

Network of ORM liaisons

Operational risk liaisons act as the point of contact with the aim to enable the effective implementation of the various operational risk methodologies across the Bank, by liaising with their departmental and unit management.

Training and awareness

Training is carried out throughout the Bank with the aim to promote risk culture and enhance awareness in relation to operational risks. As training and awareness regarding operational risk is one of the main objectives of the ORM Framework, on-going training sessions are established covering awareness on principles of Operational Risk, its management Framework and tools.

Pillar 3 Disclosures 2024

3.2.4.3 Management of Litigation risk

The LSD has set in place processes and procedures to ensure the effective and prompt management of Legal Risk. These processes and procedures primarily include the following:

Handling requests for legal advice from all Divisions;
Handling litigation against the Bank and providing support to Group entities for the handling of litigation against them;
On-going review and assessment of the legal framework and regulatory developments;
Reviewing new products/advertisements/internal policies, circulars and manuals, engagement letters with external counterparties, agreements, etc.;
Participation of the Chief Legal Officer in Bank's committees and various ad-hoc committees; and
Frequent reporting on pending litigation and latest developments in a number of Board and management committees.

Software systems are in place both for the filing of legal advice requests from all Divisions, as well as for the monitoring of litigation against the Bank. The structure of the LSD in teams of lawyers enables the timely allocation and completion of work. External Legal counsel is engaged for the representation of the Group before legal forums, as well as, for obtaining legal advice on issues/areas of Law which are not within LSD's specialisation/expertise.

A framework for the engagement, monitoring and assessment of the performance of external legal counsel has also been put in place in order to ensure that the best possible service is received. The participation and reporting of legal risk by the Chief Legal Officer in a number of Board and Management committees and in particular of all pending litigation against the Group ensures that the Bank is kept informed and updated of the Group's exposure in this respect. Such committees and groups include the Provisions Committee, the Board, the Board Committees, the Regulatory Steering Group, the EXCO, the Settlement of Legal Cases Committee and any other ad hoc committees. Additionally, LSD reports all litigation on a monthly basis to Operational Risk and other management bodies. Reporting to Operational Risk is done via the interface of the Legal system and ORM system (RCMS) which monitors litigations and is updated on an on-going basis.

Pending litigation, claims, regulatory and other matters

The Group in the ordinary course of business, is involved in various disputes and legal proceedings and is subject to enquiries and examinations, requests for information, audits, investigations and other proceedings by regulators, governmental and other public bodies, actual and threatened, relating to the suitability and adequacy of advice given to clients or the absence of advice, lending and pricing practices, selling and disclosure requirements, reporting and information security requirements and a variety of other matters. In addition, as a result of the deterioration of the Cypriot economy and banking sector in 2012 and the subsequent restructuring of BOC PCL in 2013 as a result of the bail-in Decrees, BOC PCL is subject to a number of proceedings that either precede or result from the events that occurred during the period of the bail-in Decrees.

The Group considers that none of these matters are material, either individually or in aggregate. Nevertheless, provisions have been made where: (a) there is a present obligation (legal or constructive) arising from past events, (b) the settlement of the obligation is expected to result in an outflow of resources embodying economic benefits, and (c) a reliable estimate of the amount of the obligation can be made.

Any provision recognised does not constitute an admission of wrongdoing or legal liability. While the outcome of these matters is inherently uncertain, management believes that, based on the information available to it, appropriate provisions have been made in respect of legal proceedings, regulatory and other matters as at 31 December 2024 and hence it is not believed that such matters, when concluded, will have a material impact upon the financial position of the Group.

Pillar 3 Disclosures 2024

3.2.4.4 Major developments relating to ORM during 2024

The Bank was closely monitoring the developments regarding the Ukraine crisis and the fighting in Gaza that continued throughout 2024, with several pathways for escalation into a broader regional war. In particular, ORM Function performed several risk assessments aiming to determine whether the Bank's operations are affected in terms of branch network or Third-Party dependencies, with no material findings.

During the year, Operational Risk performed an increased number of assessments for new products/procedures. A number of RCMS system enhancements were designed, developed and deployed (e.g. further enhancements of workflows). The RCSAs for 2024 as per the annual plan were completed successfully. The "Business Risk and Control Officer" role was successfully established within the Group. Dedicated Business Risk Officers have been assigned for Consumer Banking, Corporate, IBUs and Affluent Banking. Moreover, Operational Risk oversighted all Tier 1 and Tier 2 projects and handled in an effective and timely manner 1,054 incidents.

The Third-party Risk Management unit (under Operational Risk Management) has performed compliance assessment of all in-scope existing and new Outsourcing, Strategic and Intragroup contracts in accordance with EBA Guidelines and CBC outsourcing directive, aiming to identify and effectively handle any potential gaps or weaknesses. Furthermore, the Third-party Risk Management unit introduced additional KRIs for the oversight of Outsourcing and Strategic contracts and enhanced the current Concentration Model to include the aspect of Cloud Service Providers. Furthermore, Third Party Risk Management Unit enhanced Third Party Risk Management framework to incorporate the new DORA Regulation that will be in effect in 2025.

During the year, the Fraud Risk Management Unit has upgraded the Internet Banking / MobApp and Cards Fraud systems, introducing enhanced functionality and capabilities. A dedicated new fraud preventive system was also successfully implemented for the real time fraud monitoring of Outward Instant Payments (TIPS), reinforcing fraud prevention as the first Bank to introduce Outward Instant Payments in Cyprus. Additionally, the specialized Fraud Risk Assessment of SMEs and Corporate Banking Centres was completed.

3.2.4.5 Reporting

Important operational risks identified and assessed through the various tools/methodologies of the ORM framework, are regularly reported to top management, as part of overall risk reporting. More specifically, the CRO reports on risk to the EXCO and the RC on a monthly basis, while annual risk reports are submitted to the Regulators. Ad-hoc reports are also submitted to top management, as needed. Dashboards with metrics against the Bank's defined risk appetite are also submitted on a monthly basis to EXCO and the Board Risk Committee (BRC) through the CRO.

3.3 Governance Arrangements

3.3.1 Recruitment Policy

The Group recognises the benefits of having a diverse Board of Directors (Board) which includes and makes use of differences in skills, experience, background, nationalities and gender among the directors. When determining the optimum composition of the Board, consideration is given to balancing these differences and achieving the appropriate collective suitability to direct the Bank's activities and manage its risks.

The Nominations and Corporate Governance Committee (NCGC) is assigned the responsibility to regularly review the composition of the Board in order to identify, evaluate and select candidates whose skills will complement and add value to the collective knowledge and skills of the Board. Pursuant to this assessment the Committee then makes appropriate recommendations to the Board in accordance with the Group Board Nominations Policy and in line with the Group Policy on the Suitability of members of the management body and key function holders approved by the Board both of which are available online on the Bank's website.

The persons proposed for the appointment should have specialised skills and/or knowledge to enhance the collective knowledge of the Board and must be able to commit the necessary time and effort to fulfil their responsibilities. Prior to the appointment, the Company must obtain the approval of the ECB.

Each director nominee should be of a professional and educational background that enables him/her to have a general appreciation of the major issues facing banks. Such issues include corporate governance issues, regulatory obligations of a public issuer, human resources, remuneration issues, technology, climate related and environmental risks and strategic business planning. Specialised knowledge and experience in the application of internal control procedures and accounting issues are also required when considering members for appointment to the Audit Committee who must have significant, recent and relevant financial experience.

Factors considered by the NCGC in its review of potential candidates include:

Specialised skills and/or knowledge in accounting, finance, banking, law, business administration, the assessment of the effectiveness of the institution's arrangements, the interpretation of the institution's financial information or related subject;
Integrity, honesty and the ability to generate public confidence;
Demonstrated sound business judgement;
Knowledge of financial matters including understanding financial statements and financial ratios;
Knowledge of and experience with financial institutions;
Risk management experience;
Reputation of the potential candidate;
The competencies and skills that the Board considers each existing director to possess;
Possible gaps in knowledge and skills identified by the latest review of the composition of the Board;
Succession planning;
The need to attain and maintain the targets set by the Board Nominations and Diversity Policy for achieving and maintaining gender diversity on the Board (published on the Group's website). The Board aimed in 2024 in achieving at least 40% representation of women as per the European Commission's recommendation.

The Board seeks to continually enhance its operations and conducts a formal effectiveness evaluation of the Board, Board Committees, and individual Board Directors. In addition to reviewing the Board's operations, composition and overall effectiveness, the evaluation reviews past performance with the aim of identifying possible opportunities for improvement, determines whether the Board and its Committees are collectively effective in discharging their responsibilities and, in the case of individual Directors, determines whether each individual Director contributes effectively to the collective suitability of the Board.

3.3.1 Recruitment Policy (continued)

As of 31 December 2024, the Board is comprised of eight members: the Group Chairperson, Mr. Efstratios (Takis) Arapoglou, who was independent on appointment and remains independent, two executive directors (Mr. Panicos Nicolaou and Ms. Eliza Livadiotou) and five non-executive directors (Ms. Lyn Grobler, Mr. Adrian J. Lewis, Ms. Monique Hemerijck, Mr. Christian Hansmeyer and Mr. Stuart Birrell). In accordance with the provisions of the CBC Directive on Suitability, six of the non-executive directors are independent. The names and brief biographical details including each director's background, external directorships, and whether these are executive or non-executive, experience and independent status are set out in Appendix I of this Report. In Appendix I, where biographical details are presented, information on the NED who passed away during the year is also included.

Both on an individual and a collective basis, the directors are considered to have the range of skills, understanding, experience and expertise necessary to ensure the effective leadership of the Group and that high corporate governance standards are maintained.

The NCGC ensures a formal, rigorous, and transparent procedure when considering candidates for appointment to the Board and maintains continuous oversight of the Board's composition to ensure it remains appropriate and has regard for its purpose, culture, major business lines, risk profile and governance requirements.

The NCGC reviews, at least annually, the structure, size, and composition of the Board (including skills, knowledge, experience, independence, and diversity), and recommends to the Board the skills and experience required to provide sound governance oversight. These include experience in banking, insurance, markets and regulatory environments, risk management, financial management, strategy development, technology as well as cybersecurity and operations experience and knowledge of law, governance, compliance, audit and ESG. Assessing the skills profile of the Board ensures that the Board and committees comprise of members having an all-embracing perception of the Group's activities and the risks associated with them. The composition of the Board remains under continuous review and the NCGC maintains a constant focus on succession planning to ensure the continuation of a strong and diverse Board, which is appropriate to the Group's purpose and the industry within which it operates.

The NCGC adheres to the requirements of the Group Suitability Policy, which is fully aligned with the CBC Directive on Suitability (and the Joint European Securities and Markets Authority (ESMA) and EBA guidelines on the assessment of the suitability of members of the management body) and ensures a robust assessment of potential candidates which includes an interview by the NCGC and recommendation to the Board prior to the submission of suitability applications to the regulator for consideration.

In accordance with the Board Nominations and Diversity Policy, the assessment and due diligence process is extensive and includes self-certification confirmations of probity and financial soundness as well as external checks involving a review of various publicly available sources. All potential candidates are assessed to ensure they have the ability to act with integrity, lead by example and promote the desired culture, which evidences a commitment to high standards and values. The process also involves the NCGC satisfying itself as to the candidate's ability to devote sufficient time to the role, his/her independence and suitability.

At the same time, the NCGC assesses and documents its consideration of possible conflict of interest. Finally, an assessment of collective suitability is performed following which the NCGC makes recommendations to the Board, according to the provisions of the Joint Guidelines on Suitability.

Regulatory assessment and formal approval are required and given for all Board appointments.

Pillar 3 Disclosures 2024

3.3.2 Other Directorships

The NCGC ensures that individual Board directors have sufficient time to dedicate to their duties, having regard to applicable regulatory limits on the number of directorships which may be held by any individual director. The Board has determined the time commitment expected of non-executive directors to be at least 42 days per annum. Time devoted to the Group can be considerably more when serving on Board committees.

The NCGC considers whether a potential director is able to devote the requisite time and attention to the Bank's affairs, prior to the Board's approval of the individual's appointment.

BOC PCL has been classified as a 'significant institution' under the European Union (Capital Requirements) Regulation 2014. The CBC Directive on Suitability, which incorporates the provisions of Article 91 of the European Capital Requirements Directive ('CRD IV') on management bodies of credit institutions, determines that a director cannot hold more than one of the following combinations:

One executive directorship with two non-executive directorships; or
Four non-executive directorships.

For the purposes of the above, executive or non-executive directorships held within the same group shall count as a single directorship. Directorships in organisations which do not pursue predominantly commercial objectives do not count for the purposes of the above guidelines.

According to the CBC Directive mentioned above, the CBC may, in exceptional cases and taking into consideration the nature and complexity of the business of the Group, authorise members of the Board to hold one additional directorship.

The number of outside directorships held by the members of the Board is as follows:

Mr. Arapoglou 3 Non-Executive directorships
Mrs. Lyn Grobler 1 Executive directorship, 1 Non-Executive directorship
Mrs. Monique Hemerijck 1 Non-Executive directorship
Mr. Adrian J. Lewis 1 Non-Executive directorship
Mr. Christian Hansmeyer 1 Non-Executive directorship
Mr. Stuart Birrell 1 Executive directorship

Entities which do not pursue predominantly commercial objectives are excluded.

The biographies of the directors, including experience and knowledge, are presented in Appendix I and can be accessed on our website online and in the Annual Corporate Governance Report which is included in the Annual Financial Report and is available at www.bankofcyprus.com/en-gb/group/who-weare.

3.3.3 Diversity

The Group recognises the benefits of having a diverse Board and workforce, creating a work environment where everyone has an opportunity to fully participate in creating business success, and where each person is valued for their distinctive skills, experiences, and perspectives. In reviewing Board composition and identifying suitable candidates, the NCGC considers the benefits of all aspects of diversity including the skills identified as relevant to the business of the Group, industry experience, nationality, gender, age and other relevant qualities, in order to maintain an appropriate range and balance of skills, experience and background on the Board.

All Board appointments are made on merit, in the context of the skills, experience, independence and knowledge which the Board as a whole is required to have to be effective and the diversity benefits each candidate can bring to the overall board composition.

3.3.3 Diversity (continued)

The Group's approach to Board diversity is set out in full in the Board Nominations and Diversity Policy, which can be found online. The Board Nominations and Diversity Policy recognises that a truly diverse Board will include and make good use of the differences in skills, experience, background, race, gender and other distinctions brought by each director, with such differences being considered in determining the optimum composition of the Board.

Non-executive members of the Board possess a wide range of skills, knowledge and extensive experience acquired from executive and/or non-executive appointments as directors of other companies, that combine to provide independent perspective, insights and challenge needed to support good decision-making and effective board dynamics. The effectiveness of the Board depends on ensuring the right balance of directors with banking or financial services experience and broader commercial experience. Directors bring their individual knowledge, skills, and experience to bear in discussions on the major challenges facing the Group. The participation of executives on the Board enhances the banking expertise of the Board and ensures that the Board is provided with direct, precise, and up-to-date information about significant issues concerning the Group.

During 2024, the NCGC reviewed the Board Nominations and Diversity Policy, which aims to maintain diversity with appointments based on merit in the context of the skills and experience required. The quantitative gender diversity of BOCH for 2024 was set at 40% female representation. BOCH has been implementing an action plan approved by the NCGC describing all key intervening milestones leading to the accomplishment of this target. The changes in the composition of the Board in 2024 changed the diversity at 37.5% as at 31 December 2024. The Board remains committed to maintaining its set target.

The Board also places high emphasis on ensuring the development of diversity in the senior management roles within the Group. A number of Group policies ensure unbiased career progression opportunities. The Code of Conduct similarly ensures equal opportunities to all members of staff and treats diversity with fairness and respect aiming to provide fair treatment for everyone at work. A primary ESG target approved under the ESG strategy by the Board is ≥30% women in Group's management bodies by 2030.

As of 31 December 2024, there is a 33% representation of women in Group's management bodies (defined as the EXCO) and a 47% representation of women at key positions such as Managers, Heads, Leads, Team Heads (defined as the wider Group Leadership).

As per the required Financial Conduct Authority (FCA) Diversity disclosures, the following is applicable in relation to the Bank as from 1 January 2024 to 31 December 2024:

➢ 37.5% of the individuals on the Board are women.
➢ The Executive Director Finance, Eliza Livadiotou is a woman.
➢ The Board recognises the challenges in setting diversity targets. Cyprus is the geographical provenance of the Group's customer and employee base and having also regards to the ethnic background of Cyprus population, at this time, the Board has not set a target for having at least one member of the Board from a non-white ethnic minority background. Notwithstanding this, when considering Board appointments, the Board will have regard to the requirements under the UK FCA Listing Rules.

	Number of Board members	Percentage of the Board	Number of senior positions on the board (CEO, CFO, SID, and Chair)	Number in EXCO	Percentage of EXCO	Number in wider Group Leadership	Percentage in wider Group Leadership
Men	5	62.5%	3	4	67%	61	59%
Women	3	37.5%	1	2	33%	43	47%

Pillar 3 Disclosures 2024

3.3.4 Board Risk Committee (RC)

The RC purpose and responsibilities

The Board of Directors, through the BRC, is responsible to ensure that a coherent and comprehensive Risk Management Framework for the identification, assessment, monitoring and controlling of all risks is in place. The framework ensures that material and emerging risks are identified, including, but not limited to, risks that might threaten the Group's business model, future performance, liquidity, and solvency. Such risks are taken into consideration in defining the Group's overall business strategy ensuring alignment with the Group's risk appetite.

The BRC reviews and proposes to the Board on an annual basis, or more frequently, if necessary, the Bank's risk appetite for approval, and ensures that the Bank's risk appetite is clearly communicated throughout the Bank and forms the basis on which risk policies and risk limits are established at group, business and/or sector level. It also reviews all risk management frameworks, methodologies and policies for identifying, measuring, evaluating, monitoring, reporting and mitigating risks, including frameworks, methodologies and policies related credit risk, market risk, asset and liability management, operational risk and compliance, as well as other risks such as reputational risk, strategic, conduct, legal risk, cyber risk, ICT risks, and risks arising from ESG and proposes their endorsement to the Board of Directors.

The BRC reviews reports and evaluates the overall risk exposure of the Bank and the Group on a regular basis, taking into account the approved risk appetite and the business plan of the Group, to review proposals and recommend corrective actions to the Board where there is a breach in the Risk Appetite of the Bank. Certain topics related to areas of responsibility of the Committee shall also be discussed at the Board of Directors level.

The BRC convenes regularly at least on a monthly basis, and on an ad hoc basis whenever the Committee Chair deems fit. During 2024, the Board Risk Committee convened seventeen times. In the context of its responsibilities and during the year, key workings of the Committee included:

Review Risk Appetite Framework with additions among others in the area of Climate and Environment (C&E), Risk Appetite Statement, Risk Profile Report, Emerging Risks Report, Risk Culture Dashboard;
Ongoing-monthly updates on Risk Management issues and ad hoc briefings on developments;
Review of Operational Risk KRI Dashboard, Risk & Control Self-Assessment (RCSA) process, Specialised Fraud Assessment and BCP reviews and Test Plan for the year;
Review and updates of ICAAP/ILAAP exercise including assumptions, stress scenarios and reverse stress scenarios;
Review of Annual Regulatory reports and disclosures (Annual Risk Management Report, Risk Management Division Declaration of Independence, Annual Operational Risk Report);
Review and approval of policies and Terms of Reference that fall under its responsibilities;
Regular updates on asset quality and main credit risk areas of the Group (Credit Quality Dashboard, Asset Quality Target Setting, Credit exposures greater than €100 million and proposed strategies to reduce, increase or maintain);
Review of Credit Applications recommended/approved by Credit Committee 3 or ADC;
Review of Credit Provisions for all quarters (jointly with the AC Committee);
Review and challenge the Bond Investment Strategy, Market and Country and Counterparty limits;
Review of Contingency Funding Plan governance, NII hedging Strategy;
Review/Deep dive on C&E risk materiality assessment, ECB C&E Thematic Review;
Update on the Group's outsourcing arrangements and their compliance status;
Review and regular updates of Information Security reports;
Review KRIs and optimise RAS thresholds;
Follow-up of SREP, onsite inspections and regular Regulatory updates;
Performance of Appraisal of the Chief Risk Officer and the Information Security Manager.

Pillar 3 Disclosures 2024

3.3.4 Board Risk Committee (RC) (continued)

The appointment and removal of the CRO and the Chief Information Security Officer are recommended by the RC and approved by the Board.

3.3.5 Reporting and Control

On an annual basis, the Chairman of the Risk Committee specifies both the information required by the Committee to discharge its duties and the calendar of the meetings. The agenda includes, among others, several regular topics described below:

Risk appetite framework and risk appetite dashboard
Financial plan risk assessment
ICAAP and ILAAP
Updates on all main risks faced by the Bank
Credit portfolio overview
Loan loss provisions
Stress test results
Risk quantification
Regulatory communication
Information security
Updates on specific segment of the portfolio such as shipping, syndicated lending, real estate portfolio.

Further to the above topics, there are other, supplementary and ad-hoc reports that are brought to the Committees attention. Reports are generally presented by the CRO, other executives or managers of Risk Management Departments.

In addition to the Risk Committee, reports relating to the above topics are also discussed at EXCO and Board.

4. Scope of Application

Differences on the basis of consolidation for financial reporting and prudential purposes

The data included in this Report may be different than the respective data of the Consolidated Financial Statements of the Company for 2024, which are prepared in line with IFRS, as adopted by the EU, mainly due to differences between the prudential consolidation basis and the accounting consolidation basis and/or differences in the definitions used. The reconciliation between the balance sheet presented in the Consolidated Financial Statements of the Company for 2024 and the balance sheet prepared for prudential purposes is disclosed in this section.

The Consolidated Financial Statements have been prepared on a historical cost basis, except for properties held for own use and investment properties, investments at FVOCI, financial assets (including loans and advances to customers and investments) at FVPL and derivative financial assets and derivative financial liabilities that have been measured at fair value, non-current assets held for sale measured at fair value less costs to sell and stock of property measured at net realisable value where this is lower than cost. The carrying values of recognised assets and liabilities that are hedged items in fair value hedges, and otherwise carried at cost, are adjusted to record changes in fair value attributable to the risks that are being hedged.

The Consolidated Financial Statements have been prepared in accordance with the IFRSs as adopted by the European Union (EU) and with those parts of the Companies Act 2014 applicable to companies reporting under IFRSs. The basis of consolidation for prudential purposes includes only those entities which form the basis for the calculation of regulatory capital requirements.

The chart below summarises the Group's structure on the basis of consolidated accounting and prudential purposes.

4. Scope of Application (continued)

The basis of consolidation of all Group entities for accounting and prudential purposes is presented in Appendix II.

As shown in table EU LI3 (Appendix II), as at 31 December 2024, the following subsidiaries were not included in the regulatory consolidation: EuroLife Ltd, General Insurance of Cyprus Ltd, BOC Secretarial Company Ltd, Ledra Estate Ltd, Laiki Bank (Nominees) Ltd, Nelcon Transport Co. Ltd, Kyprou Properties SA, Kyprou Asfalistiki (branch of General Insurance of Cyprus Ltd) and Kyprou Zois (branch of EuroLife Ltd). For none of these subsidiaries the actual own funds as at 31 December 2024, where applicable, were less than those required.

Material legal entities

The analysis is intended to show which legal entities within the Group contribute significantly to the asset, financial and earnings situation, or to provide or support critical functions and/or essential business activities.

A group company is classified as material in the following cases:

if at least one of the following quantitative criteria is met or
if at least the first of the following qualitative criteria is met.

Quantitative criteria:

Contribution to the RWAs of the Group greater than 5%
Contribution to Group revenues greater than 5%
Contribution to the Total Assets of the Group greater than 5%

Qualitative criteria:

Provision of a critical function or core business line
Provide a service or support function to maintain a critical function or core business line.

Based on EBA Technical advice on critical functions and core business lines (EBA/Op/2015/05) and the Commission Delegated Regulation (CDR) 2016/778, 'Function' indicates a structured set of activities, services or operations that are delivered by an institution or group to third parties. Critical functions mean activities, services or operations the discontinuance of which is likely to lead to the disruption of services that are essential to the real economy or to disrupt financial stability due to the size, market share, external and internal interconnectedness, complexity and cross-border activities of an institution or group, with particular regard to the substitutability of those activities, services or operations.

According to the EU Commission Delegated Regulation (2016) on CFs, a function shall be considered critical, when it meets both of the following criteria:

The function is provided by an institution to third parties not affiliated to the institution or group and
The sudden disruption to provide that function would likely have a material negative impact on the third parties, give rise to contagion or undermine the general confidence of market participants due to the systemic relevance of the function for the third parties and the systemic relevance of the institution or group in providing the function.

This requires that the function cannot be substituted on acceptable terms within a reasonable timeframe, which would exclude such an impact of the failure.

The results of the materiality analysis of the legal entities for 31 December 2024 are presented in Appendix IV. The fulfilled criteria are highlighted in each case for the legal entities identified as material. Based on the qualitative and quantitative criteria, the Bank and JCC Payment Systems Ltd have been identified as material entities as at 31 December 2024.

Pillar 3 Disclosures 2024

4.1 Reconciliation of regulatory own funds to balance sheet in the audited financial statements

EU CC2 - Reconciliation of regulatory own funds to balance sheet in the audited financial statements

		a	b	c
	3 1 De c e mbe r 2 0 2 4	Consolida te d Ba la nc e she e t a s in publishe d fina nc ia l sta te me nts	Consolida te d Ba la nc e She e t unde r re gula tory sc ope of c onsolida tion	Re fe re nc e (1)
		€ million	€ million
	Asse ts
1	Cash and balances with central banks	7,601	7,601
2	Loans and advances to banks	821	815
3	Reverse repurchase agreements	1,010	1,010
4	Derivative financial assets	9 5	9 5
5	Investments at FVPL	137	15
6	Investments at FVOCI	416	385	(h)
7	Investments at amortised cost	3,806	3,806
8	Loans and advances to customers	10,114	10,114
9	Life insurance business assets attributable to policyholders	773	-
10	Prepayments, accrued income and other assets	479	422
11	Stock of property	649	649
12	Investment properties	3 6	2 7
13	Deferred tax assets	167	167
14	Property and equipment	307	280
15	Intangible assets	5 0	4 1	(e)
16	Non- current assets and disposal groups held for sale	2 3	2 3
17	Investments in Group undertakings	-	2 3	(i)
18	Tota l a sse ts	26,484	25,473
	Lia bilitie s
1	Deposits by banks	364	364
2	Derivative financial liabilities	5	5
3	Customer deposits	20,519	20,539
4	Changes in the fair value of hedged items in portfolio hedges of interest rate risk	4 4	4 4
5	Insurance contract liabilities	744	-
6	Accruals, deferred income, other liabilities and other provisions	557	413
7	Provisions for pending litigation, claims, regulatory and other matters	9 3	9 3
8	Debt securities in issue	989	989
9	Subordinated liabilities	307	307	(g)
10	Deferred tax liabilities	3 2	2 8
	Tota l lia bilitie s	23,654	22,782
11
	Equity
1	Share capital	4 4	4 4	(a)
2	Share premium	594	594	(b)
3	Revaluation and other reserves	8 6	8 9	(d)
4	Retained earnings	1,866	1,724	(c)
5	Equity a ttributa ble to the owne rs of the Compa ny	2,590	2,451
6	Other equity instruments	220	220	(f)
7	Equity attributable to owners of the Company	2,810	2,671
8	Non- c ontrolling inte re sts	20	20
9	Tota l e quity	2,830	2,691

Pillar 3 Disclosures 2024

4.1 Reconciliation of regulatory own funds to balance sheet in the audited financial statements (continued)

EU CC2 - Reconciliation of regulatory own funds to balance sheet in the audited financial statements

		a	b	c
	31 December 2023	Consolidated Balance sheet as in published financial statements	Consolidated Balance Sheet under regulatory scope of consolidation	Reference 1
		€ million	€ million
	Assets
1	Cash and balances with central banks	9,615	9,614
2	Loans and advances to banks	385	376
3	Reverse repurchase agreements	403	403
4	Derivative financial assets	51	51
5	Investments at FVPL	135	8
6	Investments at FVOCI	443	437	(h)
7	Investments at amortised cost	3,117	3,117
8	Loans and advances to customers	9,822	9,822
9	Life insurance business assets attributable to policyholders	649	-
10	Prepayments, accrued income and other assets	585	523
11	Stock of property	826	824
12	Investment properties	62	52
13	Deferred tax assets	201	201
14	Property and equipment	286	257
15	Intangible assets	49	40	(e)
16	Investments in Group undertakings	-	35	(i)
17	Total assets	26,629	25,760
	Liabilities
1	Deposits by banks	472	472
2	Funding from central banks	2,044	2,044
3	Derivative financial liabilities	18	18
4	Customer deposits	19,337	19,380
5	Insurance contract liabilities	658	-
6	Accruals, deferred income, other liabilities and other provisions	469	355
7	Provisions for pending litigation, claims, regulatory and other matters	132	132
8	Debt securities in issue	672	672
9	Subordinated liabilities	307	307	(g)
10	Deferred tax liabilities	32	27
11	Total liabilities	24,141	23,407
	Equity
1	Share capital	45	45	(a)
2	Share premium	594	594	(b)
3	Revaluation and other reserves	90	92	(d)
4	Retained earnings	1,518	1,381	(c)
5	Equity attributable to the owners of the Company	2,247	2,112
6	Other equity instruments	220	220	(f)
7	Non-controlling interests	21	21
8	Total equity	2,488	2,353
9	Total liabilities and equity	26,629	25,760

The references (a) to (i) refer to the items of template EU CC1 in Section 5.1.

Pillar 3 Disclosures 2024

4.1.1 EU LI1 - Differences between accounting and regulatory scopes of consolidation and mapping of financial statement categories with regulatory risk categories

The difference between the carrying values reported in the Consolidated Financial Statements of the Company for 2024 and the carrying values under the scope of regulatory consolidation is due to the different basis of consolidation for prudential purposes. The basis of consolidation for prudential purposes includes only those entities which form the basis for the calculation of the regulatory capital requirements. A summary of the Group's structure on the basis of consolidation for the prudential purposes and the basis for consolidated accounting is presented in Section 4 'Differences on the basis of consolidation for financial reporting and prudential purposes'. Also, reconciliation between the Balance Sheet presented in Consolidated Financial Statements of the Company for 2024 and the Balance Sheet for regulatory purposes is presented in Section 4.1. The shift in the exposures under each framework between 2024 and 2023 is in line with the changes in column (b).

The table illustrates the balance sheet items as they are applied in the RWA and capital requirements calculation whereby the amounts included in column (b), the carrying values under the scope of regulatory consolidation are analysed into the framework they are subject to in calculating the RWAs through CRR, columns (c) to (g).

		a	b	c	d	e	f	g
		Carrying		Carrying values of items
3 1 De c e mbe r 2 0 2 4		values as reported in published financial statements	Carrying values under scope of regulatory consolidation	Subject to the credit risk framework	Subject to the CCR framework	Subject to the securitisation framework	Subject to the market risk framework	Not subject to own funds requirements or subject to deduction from own funds
		€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n
	Breakdown by asset classes according to the balance sheet in the published financial statements
1	Cash and balances with central banks	7,601	7,601	7,601	-	-	-	-
2	Loans and advances to banks	821	815	808	7	-	-	-
3	Reverse repurchase agreements	1,010	1,010	-	1,010	-	-	-
4	Derivative financial assets	95	95	-	95	-	-	-
5	Investments at FVPL	137	15	15	-	-	-	-
6	Investments at FVOC I	416	385	385	-	-	-	-
7	Investments at amortised cost	3,806	3,806	3,806	-	-	-	-
8	Loans and advances to customers	10,114	10,114	10,114	-	-	-	-
9	Life insurance business assets attributable to policyholders	773	-	-	-	-	-	-
1 0	Prepayments, accrued income and other assets	479	422	422	-	-	-	-
1 1	Stock of property	649	649	625	-	-	-	24
1 2	Investment properties	36	27	27	-	-	-	-
1 3	Property and equipment	307	280	280	-	-	-	-
1 4	Intangible assets	50	41	15	-	-	-	26
1 5	Non-current assets and disposal groups held for sale	23	23	23	-	-	-	-
1 6	Investments in Group undertakings, associates and joint ventures	-	23	23	-	-	-	-
1 7	Deferred tax assets	167	167	167	-	-	-	-
1 8	Total assets	26,484	25,473	24,311	1,112	-	-	50

	a	b	c	d	e	f	g
	Carrying		Carrying value of items
3 1 De c e mbe r 2 0 2 4	values as reported in published financial statements	Carrying values under scope of regulatory consolidation	Subject to the credit risk framework	Subject to the CCR framework	Subject to the securitisation framework	Subject to the market risk framework	Not subject to own funds requirements or subject to deduction from own funds
	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n
Breakdown by liability classes according to the balance sheet in the published financial statements
Deposits by banks 1	364	364	-	-	-	-	364
Derivative financial liabilities 2	5	5	-	5	-	-	-
Customer deposits 3	20,519	20,539	-	-	-	-	20,539
Changes in the fair value of hedged items in portfolio 4 hedges of interest rate risk	44	44	-	-	-	-	44
Insurance contract liabilities 5	744	-	-	-	-	-	-
Accruals,deferred income, other 6 liabilities and other provisions	557	413	19	-	-	-	394
Provisions for pending litigation, claims, regulatory and other 7 matters	93	93	-	-	-	-	93
Debt securities in issue 8	989	989	-	-	-	-	989
Subordinated liabilities 9	307	307	-	-	-	-	307
Deferred tax liabilities 1 0	32	28	-	-	-	-	28
Total liabilities 1 1	23,654	22,782	19	5	-	-	22,758

		a	b	c	d	e	f	g
				Carrying value of items
3 1 De c e mbe r 2 0 2 3		Carrying values as reported in published financial statements (restated)1	Carrying values under scope of regulatory consolidation	Subject to the credit risk framework	Subject to the CCR framework	Subject to the securitisation framework	Subject to the market risk framework	Not subject to own funds requirements or subject to deduction from own funds
		€ million	€ million	€ million	€ million	€ million	€ million	€ million
	Breakdown by asset classes according to the balance sheet in the published financial statements
1	Cash and balances with central banks	9,615	9,614	9,614	-	-	-	-
2	Loans and advances to banks	385	376	346	30	-	-	-
3	Reverse repurchase agreements	403	403	-	403	-	-	-
4	Derivative financial assets	51	51	-	51	-	-	-
5	Investments at FVPL	135	8	8	-	-	-	-
6	Investments at FVOC I	443	437	437	-	-	-	-
7	Investments at amortised cost	3,117	3,117	3,117	-	-	-	-
8	Loans and advances to customers	9,822	9,822	9,822	-	-	-	-
9	Life insurance business assets attributable to policyholders	649	-	-	-	-	-	-
1 0	Prepayments, accrued income and other assets	585	523	523	-	-	-	-
1 1	Stock of property	826	824	796	-	-	-	28
1 2	Investment properties	62	52	52	-	-	-	-
1 3	Property and equipment	286	257	257	-	-	-	-
1 4	Intangible assets	49	40	15	-	-	-	25
1 5	Investments in Group undertakings, associates and joint ventures	-	35	35	-	-	-	-
1 6	Deferred tax assets	201	201	201	-	-	-	-
1 7	Total assets	26,629	25,760	25,223	484	-	-	53
1 O n	1 January 2024 the Group adopted been restated to re flect the im pact o	IFRS 1 7 f IFRS 17. There	'Insurance contracts' was no im pact on the	which replaced	IFRS 4 'Insurance Consolidated balances Shee	contracts'. t under regulatory scope	2023 com parative o	inform ation has f consolidation.

		a	b	c	d	e	f	g
3 1 De c e mbe r 2 0 2 3		Carrying		Carrying value of items
		values as reported in published financial statements (restated)1	Carrying values under scope of regulatory consolidation	Subject to the credit risk framework	Subject to the CCR framework	Subject to the securitisation framework	Subject to the market risk framework	Not subject to own funds requirements or subject to deduction from own funds
		€ million	€ million	€ million	€ million	€ million	€ million	€ million
	Breakdown by liability classes according to the balance sheet in the published financial statements
1	Deposits by banks	472	472	-	-	-	-	472
2	Funding from central banks	2,044	2,044	-	-	-	-	2,044
3	Derivative financial liabilities	18	18	-	18	-	-	-
4	Customer deposits	19,337	19,380	-	-	-	-	19,380
5	Insurance contract liabilities	658	-	-	-	-	-	-
6	Accruals,deferred income, other liabilities and other provisions	469	355	19	-	-	-	336
7	Deferred tax liabilities	132	132	-	-	-	-	132
8	Provisions for pending litigation, claims, regulatory and other matters	672	672	-	-	-	-	672
9	Debt securities in issue	307	307	-	-	-	-	307
1 0	Subordinated liabilities	32	27	-	-	-	-	27
1 1	Total liabilities	24,141	23,407	19	18	-	-	23,370
1 O n	1 January 2024 the Group adopted been restated to re flect the impact o	IFRS 1 7 f IFRS 17. There	'Insurance contracts' was no impact on the	which replaced	IFRS 4 'Insurance Consolidated balances Shee	contracts'. t under regulatory scope	2023 comparative o	inform ation has f consolidation.

Pillar 3 Disclosures 2024

4.1.2 Main sources of differences between regulatory exposure amounts and carrying values in the Financial Statements

The table presents the main sources of differences between the carrying values under the scope of regulatory consolidation and the exposure amounts that are used to calculate the RWA under each regulatory framework of the CRR.

Row 5, "Differences in valuations", refers to additional valuation adjustments following regulatory supervisory recommendations.

Row 6, "Differences due to netting rules", presents the impact of the application of netting agreements under the SA-CCR approach in calculating RWA for derivatives and Securities Financing Transactions (SFTs).

Row 7, "Differences due to consideration of provisions", refers to transitional arrangement adjustments described in Section 5.1.

Row 8, "Differences due to the use of credit mitigation techniques", presents financial collateral amounts that are used in decreasing the exposures values for RWA calculation purposes under the Financial Collateral Comprehensive Method.

Row 9, "Differences due to credit conversion factors", presents the adjustment on the off-balance sheet items presented in row 4 converting them to credit equivalents.

Row 11, "Other differences", presents the balance sheet items that due to their nature either do not participate in the RWA and capital requirements calculations and they are analysed in rows 11.01 and 11.02.

There are material shifts between 2024 and 2023 other than the shifts in the carrying values under the scope of regulatory consolidation analysed in Section 4.1.1 above. The difference between the regulatory exposure amounts and the carrying values under the prudential scope of consolidation for the years 2024 and 2023 is driven by the same factors.

4.1.2 Main sources of differences between regulatory exposure amounts and carrying values in the Financial Statements (continued)

EU LI2-Main sources of differences between regulatory exposure amounts and carrying values in the Financial Statements

31 December 2024		a	b	c	d	e
			Items subject to
		Total	Credit risk framework	Securitisation framework	CCR framework	Market risk framework
		€ million	€ million	€ million	€ million	€ million
1	Assets carrying value amount under the scope of regulatory consolidation (as per template EU LI1)	25,473	24,311	-	1,112	-
2	Liabilities carrying value amount under the regulatory scope of consolidation (as per template EU LI1)	(22,782)	(19)	-	(5)	-
3	Total net amount under the regulatory scope of consolidation	2,691	24,292	-	1,107	-
4	Off-balance-sheet amounts	2,758	2,758	-	-	-
5	Differences in valuations	(42)	(18)	-	-	-
6	Differences due to different netting rules, other than those already included in row 2	19	-	-	19	-
7	Differences due to consideration of provisions	2	2	-	-	-
8	Differences due to the use of credit risk mitigation techniques (CRMs)	(1,900)	(897)	-	(1,003)	-
9	Differences due to credit conversion factors	(1,948)	(1,948)	-	-	-
1 0	Differences due to Securitisation with risk transfer	-	-	-	-	-
1 1	Other differences	22,732	-	-	-	-
11.01	Deductions from Capital - Total Assets (EU LI1: column g less EU LI1 column (g) row 14)	(26)	-	-	-	-
11.02	Deductions from Capital - Total Liabilities (EU LI1: column g)	22,758	-	-	-	-
11.03	Differences between due to Securities Financing Transactions	-	-	-	-	-
12	Exposure amounts considered for regulatory purposes	24,312	24,190	-	123	-

4.1.2. Main sources of differences between regulatory exposure amounts and carrying values in the Financial Statements (continued)

EU LI2-Main sources of differences between regulatory exposure amounts and carrying values in the Financial Statements

31 December 2023		a	b	c	d	e
			Items subject to
		Total	Credit risk framework	Securitisation framework	CCR framework	Market risk framework
		€ million	€ million	€ million	€ million	€ million
1	Assets carrying value amount under the scope of regulatory consolidation (as per template EU LI1)	25,760	25,223	-	484	-
2	Liabilities carrying value amount under the regulatory scope of consolidation (as per template EU LI1)	(23,407)	(19)	-	(18)	-
3	Total net amount under the regulatory scope of consolidation	2,353	25,204	-	466	-
4	Off-balance-sheet amounts	2,689	2,689	-	-	-
5	Differences in valuations	(91)	(63)	-	-	-
6	Differences due to different netting rules, other than those already included in row 2	(12)	-	-	(12)	-
7	Differences due to consideration of provisions	7	7	-	-	-
8	Differences due to the use of credit risk mitigation techniques (CRMs)	(1,199)	(779)	-	(420)	-
9	Differences due to credit conversion factors	(1,911)	(1,911)	-	-	-
1 0	Differences due to Securitisation with risk transfer	-	-	-	-	-
1 1	Other differences	23,345	-	-	-	-
11.01	Deductions from Capital - Total Assets (EU LI1: column g less EU LI1 column (g) row 9 included in EU LI2 row 5)	(25)	-	-	-	-
11.02	Deductions from Capital - Total Liabilities (EU LI1: column g)	23,370	-	-	-	-
11.03	Differences between due to Securities Financing Transactions	-	-	-	-	-
12	Exposure amounts considered for regulatory purposes	25,182	25,148	-	34	-

5. Own Funds

5.1 CRD Regulatory Capital

The tables below disclose the components of regulatory capital as at 31 December 2024 and 2023.

This disclosure has been prepared using the format set out in Annex VII of the 'Commission Implementing Regulation (EU) No 2021/637', which presents CET1 capital, AT1 capital, Tier 2 capital as well as Provision and Deduction items.

	EU CC1 - Composition of regulatory own funds
		(a)	(b)	(c )
		31 D ecember 2024 1	31 D ecember 2023 2	Source based on reference numbers/letters of the consolidated balance sheet under the
		€ millio n	€ millio n	regulatory scope of consolidation (EU CC2)
	Common Equity Tier 1 (CET1) capital: instruments and reserves
1	C apital ins truments and the related s hare premium ac c ounts	638	639	(a) plus (b)
2	Retained earnings	1,230	862	(c)1,2
3	A c c umulated other c omprehens ive inc ome (and other res erves )	53	58	(d)3
E U -3 a	Funds for general banking ris k	-	-
4	A mount o f qualifying items referred t o i n A rtic le 484 (3 ) C RR and the related s hare premium ac c ounts s ubjec t to phas e out from C E T 1	-	-
5	M inority interes ts (amount allowed in c ons olidated C E T 1 )	-	-
E U -5 a	I ndependently reviewed interim profits net o f any fores eeable c harge o r dividend	252	380	(c)1,2
6	Common Equity Tier 1 (CET1) capital before regulatory adjustments	2,173	1,940

Pillar 3 Disclosures 2024

5.1 CRD Regulatory Capital (continued)

		(a) 31 D ecember 2024 1	(b) 31 D ecember 2023 2	(c ) Source based on reference numbers/letters of the consolidated balance sheet under the
		€ millio n	€ millio n	regulatory scope of consolidation (EU CC2)
	Common Equity Tier 1 (CET1) capital: regulatory adjustments
7	(negative amount)4 A dditional value adjus tments	(46)	(90)
8	I ntangible as s ets (net of related tax liability) (negative amount)	(25)	(24)	(e)5
9 1 0	N ot applic able Deferred tax as s ets that rely o n future profitability exc luding thos e aris ing from temporary differenc es (net o f related tax liability where the	- -	- -
	c onditions in A rtic le 3 8 (3 ) C RR are met) (negative amount) Fair value res erves related t o gains o r los s es o n c as h flow hedges o f
1 1	financ ial ins truments that are not valued at fair value	-	-
1 2	N egative amounts res ulting from the c alc ulation o f expec ted los s amounts	-	-
1 3	A ny inc reas e i n equity that res ults from s ec uritis ed as s ets (negative amount)	-	-
1 4	Gains o r los s es o n liabilities valued a t fair value res ulting from c hanges in own c redit s tanding	-	-
1 5	Defined-benefit pens ion fund as s ets (negative amount)	-	-
1 6	Direc t, indirec t and s ynthetic holdings b y a n ins titution o f own C E T 1 ins truments (negative amount)	-	-
1 7	Direc t, indirec t and s ynthetic holdings o f the C E T 1 ins truments o f financ ial s ec tor entities where thos e entities have rec iproc al c ros s holdings with the ins titution des igned t o inflate artific ially the own funds of the ins titution (negative amount)	-	-
1 8	Direc t, indirec t and s ynthetic holdings b y the ins titution o f the C E T 1 ins truments o f financ ial s ec tor entities where the ins titution does not have a s ignific ant inves tment i n thos e entities (amount above 10% thres hold and net of eligible s hort pos itions ) (negative amount)	-	-
1 9	Direc t, indirec t and s ynthetic holdings b y the ins titution o f the C E T 1 ins truments o f financ ial s ec tor entities where the ins titution has a s ignific ant inves tment i n thos e entities (amount above 10% thres hold and net of eligible s hort pos itions ) (negative amount)	-	-
2 0	N ot applic able	-	-
E U -2 0 a	E xpos ure amount o f the following items whic h qualify for a R W o f 1 2 5 0% , where the ins titution opts for the deduc tion alternative	-	-
E U -2 0 b	of which: qualifying holdings outs ide the financial s ector (negative amount)	-	-
E U -2 0 c	of which: s ecuritis ation pos itions (negative amount)	-	-
E U -2 0 d 2 1	of which: free deliveries (negative amount) Deferred tax as s ets aris ing from temporary differenc es (amount above 10% thres hold, net o f related tax liability where the c onditions i n A rtic le 3 8 (3 ) C RR are met) (negative amount)	- -	- -
2 2	A mount exc eeding the 1 7 .6 5% thres hold (negative amount)	-	-
2 3	of which: direct, indirect and s ynthetic holdings b y the ins titution of the CET1 ins truments of financial s ector entities where the ins titution has a s ignificant inves tment in thos e entities	-	-
2 4	N ot applic able	-	-
2 5	of which: deferred tax as s ets aris ing from temporary dif ferences	-	-
E U -2 5 a	Los s es for the c urrent financ ial year (negative amount)	-	-	)1,2 (c
E U -2 5 b	Fores eeable tax c harges relating t o C E T 1 items exc ept where the ins titution s uitably adjus ts the amount o f C E T 1 items ins ofar a s s uc h tax c harges reduc e the amount u p t o whic h thos e items may b e us ed t o c over ris ks or los s es (negative amount)	-	-
2 6	N ot applic able	-	-
2 7	Q ualifying A T 1 deduc tions that exc eed the A T 1 items o f the ins titution	-	-
27a	(negative amount) O ther regulatory adjus tments	(26)	(27)
2 8	Total regulatory adjustments to Common Equity Tier 1 (CET1)	(97)	(142)
2 9	Common Equity Tier 1 (CET1) capital	2,075	1,798

5.1 CRD Regulatory Capital (continued)

	EU CC1 - Composition of regulatory own funds
		(a)	(b)	(c )
		31 D ecember 2024 1	31 D ecember 2023 2	Source based on reference numbers/letters of the consolidated balance sheet under the
		€ million	€ million	regulatory scope of consolidation (EU CC2)
Addit	ional Tier 1 (AT1) capital: instruments
3 0	C apital ins truments and the related s hare premium ac c ounts	220	220
3 1	of which: clas s ified as equity under applicable accounting s tandards	220	220
3 2	of which: clas s ified as liabilities under applicable accounting s tandards	-	-
3 3	A mount o f qualifying items referred t o i n A rtic le 484 (4 ) C RR and the related s hare premium ac c ounts s ubjec t to phas e out from A T 1	-	-
E U -3 3 a	A mount o f qualifying items referred t o i n A rtic le 4 9 4 a(1 ) C RR s ubjec t to phas e out from A T 1	-	-
E U -3 3 b	A mount o f qualifying items referred t o i n A rtic le 4 9 4 b(1 ) C RR s ubjec t to phas e out from A T 1	-	-
3 4	Q ualifying T ier 1 c apital inc luded in c ons olidated A T 1 c apital (inc luding minority interes ts not inc luded in row 5 ) is s ued by s ubs idiaries and held by third parties	-	-
3 5	of which: ins truments is s ued by s ubs idiaries s ubject to phas e out	-	-
36	Addit ional Tier 1 (AT1) capital before regulatory adjustments	220	220	(f)
Addit	ional Tier 1 (AT1) capital: regulatory adjustments
3 7	Direc t, indirec t and s ynthetic holdings b y a n ins titution o f own A T 1 ins truments (negative amount)	-	-
3 8	Direc t, indirec t and s ynthetic holdings o f the A T 1 ins truments o f financ ial s ec tor entities where thos e entities have rec iproc al c ros s holdings with the ins titution des igned t o inflate artific ially the own funds of the ins titution (negative amount)	-	-
3 9	Direc t, indirec t and s ynthetic holdings o f the A T 1 ins truments o f financ ial s ec tor entities where the ins titution does not have a s ignific ant inves tment i n thos e entities (amount above 10% thres hold and net of eligible s hort pos itions ) (negative amount)	-	-
4 0	Direc t, indirec t and s ynthetic holdings b y the ins titution o f the A T 1 ins truments o f financ ial s ec tor entities where the ins titution has a s ignific ant inves tment i n thos e entities (net o f eligible s hort pos itions ) (negative amount)	-	-

4 1	N ot applic able	-	-
4 2	Q ualifying T 2 deduc tions that exc eed the T 2 items o f the ins titution (negative amount)	-	-
4 2 a	O ther regulatory adjus tments to A T 1 c apital	-	-
43	Total regulatory adjustments to Addit ional Tier 1 (AT1) capital	-	-
44	Addit ional Tier 1 (AT1) capital	220	220

5.1 CRD Regulatory Capital (continued)

	EU CC1 - Composition of regulatory own funds
		(a)	(b)	(c )
		31 D ecember 2024 1	31 D ecember 2023 2	Source based on reference numbers/letters of the consolidated balance sheet under the
		€ million	€ million	regulatory scope of consolidation (EU CC2)
	Tier 2 (T2) capital: instruments
4 6	C apital ins truments and the related s hare premium ac c ounts	307	300
4 7	A mount o f qualifying items referred t o i n A rtic le 4 8 4 (5 ) C RR and the related s hare premium ac c ounts s ubjec t t o phas e out from T 2 a s des c ribed in A rtic le 4 8 6 (4 ) C RR	-	-
E U -4 7 a	A mount o f qualifying items referred t o i n A rtic le 4 9 4 a(2 ) C RR s ubjec t to phas e out from T 2	-	-
E U -4 7 b	A mount o f qualifying items referred t o i n A rtic le 4 9 4 b(2 ) C RR s ubjec t to phas e out from T 2	-	-
4 8	Q ualifying own funds ins truments inc luded i n c ons olidated T 2 c apital (inc luding minority interes ts and A T 1 ins truments not inc luded i n rows 5 or 3 4 ) is s ued by s ubs idiaries and held by third parties	-	-
4 9	of which: ins truments is s ued by s ubs idiaries s ubject to phas e out	-	-
5 0	C redit ris k adjus tments	-	-
51	Tier 2 (T2) capital before regulatory adjustments	307	300
	Tier 2 (T2) capital: regulatory adjustments
5 2	Direc t, indirec t and s ynthetic holdings b y a n ins titution o f own T 2 ins truments and s ubordinated loans (negative amount)	-	-
5 3	Direc t, indirec t and s ynthetic holdings o f the T 2 ins truments and s ubordinated loans of financ ial s ec tor entities where thos e entities have rec iproc al c ros s holdings with the ins titution des igned t o inflate artific ially the own funds of the ins titution (negative amount)	-	-
5 4	Direc t, indirec t and s ynthetic holdings o f the T 2 ins truments and s ubordinated loans o f financ ial s ec tor entities where the ins titution does not have a s ignific ant inves tment i n thos e entities (amount above 1 0% thres hold and net of eligible s hort pos itions ) (negative amount)	-	-
54a	N ot applic able	-	-
5 5	Direc t, indirec t and s ynthetic holdings b y the ins titution o f the T 2 ins truments and s ubordinated loans o f financ ial s ec tor entities where the ins titution has a s ignific ant inves tment i n thos e entities (net o f eligible s hort pos itions ) (negative amount)	-	-
5 6	N ot applic able	-	-
E U -5 6 a	Q ualifying eligible liabilities deduc tions that exc eed the eligible liabilities items of the ins titution (negative amount)	-	-
E U -5 6 b	O ther regulatory adjus tments to T 2 c apital	-	-
57	Total regulatory adjustments to Tier 2 (T2) capital	-	-
58	Tier 2 (T2) capital	307	300	(g)
59	Total capital (TC = T1 + T2)	2,603	2,318
60	Total Risk exposure amount	10,834	10,341

5.1 CRD Regulatory Capital (continued)

	EU CC1 - Composition of regulatory own funds
		(a)	(b)	(c )
		31 D ecember 2024 1	31 D ecember 2023 2	Source based on reference numbers/letters of the consolidated balance sheet under the
		%	%	regulatory scope of consolidation (EU CC2)
Capital rat	ios and requirements including buf f ers
6 1	C ommon E quity T ier 1 c apital	19.16%	17.39%
6 2	T ier 1 c apital	21.19%	19.51%
6 3	T otal c apital	24.02%	22.42%
6 4	I ns titution C E T 1 overall c apital requirements	11.34%	10.72%
6 5	of which: capital cons ervation buf fer requirement	2.50%	2.50%
6 6	of which: countercyclical capital buf fer requirement	0.92%	0.48%
6 7	of which: s ys temic ris k buf fer requirement	0.00%	0.00%
E U -6 7 a	of which: Global Sys temically Important I ns titution (G-SI I ) or Other Sys temically Important I ns titution (O-SI I ) buf fer requirement	1.88%	1.50%
E U -6 7 b	of which: additional own funds requirements t o addres s the ris ks other than the ris k of exces s ive leverage	1.55%	1.73%
6 8	Common Equity Tier 1 capital (as a percentage of risk exposure amount) available af ter meet ing the minimum capital requirements	13.11%	11.15%
Nat	ional minima (if dif f erent f rom Basel III)
6 9	N ot applic able	-	-
7 0	N ot applic able	-	-
7 1	N ot applic able	-	-
	Amounts below the thresholds for deduct ion (before risk weight ing)
7 2	Direc t and indirec t holdings of own funds and eligible liabilities of financ ial s ec tor entities where the ins titution does not have a s ignific ant inves tment in thos e entities (amount below 1 0% thres hold and net of eligible s hort pos itions )	1	2	(h)
7 3	Direc t and indirec t holdings b y the ins titution o f the C E T 1 ins truments o f financ ial s ec tor entities where the ins titution has a s ignific ant inves tment i n thos e entities (amount below 1 7 .6 5% thres holds and net of eligible s hort pos itions )	23	23	(i)6
7 4	N ot applic able	-	-
7 5	Deferred tax as s ets aris ing from temporary differenc es (amount below 1 7 .6 5% thres hold, net o f related tax liability where the c onditions i n A rtic le 3 8 (3 ) C RR are met)	12
	Applicable caps on the inclusion of provisions in Tier 2
7 6	C redit ris k adjus tments inc luded i n T 2 i n res pec t o f expos ures s ubjec t to s tandardis ed approac h (prior to the applic ation of the c ap)	-	-
7 7	C ap o n inc lus ion o f c redit ris k adjus tments i n T 2 under s tandardis ed approac h	-	-
7 8	C redit ris k adjus tments inc luded i n T 2 i n res pec t o f expos ures s ubjec t to internal ratings -bas ed approac h (prior to the applic ation of the c ap)	-	-
7 9	C ap for inc lus ion of c redit ris k adjus tments in T 2 under internal ratings - bas ed approac h	-	-
	Capital instruments subject to phase-out arrangements (only applicable between 1 January 2014 and 1 January 2022)
8 0	C urrent c ap on C E T 1 ins truments s ubjec t to phas e out arrangements	-	-
8 1	A mount exc luded from C E T 1 due t o c ap (exc es s over c ap after redemptions and maturities )	-	-
8 2	C urrent c ap on A T 1 ins truments s ubjec t to phas e out arrangements	-	-
8 3	A mount exc luded from A T 1 due t o c ap (exc es s over c ap after redemptions and maturities )	-	-
8 4	C urrent c ap on T 2 ins truments s ubjec t to phas e out arrangements	-	-
8 5	A mount exc luded from T 2 due t o c ap (exc es s over c ap after redemptions and maturities )	-	-

5.1 CRD Regulatory Capital (continued)

EU CC1 - Composition of regulatory own funds

Notes:

1. Amounts and ratios include profits for the year ended 31 December 2024 net of a deduction for a distribution in respect of 2024 earnings of €241 million, following relevant recommendation by the Board of Directors to the shareholders for a final cash dividend of €211 million and approval by the Board of Directors to undertake a share buyback of ordinary shares of the Company for an aggregate consideration of up to €30 million and in compliance with the terms of the ECB approval, as disclosed in subsection 'Distributions' of Section 5.1 CRD Regulatory Capital. Group's adjusted recurring profitability is defined as the Group's profit after tax before non-recurring items (attributable to the owners of the Company) taking into account distributions under other equity instruments, such as the AT1 coupon.
1. Amounts and ratios include profits for the year ended 31 December 2023 and a deduction for a distribution in respect of 2023 earnings of €137 million, following approval received by the ECB in March 2024 and relevant recommendation by the Board of Directors to the shareholders for a final cash dividend of €112 million and approval by the Board to undertake a share buyback of ordinary shares of the Company for an aggregate consideration of up to €25 million and in compliance with the terms of the ECB approval. The proposed final dividend was declared at the AGM which was held on 17 May 2024 and was paid in cash on 14 June 2024. As at 29 November 2024, the share buyback was successfully completed, resulting in the Company repurchasing 5,698 thousand ordinary shares. All shares bought back were cancelled.
1. No restrictions apply on the items listed above for the purpose of the calculation of own funds in accordance with the CRR. It should be noted that on the basis of Article 26(i) of the CRR and the EBA guidelines on prudent valuations, a part of the fixed assets revaluation reserve (31 December 2024: c.€33 million, 31 December 2023: c.€33 million) is not allowed to be included in CET1 capital.
1. The amount reported in line 7, in addition to Additional Value Adjustments includes prudential charges relating to specific credits.
1. As at 31 December 2024 an amount of c.€15 million was not deducted from CET1 capital as a result of the revised rules of CRR II on the prudential treatment of software assets (31 December 2023: c.€15 million)
1. The corresponding reference in the balance sheet also includes holdings which are not CET1 instruments of financial sector entities where the institution has a significant investment in those entities (amount below 17.65% thresholds and net of eligible short positions).

5.1 CRD Regulatory Capital (continued)

The primary objective of the Group's capital management is to ensure compliance with the relevant regulatory capital requirements and to maintain healthy capital adequacy ratios to cover the risks of its business, support its strategy and maximise shareholders' value.

The capital adequacy framework, as in force, was incorporated through the Capital Requirements Regulation (CRR) and CRD which came into effect on 1 January 2014 with certain specified provisions implemented gradually. The CRR and CRD transposed the new capital, liquidity and leverage standards of Basel III into the European Union's legal framework. CRR establishes the prudential requirements for capital, liquidity and leverage for credit institutions. It is directly applicable in all EU member states. CRD governs access to deposit-taking activities and internal governance arrangements including remuneration, board composition and transparency. Unlike the CRR, member states were required to transpose the CRD into national law and national regulators were allowed to impose additional capital buffer requirements.

On 27 June 2019, the revised rules on capital and liquidity (Regulation (EU) 2019/876 (CRD V) and Directive (EU) 2019/878) came into force. As an amending regulation, the existing provisions of CRR apply, unless they are amended by CRR II. Certain provisions took immediate effect (primarily relating to MREL), but most changes became effective as of June 2021. The key changes introduced consist of, among others, implementation of the new counterparty credit risk approaches, changes in the calculation of RWA for investments in collective investment undertakings (CIUs), changes to qualifying criteria for CET1, AT1 and T2 instruments, introduction of requirements for MREL and a binding Leverage Ratio requirement (as defined in the CRR) and a Net Stable Funding Ratio (NSFR).

The amendments that came into effect on 28 June 2021 are in addition to those introduced in June 2020 through Regulation (EU) 2020/873, which among other brought forward certain CRR II changes in light of the COVID 19 pandemic. The main adjustments of Regulation (EU) 2020/873 that had an impact on the Group's capital ratio relate to the acceleration of the implementation of the new SME discount factor (lower RWAs), extending the IFRS 9 transitional arrangements and introducing further relief measures to CET1 allowing to fully add back to CET1 any increase in Expected Credit Losses (ECL) recognised in 2020 and 2021 for non-credit impaired financial assets and phasing in this starting from 2022 (phasing in at 25% in 2022, 50% in 2023 and 75% in 2024) and advancing the application of prudential treatment of software assets as amended by CRR II (which came into force in December 2020).

In October 2021, the European Commission adopted legislative proposals for further amendments to CRR, CRD and the BRRD (the "2021 Banking Package"). Amongst other things, the 2021 Banking Package would implement certain elements of Basel III that had not yet been transposed into EU law. The 2021 Banking Package included:

a proposal for a Regulation ( 'CRR III') to make amendments to CRR with regards to (amongst other things) requirements on credit risk, credit valuation adjustment risk, operational risk, market risk and the output floor;
a proposal for a Directive ("CRD VI") to make amendments to CRD with regards to (amongst other things) requirements on supervisory powers, sanctions, third-country branches and ESG risks; and
a proposal for a Regulation to make amendments to CRR and the BRRD with regards to (amongst other things) requirements on the prudential treatment of G-SII groups with a multiple point of entry resolution strategy and a methodology for the indirect subscription of instruments eligible for meeting the MREL requirements.

5.1 CRD Regulatory Capital (continued)

In the case of the proposed amendments to CRD and the BRRD, their terms and effect will depend, in part, on how they are transposed in each member state.

In December 2023 the preparatory bodies of the Council and European Parliament endorsed the amendments to the CRR and the CRD and the legal texts were published on the Council and the Parliament websites. In April 2024, the European Parliament voted to adopt the amendments to the CRR and the CRD; Regulation (EU) 2024/1623 (known as CRR III) and Directive (EU) 2024/1619 (known as CRD VI) were published in the EU's official journal in June 2024, with entry into force 20 days from the date of the publication. Most provisions of the CRR III have become effective on 1 January 2025 with certain measures subject to transitional arrangements or to be phased in over time. Member states shall adopt and publish, by 10 January 2026, the laws, regulations and administrative provisions necessary to comply with CRD VI and shall apply most of those measures by 11 January 2026.

During the year ended 31 December 2024, the regulatory CET1 ratio was mainly affected by pre-provision income, provisions and impairments, the payment of AT1 coupon, other movements and the movement in risk-weighted assets. The CET1 ratio is also impacted by the deductions for distribution in respect of 2024 earnings and charges in line with the applicable framework.

As a result of the above, the CET1 ratio has increased by 177 bps during the year.

Prudential filters and deductions

Prudential filters

The Group capital, in accordance with CRR Article 34 is subject to the prudential filter of additional value adjustments for assets measured at fair value. These adjustments are deductible from CET1 capital. As such, Additional Valuation Adjustments (AVA) relating to assets and liabilities measured at fair value are deducted from CET1 capital in accordance with the Commission Delegated Regulation (EU) 2016/101. Under the Commission Delegated Regulation (EU) 2016/101, the Group satisfies the conditions for using the simplified approach. The AVA deduction for 2024 and 2023 is reported within the Additional Value Adjustments line 7 in the tables above.

For the year ended 31 December 2024 and the year ended 31 December 2023 the Group deducted from CET1 prudential charges relating to specific credits. The deduction amounted to c.€46 million as at 31 December 2024 and to c.€90 million as at 31 December 2023. The amount includes a prudential charge in relation to the ECB's onsite inspection and review on the value of the Group's foreclosed assets which is being directly deducted from own funds since 30 June 2021. The impact of this prudential charge was 3 bps on the Group's CET1 ratio as at 31 December 2024 and 12 bps on the Group's CET1 ratio as at 31 December 2023. In addition, the Group is subject to increased capital requirements in relation to its real estate repossessed portfolio which follow a SREP provision to ensure minimum capital levels retained on long-term holdings of real estate assets, with such requirements being dynamic by reference to the in-scope REMU assets remaining on the balance sheet of the Group and the value of such assets. As at 31 December 2024 the impact of these requirements was 51 bps on the Group's CET1 ratio compared to 24 bps as at 31 December 2023. The abovementioned requirements are within the capital plans of the Group and incorporated within its capital projections.

The prudential filters of Articles 32 and 33 of the CRR are not applicable to the Group.

Deductions from own funds

The following items which are deductible from CET1 capital in accordance with Article 36 of the CRR are as follows:

• Intangible assets, which include mainly computer software, were deducted from CET1 capital as per CRR provisions (Article 36(1) (b)). The amount deducted in 2024 and 2023 is reported within the 'Intangible assets' line 8 in the tables above. In December 2020 the revised rules on the prudential treatment of software assets as amended by CRR II came into force, under which, EU banks no longer have to fully deduct prudently valued software and IT systems from CET1 capital.

5.1 CRD Regulatory Capital (continued)

• The Group's Insurance business is deconsolidated for regulatory capital purposes and replaced by the amount of the Group's investment in insurance entities. In line with the CRR provisions (Articles 47 and 48) and subject to the transitional arrangements, the excess of 10% of CET1 is deducted from the capital (shown as 'Direct, indirect and synthetic holdings by the institution of the CET1 instruments of financial sector entities where the Group has a significant investment in those entities' in the tables above) and the amount of less than 10% is risk-weighted at 250%. In addition, as at 31 December 2024 the Group had deferred tax assets arising from temporary differences (amount below 17.65% threshold, net of related tax liability where the conditions in Article 38 (3) CRR are met) and the amount was risk-weighted at 250% (reported in line 75 in the tables above).

Moreover, as of 30 September 2023, the amount relating to ECB's prudential provisioning expectations is deducted from CET1 capital (Article 3 of the CRR) and has been eliminated from the Pillar II SREP capital requirements on 1 January 2024. This deduction amounted to c.€28 million as at 31 December 2024 and c.€33 million as at 31 December 2023, and is reported within the 'Other regulatory adjustments' line 27a in the tables above.

In addition, during 2024 and 2023, the Group deducted from CET1 a prudential charge relating to specific credits as mentioned above.

There are no deductions from the T2 capital under Article 66 of the CRR.

There are no deductions from the AT1 capital under Article 56 of the CRR.

Items not deducted from own funds

There are no items which are not deducted from own funds under Articles 56, 66 and 79 of the CRR.

IFRS 9 Financial Instruments and CRR Article 468

Please refer to the disclosures in Section 6.3.

Issued share capital

		2024	2023
	Number of € million shares (million)		Number of shares (million)	€ million
Authorised
Ordinary shares of €0.10 each	10,000	1,000	10,000	1,000
Issued
1 January	446	45	446	45
Share bayback - repurchase and cancellation of shares	(6)	(1)	-	-
1 January and 31 December	440	44	446	45

Authorised and issued share capital

All issued ordinary shares carry the same rights.

The authorised capital of the Company is €1,000,000 thousand divided into 10,000,000 thousand ordinary shares of a nominal value €0.10 each. There were no changes to the authorised share capital during the year ended 31 December 2024 and 2023.

5.1 CRD Regulatory Capital (continued)

As of 31 December 2024, the Company had 440,502 thousand issued shares (2023: 446,200 thousand issued shares) of a nominal value of €0.10 each. During the year ended 31 December 2024, the number of shares issued decreased by 5,698 thousand shares and the value of the issued share capital decreased by €570 thousand, as shares were repurchased and cancelled under the share repurchase program. As a result, an equivalent amount of €570 thousand has been transferred to the Company's capital redemption reserve by 31 December 2024.

Share premium reserve

There were no changes to the share premium reserve during the year ended 31 December 2024 and 2023.

Share repurchase programme (Buyback)

In April 2024, the Group launched its inaugural programme to buy back ordinary shares of the Company for an aggregate consideration of up to €25 million (the 'Programme'). The purpose of the Programme was to reduce the Company's issued share capital and therefore the shares purchased under the Programme were cancelled. On 29 November 2024 the Programme has been completed. 5,698 thousand shares were repurchased and cancelled under the Programme at a total consideration (including transaction costs) of €25,090 thousand.

Capital redemption reserve

The capital redemption reserve is a legal reserve arising as a result of the acquisition and cancellation of the Company's ordinary shares under the buyback programme and represents transfers from share capital. The capital redemption reserve is not distributable. As at 31 December 2024, the capital redemption reserve amounted to €570 thousand representing 5,698 thousand shares in the Company which have been cancelled as a result of the buyback programme

Treasury shares of the Company

The consideration paid, including any directly attributable incremental costs (net of income taxes), for shares of the Company held by the Company and by entities controlled by the Group is deducted from equity attributable to the owners of the Company as treasury shares, until these shares are cancelled or reissued. No gain or loss is recognised in the consolidated income statement on the purchase, sale, issue or cancellation of such shares.

The life insurance subsidiary of the Group, as at 31 December 2024, held a total of 142 thousand ordinary shares of the Company of a nominal value of €0.10 each (2023: 142 thousand ordinary shares of a nominal value of €0.10 each), as part of its financial assets which are invested for the benefit of insurance policyholders. The cost of acquisition of these shares was €21,463 thousand (2023: €21,463 thousand).

Distributions

Based on the relevant SREP decisions applicable in the years 2023 and 2024, any equity dividend distribution was subject to regulatory approval, both for the Company and BOC PCL. The requirement for approval did not apply if the distributions were made via the issuance of new ordinary shares to the shareholders which were eligible as Common Equity Tier 1 Capital nor to the payment of coupons on any AT1 capital instruments issued by the Company or BOC PCL. Following the SREP decision received in December 2024 the requirement for approval was lifted effective from 1 January 2025.

In March 2024, the Company obtained the approval of the European Central Bank to pay a cash dividend and to conduct a share buyback (together the '2023 Distribution') in respect of earnings for the year ended 31 December 2023. The 2023 Distribution amounted to €137 million in total, comprising a cash dividend of €112 million and a share buyback of up to €25 million. The AGM, on 17 May 2024, approved a final cash dividend of €0.25 per ordinary share in respect of earnings for the year ended 31 December 2023.

In April 2023, the Company obtained the approval of the ECB to pay a dividend in respect of earnings for the year ended 31 December 2022. The AGM, on 26 May 2023, declared a final cash dividend of €0.05 per ordinary share in respect of earnings for the year ended 31 December 2022. The dividend amounted to €22 million in total.

5.2 Summary of the terms and conditions of Capital Resources

The capital base of the Group for regulatory purposes consists of ordinary shares (CET1 instruments) and AT1 and T2 instruments.

Group CET1 instruments consist only of ordinary shares (Sections 5.1 and 5.3).

Other equity instruments

2023 Reset Perpetual AT1 Capital Securities

In June 2023, the Company issued €220,000 thousand Fixed Rate Reset Perpetual AT1 Capital Securities (the 'Capital Securities'). The Capital Securities constitute unsecured and subordinated obligations of the Company, are perpetual and issued at par. They carry an initial coupon of 11.875% per annum, payable semi-annually, and resettable on 21 December 2028 and every five years thereafter. The Company may elect to cancel any interest payment for an unlimited period, on a non-cumulative basis, whereas it mandatorily cancels interest payment under certain conditions. The Capital Securities are perpetual and have no fixed date of redemption but can be redeemed (in whole but not in part) at the Company's option from, and including, 21 June 2028 to, and including, 21 December 2028 and on each interest payment date thereafter, subject to applicable regulatory consents and the relevant conditions to redemption. The Capital Securities are listed on the Luxembourg Stock Exchange's Euro Multilateral Trading Facility (MTF) market.

The full terms and conditions of the AT1 Capital Securities are presented in Section 5.3.

For financial reporting purposes AT1 is classified as other equity instrument within equity and the coupon payments are recognised in retained earnings.

Subordinated Liabilities

Subordinated Tier 2 Capital Note - April 2021

In April 2021, BOCH issued a €300 million unsecured and subordinated Tier 2 Capital Note under the Euro Medium Term Note (EMTN) Programme. The note was priced at par with a coupon of 6.625% per annum payable annually in arrears and resettable on 23 October 2026 at the then prevailing 5-year swap rate plus a margin of 6.902% per annum up to 23 October 2031, payable annually. The note matures on 23 October 2031. BOCH has the option to redeem the note early on any day during the six-month period from 23 April 2026 to 23 October 2026, subject to applicable regulatory consents. The note is listed on the Luxembourg Stock Exchange's Euro MTF market. The full terms and conditions of the Note are presented in Section 5.3.

Debt securities in issue

Senior Preferred Notes - June 2021

In June 2021, BOC PCL issued a €300 million senior preferred note under the EMTN Programme. The note was priced at par with a fixed coupon of 2.50% per annum, payable annually in arrears and resettable on 24 June 2026. The note matures on 24 June 2027. BOC PCL has the option to redeem the note early on 24 June 2026, subject to applicable regulatory consents. The note is listed on the Luxembourg Stock Exchange's Euro MTF market. The note complies with the criteria for the minimum requirement for own funds and eligible liabilities (MREL) and contributes towards BOC PCL's MREL requirements.

Senior Preferred Notes - July 2023

In July 2023, BOC PCL issued a €350 million senior preferred note under the EMTN Programme. The note was priced at par with a fixed coupon of 7.375% per annum, payable annually in arrears and resettable on 25 July 2027. The note matures on 25 July 2028. BOC PCL has the option to redeem the note early on 25 July 2027, subject to applicable regulatory consents. The note is listed on the Luxembourg Stock Exchange's Euro MTF market. The note complies with the criteria for the minimum requirement for own funds and eligible liabilities (MREL) and contributes towards BOC PCL's MREL requirements.

5.2 Summary of the terms and conditions of Capital Resources (continued)

Green Senior Preferred Notes - May 2024

In May 2024, BOC PCL issued a €300 million green senior preferred note under the EMTN Programme. The note was priced at par with a fixed coupon of 5.00% per annum, payable annually in arrear and resettable on 2 May 2028. The note matures on 2 May 2029. BOC PCL has the option to redeem the note early on 2 May 2028, subject to applicable regulatory consents. The note is listed on the Luxembourg Stock Exchange's Euro MTF market. The note complies with the criteria for the minimum requirement for own funds and eligible liabilities (MREL) and contributes towards BOC PCL's MREL requirements.

Debt securities in issue and subordinated liabilities are initially measured at the fair value of the consideration received, net of any issue costs. They are subsequently measured at amortised cost using the effective interest rate method, in order to amortise the difference between the cost at inception and the redemption value, over the period to the earliest date that the Group has the right to redeem those instruments. Interest on debt securities in issue and subordinated liabilities is included in 'Interest expense' in the consolidated income statement.

5.3 Full terms and conditions of regulatory own funds instruments and eligible liabilities instruments

The main features of the Group CET1 instruments (ordinary shares), AT1 and T2 instruments and eligible liabilities instruments are presented in Appendix III. No restrictions apply on these instruments for the purpose of the calculation of the own funds in accordance with the CRR.

AT1 instruments

In June 2023, the Company issued €220 million Fixed Rate Reset Perpetual AT1 Capital Securities.

The main features of the AT1 are presented in Appendix III.

The listing particulars and detailed information on the terms and conditions of the AT1 are available published on the website www.luxse.com/security/XS2638438510/381755.

Tier 2 instruments

In April 2021, BOCH issued a €300 million unsecured and subordinated Tier 2 Capital Note under the EMTN Programme.

The main features of the subordinated Tier 2 Capital Note are presented in Appendix III.

The listing particulars and detailed information on the terms and conditions of the T2 instrument is published on the website www.luxse.com/security/XS2333239692/335184.

Debt securities in issue

The main features of the senior preferred notes are presented in Appendix III.

The listing particulars and detailed information on the terms and conditions of the Senior Preferred Notes - June 2021 is published on the website www.luxse.com/security/XS2355059168/338796.

The listing particulars and detailed information on the terms and conditions of the Senior Preferred Notes - July 2023 is published on the website www.luxse.com/security/XS2648493570/384481.

The listing particulars and detailed information on the terms and conditions of the Green Senior Preferred Notes – May 2024 is published on the website www.luxse.com/security/XS2801451571/401903.

5.4 Minimum Requirement for Own Funds and Eligible Liabilities (MREL)

The Bank Recovery and Resolution Directive (BRRD) requires that from January 2016 EU member states shall apply the BRRD's provisions requiring EU credit institutions and certain investment firms to maintain an MREL, subject to the provisions of the Commission Delegated Regulation (EU) 2016/1450. On 27 June 2019, as part of the reform package for strengthening the resilience and resolvability of European banks, the BRRD II was transposed and implemented in Cyprus law in May 2021. In addition, certain provisions on MREL have been introduced in CRR ΙΙ which also came into force on 27 June 2019 as part of the reform package and were immediately effective.

Bank of Cyprus Public Company Limited (BOC PCL) as a resolution entity, is also within the scope of Regulation (EU) 806/2014 establishing uniform rules and a uniform procedure for the resolution of credit institutions and certain investment firms in the framework of a Single Resolution Mechanism and a Single Resolution Fund and is subject to the Single Resolution Board's obligation to determine MREL.

In January 2024, the Bank received final notification from the SRB regarding the 2024 MREL decision, by which the MREL requirement was set at 25.00% of risk weighted assets (or 30.30% of risk weighted assets taking into account the prevailing CBR as at 31 December 2024 which needs to be met with own funds on top of the MREL) and 5.91% of Leverage Ratio Exposure ('LRE' as defined in the CRR) and had to be met by 31 December 2024.

In January 2025, the Bank received final notification from the SRB regarding the 2025 MREL decision, by which the MREL requirement is now set at 23.85% of risk weighted assets (or 29.21% of risk weighted assets taking into account the prevailing CBR as at 1 January 2025 which needs to be met with own funds on top of the MREL) and 5.91% of LRE. The revised MREL requirements became binding with immediate effect.

The Bank must comply with the MREL requirement at the consolidated level, comprising the Bank and its subsidiaries.

5.4 Minimum Requirement for Own Funds and Eligible Liabilities (MREL) (continued)

EU KM2 - Key metrics - MREL and, where applicable, G-SII requirement for own funds and eligible liabilities

		a	b	c	d	e	f
31 December 2024		Minimum requirement for own funds and eligible liabilities (MREL)			G-SII Requirement for own funds and eligible liabilities (TLAC)
		31/12/2024	31/12/2024	30/09/2024	30/06/2024	31/03/2024	31/12/2023
	Own funds and eligible liabilities, ratios and components
1	Own funds and eligible liabilities (€ million)	3,653	-		- -		- -
EU-1a	Of which own funds and subordinated liabilities (€ million)	2,607
2	Total risk exposure amount of the resolution group (TREA) (€ million)	10,836	-		- -		- -
3	Own funds and eligible liabilities as a percentage of the TREA	33.71%	-		- -		- -
EU-3a	Of which own funds and subordinated liabilities	24.06%
4	Total exposure measure (TEM) of the resolution group (€ million)	26,223	-		- -		- -
5	Own funds and eligible liabilities as percentage of the TEM	13.93%	-		- -		- -
EU-5a	Of which own funds or subordinated liabilities	9.94%
6a	Does the subordination exemption in Article 72b(4) of Regulation (EU) No 575/2013 apply? (5% exemption)		-		- -		- -
6b	Aggregate amount of permitted non-subordinated eligible liabilities instruments if the subordination discretion in accordance with Article 72b(3) of Regulation (EU) No 575/2013 is applied (max 3.5% exemption)		-		- -		- -
6c	If a capped subordination exemption applies in accordance with Article 72b (3) of Regulation (EU) No 575/2013, the amount of funding issued that ranks pari passu with excluded liabilities and that is recognised under row 1, divided by funding issued that ranks pari passu with excluded liabilities and that would be recognised under row 1 if no cap was applied (%)		-		- -		- -
	Minimum requirement for own funds and eligible liabilities (MREL)
EU-7	MREL expressed as a percentage of the TREA	25%
EU-8	Of which to be met with own funds or subordinated liabilities	n/a
EU-9	MREL expressed as a percentage of the TEM	5.91%
EU-10	Of which to be met with own funds or subordinated liabilities	n/a

5.4 Minimum Requirement for own funds and Eligible Liabilities (MREL) (continued)

EU TLAC1 - Composition - MREL and, where applicable, G-SII Requirement for own funds and eligible liabilities

		a	b	c
	31 December 2024	Minimum requirement for own funds and eligible liabilities (MREL)	G-SII requirement for own funds and eligible liabilities (TLAC)	Memo item: Amounts eligible for the purposes of MREL, but not of TLAC
		€ million	€ million	€ million
	Own funds and eligible liabilities and adjustments
1	Common Equity Tier 1 capital (CET1)	2,079	-	-
2	Additional Tier 1 capital (AT1)	220	-	-
3	Empty set in the EU
4	Empty set in the EU
5	Empty set in the EU
6	Tier 2 capital (T2)	308	-	-
7	Empty set in the EU
8	Empty set in the EU
11	Own funds for the purpose of Articles 92a of Regulation	2,607	-	-
	(EU) No 575/2013 and 45 of Directive 2014/59/EU
	Own funds and eligible liabilities: Non-regulatory capital elements
12	Eligible liabilities instruments issued directly by the resolution entity that are subordinated to excluded liabilities (not grandfathered)	-	-	-
EU-12a	Eligible liabilities instruments issued by other entities within the resolution group that are subordinated to excluded liabilities (not grandfathered)	-	-	-
EU-12b	Eligible liabilities instruments that are subordinated to excluded liabilities issued prior to 27 June 2019 (subordinated grandfathered)	-	-	-
EU-12c	Tier 2 instruments with a residual maturity of at least one year to the extent they do not qualify as Tier 2 items	-	-	-
13	Eligible liabilities that are not subordinated to excluded liabilities (not grandfathered pre-cap) Eligible liabilities that are not subordinated to excluded	950	-	-
EU-13a	liabilities issued prior to 27 June 2019 (pre-cap)	96	-	-
14	Amount of non subordinated eligible liabilities instruments, where applicable after application of Article 72b (3) CRR	1,046	-	-
15	Empty set in the EU
16	Empty set in the EU
17	Eligible liabilities items before adjustments	1,046	-	-
EU-17a	Of which subordinated liabilities items	-	-	-
	Own funds and eligible liabilities: Adjustments to non-regulatory capital elements
18	Own funds and eligible liabilities items before adjustments (Deduction of exposures between multiple point of entry	3,653	-	-
19	(MPE) resolution groups) (Deduction of investments in other eligible liabilities		-
20	instruments)	-	-
21	Empty set in the EU
22	Own funds and eligible liabilities after adjustments	3,653	-	-
EU-22a	Of which: own funds and subordinated liabilities	2,607
	Risk-weighted exposure amount and leverage exposure measure of the resolution group
23	Total risk exposure amount (TREA)	10,836	-	-
24	Total exposure measure (TEM)	26,223	-	-
	Ratio of own funds and eligible liabilities
25	Own funds and eligible liabilities as a percentage of TREA	33.71%	-	-
EU-25a	Of which own funds and subordinated liabilities	24.06%
26	Own funds and eligible liabilities as a percentage of TEM	13.93%	-	-
EU-26a	Of which own funds and subordinated liabilities	9.94%
27	CET1 (as a percentage of the TREA) available after meeting the resolution group's requirements	8.71%	-
28	Institution-specific combined buffer requirement		-
29	of which capital conservation buffer requirement		-
30	of which countercyclical buffer requirement		-
31	of which systemic risk buffer requirement		-
EU-31a	of which Global Systemically Important Institution (G SII) or Other Systemically Important Institution (O-SII) buffer		-
	Memorandum items
EU-32	Total amount of excluded liabilities referred to in Article 72a(2) of Regulation (EU) No 575/2013		-

5.4 Minimum Requirement for own funds and Eligible Liabilities (MREL) (continued)

EU TLAC3b: Creditor ranking - resolution entity

	EU TLAC3b: Creditor ranking - resolution entity
		a	b	c	d	e	f	g	h	i	j	k	l	m	e
	31 December 2024	Insolvency ranking
		1	2	3	4	5	6	7	8	9	1 0	1 1	1 3	1 4	Sum of 1 to 14
		(most junior)												(most senior)
1	Description of insolvency rank (free text)	Common Equity Tier 1 (CET1)	Additional	Tier 1 (AT1) Tier 2 (T2)	Debts or claims from subordinated debt instruments except for T2 and AT1 claims									Rank 51 Rank 62 Rank 73 Rank 84 Rank 95 Rank 106 Rank 117 Rank 138 Rank 149
2	Empty set in the EU
3	Empty set in the EU
4	Empty set in the EU
5	Own funds and liabilities potentially eligible for meeting MREL	2,016	220	308	-	-	1,046	-	-		- -	-	-	-	3,590
6	of which residual maturity ≥ 1 year < 2 years	-	-	308	-	-	329	-	-	-	-	-	-	-	637
7	of which residual maturity ≥ 2 year < 5 years	-	-	-	-	-	706	-	-	-	-	-	-	-	706
8	of which residual maturity ≥ 5 years < 10 years	-	-	-	-	-	11	-	-	-	-	-	-	-	11
9	of which residual maturity ≥ 10 years, but excluding perpetual securities	-	-	-	-	-	-	-	-	-	-	-	-	-	-
10	of which perpetual securities	2,016	220	-	-	-	-	-	-	-	-	-	-	-	2,236

5.4 Minimum Requirement for own funds and Eligible Liabilities (MREL) (continued)

Notes:

1. Unsecured claims resulting from debt instruments that cumulatively meet the following conditions:
2. i. the original contractual maturity of the debt instruments is of at least one year,
3. ii. the debt instruments contain no embedded derivatives and are not derivatives themselves (debt instruments with variable interest, derived from a broadly used reference rate and debt instruments not denominated in the domestic currency of the issuer, provided that principal, repayment and interest are denominated in the same currency, are not considered debt instruments containing embedded derivatives solely because of those features),
4. iii. the relevant contractual documentation and, where applicable, the prospectus related to the issuance, explicitly refer to the lower ranking.
1. Ordinary unsecured claims, against:
2. i. Authorised Credit Institutions,
3. ii. Authorised Credit Institutions which are branches of third country institutions, in accordance with the special conditions set out in Part IX of the Resolution Law,
4. iii. financial institutions that are established in the Union when the financial institution is a subsidiary of a credit institution, or of a company referred to in subparagraph (ii) or (iii), and is covered by the supervision of the parent undertaking on a consolidated basis in accordance with Articles 6 to 17 of Regulation (EU) No 575/2013,
5. iv. financial holding companies, mixed financial holding companies and mixed activity holding companies that are established in the Republic,
6. v. parent financial holding companies established in the Republic, parent financial holding companies established in the EU, parent mixed financial holding companies established in the EU, including claims from derivatives, as well as claims from debt instruments, excluding the claims from debt instruments referred to in categories CY5, CY4, CY3 and CY2 above.
1. The following with the same priority ranking:
2. i. other deposits,
3. ii. claims from trade creditor or supplier, associated with the provision of goods and services to the institution or to the person concerned for the daily functioning of its operations, including common IT services, as well as rental, care and maintenance of installations.
1. The following with the same priority ranking:
2. i. that part of eligible deposits from natural persons and micro, small and medium-sized enterprises which exceeds the coverage level provided for in the Regulations 8 and 9 of the Deposit Guarantee and Resolution of Credit and Other Institutions Scheme,
3. ii. deposits from natural persons, micro, small and medium–sized enterprises that would be eligible deposits if they were not made through branches located outside the European Union of ACIs established in the European Union.
1. The following with the same priority ranking:
2. i. covered deposits,
3. ii. the deposit guarantee scheme that restores the rights and obligations of the covered depositors in the case of insolvency.
1. Necessary and reasonable expenses of the liquidator or the special liquidator, including business expenses during the application of the provisions of the liquidation or the special liquidation, accordingly.
1. Claims resulting from credits granted by the Central Bank before the appointment of a liquidator or a special liquidator.
1. Debts or claims secured by a charge on the assets of the ACI up to the amount resulting from the liquidation of the collateral or the guarantee is delivered to the beneficiary creditor.
1. The following with the same priority ranking:
2. i. Preferential debts, pursuant to Section 300 (1) & (2) of the Companies Law,
3. ii. Resolution expenses of the National Resolution Authority (NRA) and National Resolution Fund, pursuant to Section 45(7)(b) of Resolution Law,
4. iii. Resolution expenses to the SRB, pursuant to Article 22(6) of the SRM.

6. Own Funds Requirements and Risk Weight Assets

6.1 Minimum Required Own Funds for Credit, Market and Operational Risk Group's approach to assessing the adequacy of its internal capital

The Group assesses its capital requirements taking into consideration its regulatory requirements, risk profile and risk appetite set by the Board. A Financial Plan (Plan) is annually prepared, revising the financial forecasts and capital projections over a three-year (as a minimum) horizon in light of recent developments and it is approved by the Board. The Plan takes into account the Group key strategic pillars and RAF. The Plan is rolled forward on a quarterly basis after taking into account the actual results of each quarter.

The Group capital projections are developed with the objective of maintaining capital that is adequate in quantity and quality to support the Group's risk profile, regulatory and business needs. These are frequently monitored against relevant internal target capital ratios to ensure they remain appropriate, and consider risks to the plan, including possible future regulatory changes. An internal assessment of the Group's capital adequacy is undertaken through the ICAAP (Section 3.1.16).

The main strategic and business risks are monitored regularly by the EXCO, the ALCO and the RC. These committees receive regular reports on risk and performance indicators, from relevant managers and make decisions to ensure adherence to the Group's strategic objective, while remaining within the Group RAS.

The key pillars of the Group's strategy are:

Driving new growth initiatives in both banking and non-banking areas (such as international and digital) to complement the strength of the domestic franchise whilst managing the current interest rate headwinds;
Maintaining a lean operating model via ongoing cost management discipline while continuing to reinvest in the business;
Protecting the quality of the balance sheet with continuous meticulous underwriting standards to ensure asset quality in line with European sector;
Providing attractive shareholder returns in line with European sector with focus on prudent management of surplus capital and value creation;
Leading the transition of Cyprus to a sustainable future and building a forward-looking organisation embracing ESG in all aspects.

As of 1 January 2018, the RWAs are reported on an IFRS 9 transitional basis under article 473(a) of the CRR by which until 27 June 2020 provisions amounts are decreased by an appropriate ratio. As of 27 June 2020, following the amendment of the CRR, the IFRS 9 amount added back to CET1 capital is included as an exposure to "Other Items" and risk weighted at 100%. Both approaches create higher exposures compared to the actual balance sheet values and as a result comparatively higher RWAs and capital requirements. The IFRS 9 transitional basis effect for the "static component" was phased out on 1 January 2023 and for the "dynamic component" will be phased out by 1 January 2025. Furthermore, as of 27 June 2020 the RWA of debt securities are reported on a transitional basis under article 468 of the CRR by which provision amounts are decreased by the amount that is added back to CET1 capital. The transitional basis effect was phased out on 1 January 2023. Further information is disclosed in Section 6.3.

The Standardised Approach has been applied to calculate the Risk Weighted Assets (RWAs) across all risks and minimum capital requirements are calculated as 8% of the RWAs. The total capital requirement increased in 2024 (€867 million) in comparison to 2023 (€827 million) with the main drivers being the increase in operational risk RWAs due to higher income, the increase in placements with banks and the overall increase of loans to customer advances partly offset by decreases in other assets related exposures (such as investment properties and Deferred Tax Asset (DTA)) and the decrease in the portfolio of investments, mainly assigned to lower risk weight classes (such as Central governments and Covered bonds) and IFRS 9 phasing in on 1 January 2024. Credit Risk RWAs continue to be the main component of minimum capital requirements. The table below presents the RWA and capital requirements under each regulatory framework.

6.1 Minimum Required Own Funds for Credit, Market and Operational Risk Group's approach to assessing the adequacy of its internal capital (continued)

EU OV1 – Overview of total risk exposure amounts

		a	b	c
			Risk weighted exposure amounts (RWEAs)	Total own f unds requirements
		31 December 2024	30 September 2024	31 December 2024
		€ million	€ million	€ million
1	C redit ris k (exc luding C C R)	9 ,1 4 6	9 ,0 8 9	732
2	Of which the s tandardis ed approach	9,146	9,089	732
3	Of which the Foundation IRB (F-IRB) approach	-	-	-
4	Of which: s lotting approach	-	-	-
	Of which: equities under the s imple
EU 4a	ris kweighted approach	-	-	-
5	Of which the Advanced IRB (A-IRB) approach	-	-	-
6	C ounterparty c redit ris k - C C R	26	25	2
7	Of which the s tandardis ed approach	4	3	-
8	Of which internal model method (IMM)	-	-	-
EU 8a	Of which expos ures to a CCP	2	-	-
EU 8b	Of which credit valuation adjus tment - CVA	9	10	1
9	Of which other CCR	11	12	-
1 0	N ot applic able	-	-	-
1 1	N ot applic able	-	-	-
1 2	N ot applic able	-	-	-
1 3	N ot applic able	-	-	-
1 4	N ot applic able	-	-	-
1 5	Settlement ris k	-	-	-
	Sec uritis ation expos ures in the non- trading
1 6	book (after the c ap)	-	-	-
1 7	Of which SEC-IRBA approach	-	-	-
1 8	Of which SEC-ERBA (including IAA)	-	-	-
1 9	Of which SEC-SA approach	-	-	-
EU 19a	Of which 1250%/ deduction	-	-	-
2 0	P os ition, foreign exc hange and c ommodities	-	-	-
	ris ks (M arket ris k)
2 1	Of which the s tandardis ed approach	-	-	-
2 2	Of which IMA	-	-	-
E U 2 2 a	Large expos ures	-	-	-
2 3	O perational ris k	1,662	1,328	133
EU 23a	Of which bas ic indicator approach	-	-	-
EU 23b	Of which s tandardis ed approach	1,662	1,328	133
EU 23c	Of which advanced meas urement approach	-	-	-
	Amounts below the thres holds for deduction
2 4	(s ubject to 250% ris k weight) (For	95	94	8
	information)
2 5	N ot applic able	-	-	-
2 6	N ot applic able	-	-	-
2 7	N ot applic able	-	-	-
2 8	N ot applic able	-	-	-
2 9	Total	10,834	10,441	867

The main drivers behind material changes in RWA by type of risks are analysed respectively in Sections 6.3, 7, 11.

6.1 Minimum Required Own Funds for Credit, Market and Operational Risk Group's approach to assessing the adequacy of its internal capital (continued)

EU OV1 – Overview of total risk exposure amounts

		a	b	c
			Risk weighted exposure amounts (RWEAs)	Total own f unds requirements
		31 December 2023	30 September 2023	31 December 2023
		€ million	€ million	€ million
1	C redit ris k (exc luding C C R)	8 ,9 9 7	9 ,2 3 7	720
2	Of which the s tandardis ed approach	8,997	9,237	720
3	Of which the foundation IRB (FIRB) approach	-	-	-
4	Of which: s lotting approach	-	-	-
	Of which: equities under the s imple
EU 4a	ris kweighted approach	-	-	-

5	Of which the advanced IRB (AIRB) approach	-	-	-
6	C ounterparty c redit ris k - C C R	16	9	1
7	Of which the s tandardis ed approach	2	5	-
8	Of which internal model method (IMM)	-	-	-
EU 8a	Of which expos ures to a CCP	-	-	-
EU 8b	Of which credit valuation adjus tment - CVA	11	3	1
9	Of which other CCR	3	-	-
1 0	N ot applic able	-	-	-
1 1	N ot applic able	-	-	-
1 2	N ot applic able	-	-	-
1 3	N ot applic able	-	-	-
1 4	N ot applic able	-	-	-
1 5	Settlement ris k	-	-	-
1 6	Sec uritis ation expos ures in the non- trading book (after the c ap)	-	7	-
1 7	Of which SEC-IRBA approach	-	-	-
1 8	Of which SEC-ERBA (including IAA)	-	-	-
1 9	Of which SEC-SA approach	-	7	-
EU 19a	Of which 1250%/ deduction	-	-	-
	P os ition, foreign exc hange and c ommodities
2 0	ris ks (M arket ris k)	-	-	-

2 1	Of which the s tandardis ed approach	-	-	-
2 2	Of which IMA	-	-	-
E U 2 2 a	Large expos ures	-	-	-
2 3	O perational ris k	1,328	1,011	106
EU 23a	Of which bas ic indicator approach	-	-	-
EU 23b	Of which s tandardis ed approach	1,328	1,011	106
EU 23c	Of which advanced meas urement approach	-	-	-
	Amounts below the thres holds for deduction
2 4	(s ubject to 250% ris k weight) (For information)	86	57	7

2 5	N ot applic able	-	-	-
2 6	N ot applic able	-	-	-
2 7	N ot applic able	-	-	-
2 8	N ot applic able	-	-	-
2 9	Total	10,341	10,264	827

6.2 Insurance participations

EU INS1 insurance participations

		a	b	a	b
			2024	2023
		Exposure value	Risk-weighted exposure amount	Exposure value	Risk-weighted exposure amount
		€ million	€ million	€ million	€ million
1	Own fund instruments held in insurance or re-insurance undertakings or insurance holding company not deducted from own funds	23	57	23	57

The Group is not subject to supplementary own fund requirements for financial conglomerates as at 31 December 2024 and 2023, and therefore does not report the EU INS2 - Financial conglomerates information on own funds and capital adequacy ratio.

6.3 Comparison of institution's own funds and capital and leverage ratios with and without the application of transitional arrangements for IFRS 9 or analogous ECLs, and with and without the application of the temporary treatment in accordance with Article 468 of the CRR

		a	b	c	d	e
			31/12/2024 1 30/09/2024 2,3 30/06/2024 3 31/03/2024 4			31/12/2023 5
		€ million	€ million	€ million	€ million	€ million
1	Common Equity Tier 1 (CET1) capital	2,075	1,937	1,937	1,803	1,798
2	CET1 capital as if IFRS 9 or analogous ECLs transitional arrangements had not been applied	2,073	1,934	1,935	1,803	1,791
2 a	CET1 capital as if the temporary treatment of unrealised gains and losses measured at fair value through OCI (other comprehensive income) in accordance with Article 468 of the CRR had not been applied6	2,075	1,937	1,937	1,803	1,798
3	Tier 1 capital	2,295	2,157	2,157	2,023	2,018
4	Tier 1 capital as if IFRS 9 or analogous ECLs transitional arrangements had not been applied	2,293	2,154	2,155	2,023	2,011
4 a	Tier 1 capital as if the temporary treatment of unrealised gains and losses measured at fair value through OCI in accordance with Article 468 of the CRR had not been applied6	2,295	2,157	2,157	2,023	2,018
5	Total Capital	2,603	2,479	2,470	2,323	2,318
6	Total Capital as if IFRS 9 or analogous ECLs transitional arrangements had not been applied	2,600	2,476	2,468	2,323	2,311
6 a	Total capital as if the temporary treatment of unrealised gains and losses measured at fair value through OCI in accordance with Article 468 of the CRR had not been applied6	2,603	2,479	2,470	2,323	2,318
	Risk-weighted assets
7	Total risk-weighted assets	10,834	10,441	10,580	10,548	10,341
8	Total risk-weighted assets as if IFRS 9 or analogous ECLs transitional arrangements had not been applied	10,832	10,439	10,578	10,548	10,334

		a	b	c	d	e
			31/12/2024 1 30/09/2024 2,3 30/06/2024 3 31/03/2024 4 31/12/2023 5
		%	%	%	%	%
	Capital ratios
9	CET1 (as a percentage of risk exposure amount)	19.16%	18.55%	18.31%	17.10%	17.39%
1 0	CET1 (as a percentage of risk exposure amount) as if IFRS 9 or analogous ECLs transitional arrangements had not been applied	19.14%	18.53%	18.29%	17.10%	17.33%
10a	CET1 (as a percentage of risk exposure amount) as if the temporary treatment of unrealised gains and losses measured at fair value through OCI in accordance with Article 468 of the CRR had not been applied6	19.16%	18.55%	18.31%	17.10%	17.39%
1	1 Tier 1 (as a percentage of risk exposure amount)	21.19%	20.66%	20.39%	19.18%	19.51%
1 2	Tier 1 (as a percentage of risk exposure amount) as if IFRS 9 or analogous ECLs transitional arrangements had not been applied	21.17%	20.64%	20.37%	19.18%	19.46%
12a	Tier 1 (as a percentage of risk exposure amount) as if the temporary treatment of unrealised gains and losses measured at fair value through OCI in accordance with Article 468 of the CRR had not been applied6	21.19%	20.66%	20.39%	19.18%	19.51%
1	3 Total Capital (as a percentage of risk exposure amount)	24.02%	23.74%	23.35%	22.03%	22.42%
1 4	Total Capital (as a percentage of risk exposure amount) as if IFRS 9 or analogous ECLs transitional arrangements had not been applied	24.01%	23.72%	23.33%	22.03%	22.37%
14a	Total capital (as a percentage of risk exposure amount) as if the temporary treatment of unrealised gains and losses measured at fair value through OCI in accordance with Article 468 of the CRR had not been applied6	24.02%	23.74%	23.35%	22.03%	22.42%
	Leverage ratio
1	5 Leverage ratio total exposure measure	26,220	25,558	25,191	24,710	26,389
1	6 Leverage ratio	8.75%	8.44%	8.56%	8.19%	7.65%
1	7 Leverage ratio as if IFRS 9 or analogous ECLs transitional arrangements had not been applied	8.75%	8.43%	8.56%	8.19%	7.62%
17a	Leverage ratio as if the temporary treatment of unrealised gains and losses measured at fair value through OCI in accordance with Article 468 of the CRR had not been applied6	8.75%	8.44%	8.56%	8.19%	7.65%

Notes:

1. Amounts and ratios include profits for the year ended 31 December 2024 net of a deduction for a distribution in respect of 2024 earnings of €241 million, following relevant recommendation by the Board of Directors to the shareholders for a final cash dividend of €211 million and approval by the Board of Directors to undertake a share buyback of ordinary shares of the Company for an aggregate consideration of up to €30 million and in compliance with the terms of the ECB approval, as disclosed in subsection 'Distributions' of Section 5.1 CRD Regulatory Capital.
1. Amounts and ratios do not include quarterly profits for the three months ended 30 September 2024. Including the quarterly profits and an accrual for a distribution at a payout ratio of 50% of the Group's adjusted profitability for the period, which represents the top-end range of the Group's approved distribution policy in line with the principles of Commission Delegated Regulation (EU) (241/2014) for foreseeable dividends and charges, the CET1 ratio and Total Capital ratio stood at 19.1% and 24.3% respectively, on a transitional basis.

6.3 Comparison of institution's own funds and capital and leverage ratios with and without the application of transitional arrangements for IFRS 9 or analogous ECLs, and with and without the application of the temporary treatment in accordance with Article 468 of the CRR (continued)

1. Amounts and ratios include reviewed profits for the six months ended 30 June 2024 in line with the ECB Decision (EU) (2015/656) on the recognition of interim or year-end profits in CET1 capital in accordance with Article 26(2) of the CRR and an accrual for a distribution at a payout ratio of 50% of the Group's adjusted recurring profitability for the period, which represents the top-end range of the Group's approved distribution policy in line with the principles of Commission Delegated Regulation (EU) (241/2014) for foreseeable dividends and charges.
1. Amounts and ratios do not include quarterly profits for the three months ended 31 March 2024. Including the quarterly profits and an accrual for a distribution at a payout ratio of 50% of the Group's adjusted profitability for the period, which represents the top-end range of the Group's approved distribution policy in line with the principles of Commission Delegated Regulation (EU) (241/2014) for foreseeable dividends and charges, the CET1 ratio and Total Capital ratio stood at 17.6% and 22.5% respectively, on a transitional basis.
1. Amounts and ratios include profits for the year ended 31 December 2023 and a deduction for a distribution in respect of 2023 earnings of €137 million, following approval received by the ECB in March 2024 and relevant recommendation by the Board of Directors to the shareholders for a final cash dividend of €112 million and approval by the Board to undertake a share buyback of ordinary shares of the Company for an aggregate consideration of up to €25 million and in compliance with the terms of the ECB approval.
1. The temporary treatment of unrealised gains and losses measured at fair value through Other Comprehensive Income (OCI) in accordance with Article 468 of the CRR was applicable until 31 December 2022.

6.3 Comparison of institution's own funds and capital and leverage ratios with and without the application of transitional arrangements for IFRS 9 or analogous ECLs, and with and without the application of the temporary treatment in accordance with Article 468 of the CRR (continued)

The Group applied the IFRS 9 on 1 January 2018. The accounting standard allows the impact on the implementation date, 1 January 2018, to be recognised through equity rather than the income statement. The Group's IFRS 9 impacts on transition resulted in a decrease of shareholders' equity of €308 million and was primarily driven by credit impairment provision.

The Group has elected in prior years to apply the 'static-dynamic' approach in relation to the transitional arrangements for the initial application of IFRS 9 for regulatory capital purposes where the impact on the impairment amount from the initial application of IFRS 9 on the capital ratios was phased in gradually, pursuant to EU Regulation 2017/2395 and it therefore applied paragraph 4 of Article 473(a) of the CRR. The 'static-dynamic' approach allowed for recalculation of the transitional adjustment periodically on Stage 1 and Stage 2 loans, to reflect the change of the ECL provisions within the transition period. The Stage 3 ECL remained static over the transition period as per the impact upon initial recognition.

The amount added each year for the 'static component' was decreasing based on a weighting factor until the impact of IFRS 9 was fully absorbed back to CET1 at the end of the five years, with the impact being fully phased in (100%) by 1 January 2023. The cumulative impact on the capital position was fully phased in (100%) on 1 January 2023.

Following the June 2020 amendments to the CRR, the Group applied the amendments in relation to the IFRS 9 transitional arrangements for Stage 1 and Stage 2 loans (i.e. the 'dynamic component') which provide for the extension of the transitional period for the 'dynamic component'. A 100% add back of IFRS 9 provisions was allowed for the years 2020 and 2021 reducing to 75% in 2022, to 50% in 2023 and to 25% in 2024. This was fully phased in (100%) by 1 January 2025. The calculation at each reporting period was against Stage 1 and Stage 2 provisions as at 1 January 2020, instead of 1 January 2018.

7. Counterparty Credit Risk (CCR)

CCR arises from the possibility a counterparty failing to perform on an obligation arising from derivative transactions and SFTs such as repurchase agreements.

Following the implementation of the amending regulation 2019/876 of the CRR, referred to as CRR II, the Mark-to-Market (MTM) method which the Group applied up to 28 June 2021 in calculating the exposure value of derivative positions has been abolished and the new SA-CCR was implemented. Under the new approach laid down in Part 3, Title II Chapter 6 of the CRR/CRR II, the exposure values on which RWA for counterparty credit risk and Credit Valuation Adjustment (CVA) are calculated, are considerably higher compared to the application of MTM. The RWA impact for the Group remains negligible due to (a) decreased derivative positions and (b) a significant amount of the Group's derivative positions is cleared through a Qualifying Central Counterparty (QCCP) with a RW of 2%.

There is a material increase between 31 December 2024 and 31 December 2023 in the exposures values, collateral and RWA that arise from counterparty credit risk due to the SFTs.

EU CCR1 – Analysis of CCR exposure by approach

		a	b	c	d	e	f	g	h
31 December 2024		Replacem ent cost (RC)	Potential future exposure (PFE)	EEPE	Alpha used for computing regulatory exposure	Exposure value pre CRM	Exposure value post-CRM	Exposure value	RWEA
		€ million	€ million	€ million	value	€ million	€ million	€ million	€ million
EU1	EU - Original Exposure Method (for derivatives)	-	-		1.4	-	-	-	-
EU2	EU - Simplified SA-CCR (for derivatives)	-	-		1.4	-	-	-	-
1	SA-CCR (for derivatives)	2	13		1.4	23	18	18	4
2	IMM (for derivatives and SFTs)			-	-	-	-	-	-
2a	Of which securities financing transactions netting sets			-		-	-	-	-
2b	Of which derivatives and long settlement transactions netting sets			-		-	-	-	-
2c	Of which from contractual cross-product netting sets			-		-	-	-	-
3	Financial collateral simple method (for SFTs)					-	-	-	-
4	Financial collateral comprehensive method (for SFTs)					1,017	14	14	12
5	VaR for SFTs					-	-	-	-
6	Total					1,040	32	32	16

7. Counterparty Credit Risk (CCR) (continued)

EU CCR1 – Analysis of CCR exposure by approach

		a	b	c	d	e	f	g	h
31 December 2023		Replacem ent cost (RC)	Potential future exposure (PFE)	Effective expected positive exposure (EEPE)	Alpha used for computing regulatory exposure	Exposure value pre CRM	Exposure value post-CRM	Exposure value	RWEA
		€ million	€ million	€ million	value	€ million	€ million	€ million	€ million
EU1	EU - Original Exposure Method (for derivatives)	-	-		1.4	-	-	-	-
EU2	EU - Simplified SA-CCR (for derivatives)	-	-		1.4	-	-	-	-
1	SA-CCR (for derivatives)	3	16		1.4	9	8	8	2
2	IMM (for derivatives and SFTs)			-	-	-	-	-	-
2a	Of which securities financing transactions netting sets			-		-	-	-	-
2b	Of which derivatives and long settlement transactions netting sets			-		-	-	-	-
2c	Of which from contractual cross-product netting sets			-		-	-	-	-
3	Financial collateral simple method (for SFTs)					-	-	-	-
4	Financial collateral comprehensive method (for SFTs)					434	13	13	3
5	VaR for SFTs					-	-	-	-
6	Total					443	21	21	5

7. Counterparty Credit Risk (CCR) (continued)

EU CCR2 – Transactions subject to own funds requirements for CVA risk

The CVA is an adjustment to the mid-market valuation of the portfolio of derivative and SFT transactions with a counterparty. That adjustment reflects the current market value of the credit risk of the counterparty to the institution but does not reflect the current market value of the credit risk of the institution to the counterparty. It is applied to all counterparties excluding any transactions with a QCCP or intra-group transactions or non-financial counterparties.

		a	b
	31 December 2024	Exposure value	RWEA
		€ million	€ million
1	Total transactions subject to the Advanced method	-	-
2	(i) VaR component (including the 3× multiplier)		-
3	(ii) stressed VaR component (including the 3× multiplier)		-
4	Transactions subject to the Standardised method	31	9
EU4	Transactions subject to the Alternative approach (Based on the Original Exposure Method)	-	-
5	Total transactions subject to own funds requirements for CVA risk	31	9

		a	b
	31 December 2023	Exposure value	RWEA
		€ million	€ million
1	Total transactions subject to the Advanced method	-	-
2	(i) VaR component (including the 3× multiplier)		-
3	(ii) stressed VaR component (including the 3× multiplier)		-
4	Transactions subject to the Standardised method	20	11
EU4	Transactions subject to the Alternative approach (Based on the Original Exposure Method)	-	-
5	Total transactions subject to own funds requirements for CVA risk	20	11

7. Counterparty Credit Risk (CCR) (continued)

EU CCR3 – Standardised approach – CCR exposures by regulatory exposure class and risk weights

The table below provides a breakdown of CCR exposures, calculated under the Standardised Approach, by exposure class and by risk weight.

		a	b	c	d	e	f	g	h	i	j	k	l
								Risk weight
Exposure classes		0%	2%	4%	10%	20%	50%	70%	75%	100%	150%	Others	Total exposure value
	31 December 2024	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million
1	Central governments or central banks	-	-	-	-	-	-	-	-	-	-	-	-
2	Regional government or local authorities	-	-	-	-	-	-	-	-	-	-	-	-
3	Public sector entities	-	-	-	-	-	-	-	-	-	-	-	-
4	Multilateral development banks	-	-	-	-	-	-	-	-	-	-	-	-
5	International organisations	-	-	-	-	-	-	-	-	-	-	-	-
6	Institutions	-	91	-	-	17	5	-	-	-	-	-	113
7	Corporates	-	-	-	-	-	-	-	-	10	-	-	10
8	Retail	-	-	-	-	-	-	-	-	-	-	-	-
9	Institutions and corporates with a short-term credit assessment	-	-	-	-	-	-	-	-	-	-	-	-
10	Other items	-	-	-	-	-	-	-	-	-	-	-	-
11	Total exposure value	-	91	-	-	17	5	-	-	10	-	-	123

7. Counterparty Credit Risk (CCR) (continued)

EU CCR3 – Standardised approach – CCR exposures by regulatory exposure class and risk weights

		a	b	c	d	e	f	g	h	i	j	k	l
			Risk Weight
Exposure classes		0%	2%	4%	10%	20%	50%	70%	75%	100%	150%	Others	Total exposure value
	31 December 2023	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million
1	Central governments or central banks	-	-	-	-	-	-	-	-	-	-	-	-
2	Regional government or local authorities	-	-	-	-	-	-	-	-	-	-	-	-
3	Public sector entities	-	-	-	-	-	-	-	-	-	-	-	-
4	Multilateral development banks	-	-	-	-	-	-	-	-	-	-	-	-
5	International organisations	-	-	-	-	-	-	-	-	-	-	-	-
6	Institutions	-	13	-	-	20	-	-	-	-	-	-	33
7	Corporates	-	-	-	-	-	-	-	-	1	-	-	1
8	Retail	-	-	-	-	-	-	-	-	-	-	-	-
9	Institutions and corporates with a short-term credit assessment	-	-	-	-	-	-	-	-	-	-	-	-
10	Other items	-	-	-	-	-	-	-	-	-	-	-	-
11	Total exposure value	-	13	-	-	20	-	-	-	1	-	-	34

The exposures under the 2% RW presented in 2023 and 2024 relate to exposures to a QCCP.

7. Counterparty Credit Risk (CCR) (continued)

EU CCR5 – Composition of collateral for CCR exposures

The table below discloses information on counterparty credit risk exposure and the collateral posted or received used in derivative transactions or in SFTs. The collaterals reported in the table below relate to Variation and Initial Margins.

The majority of Variation Margins of the Group are with QCCP and are segregated, that is the collateral is bankruptcy remote in the event of the default or insolvency of that counterparty. In 2024 the Group has received and posted unsegregated collaterals in SFTs.

		a	b	c	d	e	f	g	h
			Collateral used in derivative transactions			Collateral used in SFTs
31 December 2024		Fair value of collateral received			Fair value of posted collateral		Fair value of collateral received	Fair value of posted collateral
		Segregated	Unsegregated	Segregated	Unsegregated	Segregated	Unsegregated	Segregated	Unsegregated
		€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million
1	Cash – domestic currency	86	11	56	-	-	13	-	7
2	Cash – other currencies	-	-	-	-	-	-	-	-
3	Domestic sovereign debt	-	-	-	-	-	-	-	-
4	Other sovereign debt	-	-	-	-	-	945	-	-
5	Government agency debt	-	-	-	-	-	-	-	-
6	Corporate bonds	-	-	-	-	-	-	-	-
7	Equity securities	-	-	-	-	-	-	-	-
8	Other collateral	-	-	-	-	-	78	-	-
9	Total	86	11	56	-	-	1,036	-	7

		a	b	c	d	e	f	g	h
31 December 2023			Collateral used in derivative transactions			Collateral used in SFTs
		Fair value of collateral received			Fair value of posted collateral		Fair value of collateral received	Fair value of posted collateral
		Segregated	Unsegregated	Segregated	Unsegregated	Segregated	Unsegregated	Segregated	Unsegregated
		€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million
1	Cash – domestic currency	38	1	-	14	-	-	-	31
2	Cash – other currencies	-	-	-	-	-	-	-	-
3	Domestic sovereign debt	-	-	-	-	-	-	-	-
4	Other sovereign debt	-	-	-	-	-	431	-	-
5	Government agency debt	-	-	-	-	-	-	-	-
6	Corporate bonds	-	-	-	-	-	-	-	-
7	Equity securities	-	-	-	-	-	-	-	-
8	Other collateral	-	-	-	-	-	-	-	-
9	Total	38	1	-	14	-	431	-	31

7. Counterparty Credit Risk (CCR) (continued)

EU CCR8 – Exposures to CCPs

The Group trade exposures with QCCPs are only on OTC Derivatives as at 31 December 2024 and 2023. The RWA are of low-risk weight which is applied to the exposures with QCCPs.

		a	b
		Exposure value	RWEA
	31 December 2024	€ million	€ million
1	Exposures to QCCPs (total)		2
2	Exposures for trades at QCCPs (excluding initial margin and default fund contributions); of which	60	1
3	(i) OTC derivatives	60	1
4	(ii) Exchange-traded derivatives	-	-
5	(iii) SFTs	-	-
6	(iv) Netting sets where cross-product netting has been approved	-	-
7	Segregated initial margin	-
8	Non-segregated initial margin	31	1
9	Prefunded default fund contributions	-	-
10	Unfunded default fund contributions	-	-
11	Exposures to non-QCCPs (total)		-
12	Exposures for trades at non-QCCPs (excluding initial margin and default fund contributions); of which	-	-
13	(i) OTC derivatives	-	-
14	(ii) Exchange-traded derivatives	-	-
15	(iii) SFTs	-	-
16	(iv) Netting sets where cross-product netting has been approved	-	-
17	Segregated initial margin	-
18	Non-segregated initial margin	-	-
19	Prefunded default fund contributions	-	-
20	Unfunded default fund contributions	-	-

7. Counterparty Credit Risk (CCR) (continued)

EU CCR8 – Exposures to CCPs

		a	b
		Exposure value	RWEA
	31 December 2023	€ million	€ million
1	Exposures to QCCPs (total)		-
2	Exposures for trades at QCCPs (excluding initial margin and default fund contributions); of which	13	-
3	(i) OTC derivatives	13	-
4	(ii) Exchange-traded derivatives	-	-
5	(iii) SFTs	-	-
6	(iv) Netting sets where cross-product netting has been approved	-	-
7	Segregated initial margin	-
8	Non-segregated initial margin	-	-
9	Prefunded default fund contributions	-	-
10	Unfunded default fund contributions	-	-
11	Exposures to non-QCCPs (total)		-
12	Exposures for trades at non-QCCPs (excluding initial margin and default fund contributions); of which	-	-
13	(i) OTC derivatives	-	-
14	(ii) Exchange-traded derivatives	-	-
15	(iii) SFTs	-	-
16	(iv) Netting sets where cross-product netting has been approved	-	-
17	Segregated initial margin	-
18	Non-segregated initial margin	-	-
19	Prefunded default fund contributions	-	-
20	Unfunded default fund contributions	-	-

7.1 Internal Capital and Credit Limits for Counterparty Credit Exposures

The internal counterparty credit model sets the reference limits for financial institutions, based on their credit rating, the Bank's CET1 capital base and an internal scoring system which considers qualitative and quantitative factors such as:

Asset risk
Capital adequacy
Profitability
Liquidity
Market share
Ownership strength
Rating outlook
Country rating

Two types of limits are monitored:

a. Credit: for MM placements, FX (FX swaps, FX forwards), bonds, derivatives, commercial transactions, Nostros, pledged amounts for collateral, Repos, Reverse Repos and Factors.
b. Settlement: for maturing FX spot, forward and swaps, MM placements, Nostro, pledged amounts for collateral and banknotes.

Limit amounts and Tenor limits follow the Counterparty & Country Credit Models and Limits document. The approval levels are set in the Counterparty and Country credit Limit Framework. Limits for derivative transactions are assigned to counterparties with a Credit Support Annex (CSA) agreement in place and enforceability of netting. Allocated derivative limits with counterparties that have not signed a CSA and the Legal Services department has not yet advised that netting is enforceable or has informed that netting is not enforceable, can be set following ALCO approval.

The derivative limit for the Mark to Market of a contract counts within the overall credit limit of the counterparty and can be equal to the total credit limit. There is also a concentration limit for the maximum notional amount of contracts with each counterparty, as per the approved Concentration Policy. Any exceptions to the maximum notional amounts can be approved as per the Counterparty and Country credit Limit Framework.

Credit risk arising from entering into derivative transactions with counterparties is measured using the markto-market method.

Risk Reporting and measurement system for Counterparty Credit Risk

Counterparty credit and settlement limits for Treasury transactions are monitored real-time through the Bank's front to back system. In the case of a breach, an automatic e-mail is sent to the dealers and MLR officers with an attached report including all the necessary details of the deal creating the breach.

It is noted that all efforts take place to avoid limit breaches. Any breaches are reported following the escalation process depending on the limit breach as per the Counterparty and Country Credit Limit Framework.

7.2 Policies for Securing Collateral and Establishing Credit Reserves

Collateral management involves multiple parties and various departments of the Bank. The collateral management team is the Treasury Back office.

The responsibilities of the collateral management team are as follows:

a. Handling collateral valuations and margin calls (for derivatives).
b. Maintain relevant data and liaise with counterparties regarding issues of collaterals.

The use of collateral for funding purposes relating to the Cyprus operations is managed by Treasury Division, with specific authorised personnel having the responsibility to manage it.

The Fixed Income and Portfolio Management desk is responsible for reviewing and managing fixed income securities as collateral, both for counterparty repos and ECB funding. The Funding & Liquidity department is jointly responsible with the Money Market & Interest Rate and FX Risk Management desk in collaboration with other departments of the Bank to monitor the use of cash as collateral. Also Funding & Liquidity department is responsible for the monitoring and use of loan assets for funding programmes collateralised by loans such as Covered Bond Issuance and Additional Credit Claims (ACCs).

The Regulatory, Governance and Agreements Management department within Treasury Division handles legal documentation (in collaboration with the Legal Service department) and relevant reporting. The Legal Service department provides advice and support regarding relevant agreements for collateralisation.

The Group has chosen the International Swaps and Derivatives Association, Inc. (ISDA) Master Agreement for contracting its derivatives activity. These agreements provide the contractual framework within which dealing activity across a full range of Over-The-Counter (OTC) products is conducted and contractually binds both parties to apply close-out netting across all outstanding transactions covered by an agreement, if either party defaults. They may also reduce settlement exposure (e.g. for FX transactions) by allowing same-day same-currency payments to be set-off against one another. In most cases, the parties execute a CSA agreement in conjunction with the ISDA Master Agreement. Under a CSA, collateral is passed between the parties in order to mitigate the market contingent counterparty risk inherent in their open positions. CSAs further mitigate risk by allowing collateral to be posted on a regular basis to collateralise the mark to market exposure of a net derivative portfolio. For uncleared derivative trades, the Group trades under Variation Margin CSA agreements in line with European Markets Infrastructure Regulation (EMIR) margining provisions whereby thresholds have been set to zero and collateral exchange is carried out on a daily basis following the netting of exposures on a T+1 basis.

For derivative trades which are eligible for clearing, the Group trades under ISDA Cleared Derivatives Execution Agreement agreements with its counterparties so that eligible trades are cleared centrally with London Clearing House Central Clearing Counterparty.

The Group has chosen the Global Master Repurchase Agreement (GMRA) for conducting its repurchase activity. It is a legal agreement designed for parties transacting in repos/reverse repos and is published by the International Capital Market Association (ICMA), which is the body representing the bond and repo markets in Europe. It provides the contractual framework within Buy/Sell Back transactions are conducted and contractually binds both parties to apply close-out netting across all outstanding transactions and collateral covered by an agreement, if either party defaults.

As at 31 December 2024, the Group had signed the CSA annex of the ISDA Master Agreement with 33 counterparties (2023: 33 counterparties) and Global Master Repurchase Agreements (GMRAs) with 15 counterparties (2023: 17 counterparties). The Group has an agreement in place with a Qualifying Central Counterparty (QCCP).

As at 31 December 2024, the Group maintained CSA exposures with 11 counterparties, one of which is QCCP (2023: 10 counterparties one of which is QCCP). As at 31 December 2024 the Group had three exposures under GMRA (2023: One exposure under GMRA)

7.2 Policies for Securing Collateral and Establishing Credit Reserves (continued)

The following table presents the total amounts that were transferred to (where the indicated amount is negative) or obtained from (where the indicated amount is positive) counterparties as a result of reaching the threshold amounts of 9 counterparties (2023: 8 counterparties) for CSAs, one of which the QCCP.

	2024	2023
	€ 000	€ 000
Total Positive	40,643	39,344
Total Negative	-	(13,970)
Total	40,643	25,374

A net amount of €6.4 million has been received from 3 rd counterparties as at 31 December 2024 for GMRAs collateral amount due to the Reverse Repurchase exposure (2023: €30.5 million has been posted).

7.2.1 Policies with Respect to Wrong-Way Risk Exposures

Wrong way risk occurs when an exposure to a counterparty is adversely correlated with the credit quality of that counterparty i.e. changes in market rates (interest rates, FX or other rates which are the main underlying factors of the Group's derivative transactions) have an adverse impact on the Probability of Default (PD) of a counterparty. This risk is not currently measured as it is not anticipated to be significant given that the bulk of the deals are cleared with the Bank's QCCP and the existence of CSAs for almost all the uncleared derivative transactions, with daily settlement of margins that significantly reduce credit risk resulting in a total accounting CVA charge equal to only €72 thousand as at 31 December 2024 (2023: €4 thousand).

7.2.2 Collateral the Group would have to provide given a Downgrade in its Credit Rating

As at 31 December 2024, the only instance where the Group would have to provide additional collateral in the event of a downgrade, involved derivative transactions under ISDA agreements, where a CSA has been signed and includes downgrade triggers. Currently, no CSA agreement is linked to the credit ratings of the involved parties. Thus, no additional collateral would have been required, as at 31 December 2024, in the event of a downgrade.

8. Countercyclical Capital Buffers

The majority of the CcyB relevant exposures of the Group arise in Cyprus and the increase in the institution specific countercyclical capital buffer of the Group from 0.48% to 0.92% mainly reflects the increase as at 02 June 2024 of CcyB from 0.50% to 1.00% of the total risk exposure amounts in Cyprus. Furthermore, in January 2025, the CBC, based on its macroprudential policy, decided to increase the CcyB rate from 1.00% to 1.50% of the total risk exposure amount in Cyprus of each credit institution incorporated in Cyprus effective from January 2026. Based on the above, the CcyB for the Group is expected to increase further. Moreover, there has been an increase in the CcyB rate of other countries where the Group holds exposures (mainly France, Belgium, Netherlands and Ireland).

The CcyB relevant exposures are exposure values after credit conversion factors (CCF) and CRM applied in the calculation of RWA and they relate to all exposure classes other than the below:

a) exposures to central governments or central banks;
b) exposures to regional governments or local authorities;
c) exposures to public sector entities;
d) exposures to multilateral development banks;
e) exposures to international organisations;
f) exposures to institutions;

The institution specific countercyclical capital buffer is the average CcyB weighted by the relevant total own fund requirements by country.

8. Countercyclical Capital Buffers (continued)

EU CCyB1 - Geographical distribution of credit exposures relevant for the calculation of the countercyclical capital buffer

		a	b	c Relevant	d exposures	e	f	g	h	i	j	k	l	m
		General credit exposure		credit – Market risk					Own f	und requirements
31 December 2024		Exposure value under the standardised approach	Exposure value under the IRB approach	Sum of long and short posit ions of trading book exposures for SA	Value of trading book exposures for internal models	Securit isat ion exposures Exposure value for non trading book	Total exposure value	Relevant credit risk exposures - Credit risk	Relevant credit exposures – Market risk	Relevant credit exposures – Securit isat ion posit ions in the non trading book	Total	Risk weighted exposure amounts	Own f unds requirements weights	Counter cyclical buf f er rate
010	Breakdown by country:	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	%	%
0101 C	yprus	10,444	-	-	-		- 1 0 ,4 4 4	599	-	-	599	7 ,4 8 8	8 7 .6 7	1 .0 0
0102 G	reec e	362	-	-	-	-	362	28	-	-	28	350	4 .1 6	0 .0 0
0103 U	nited States	182	-	-	-	-	182	9	-	-	9	113	1 .3 4	0 .0 0
0104 M	ars hall I s lands	167	-	-	-	-	167	12	-	-	12	150	1 .7 7	0 .0 0
0105 Franc	e	161	-	-	-	-	161	5	-	-	5	63	0 .6 7	1 .0 0
0106 U	nited Kingdom	123	-	-	-	-	123	6	-	-	6	75	0 .8 9	2 .0 0
	0107 Germany	102	-	-	-	-	102	2	-	-	2	25	0 .3 1	0 .7 5
0108 N	etherlands	88	-	-	-	-	88	2	-	-	2	25	0 .2 9	2 .0 0
	0109 Liberia	60	-	-	-	-	60	4	-	-	4	50	0 .6 1	0 .0 0
0110 N	orway	43	-	-	-	-	43	-	-	-	-	-	0 .0 5	2 .5 0
0111 A	us tralia	42	-	-	-	-	42	-	-	-	-	-	0 .0 6	1 .0 0
0112 C	anada	41	-	-	-	-	41	-	-	-	-	-	0 .0 5	0 .0 0
	0113 Belgium	40	-	-	-	-	40	1	-	-	1	13	0 .0 8	1 .0 0
0114 P	anama	39	-	-	-	-	39	3	-	-	3	38	0 .4 6	0 .0 0
0115 I	reland	38	-	-	-	-	38	3	-	-	3	38	0 .3 7	1 .5 0
	0116 Switzerland	33	-	-	-	-	33	1	-	-	1	13	0 .0 8	0 .0 0
0117 A	us tria	31	-	-	-	-	31	-	-	-	-	-	0 .0 4	0 .0 0
0118 V	irgin I s lands , Britis h	25	-	-	-	-	25	2	-	-	2	25	0 .2 3	0 .0 0
	0119 Luxembourg	22	-	-	-	-	22	2	-	-	2	25	0 .3 6	0 .5 0
0120 U	nited A rab Emirates	15	-	-	-	-	15	-	-	-	-	-	0 .0 5	0 .0 0
0121 Spain		13	-	-	-	-	13	1	-	-	1	13	0 .1 9	0 .0 0
	0122 Finland	9	-	-	-	-	9	-	-	-	-	-	0 .0 1	0 .0 0
0123 Rus	s ia	6	-	-	-	-	6	-	-	-	-	-	0 .0 3	0 .0 0
	0124 Romania	6	-	-	-	-	6	1	-	-	1	13	0 .1 0	1 .0 0
0125 I	s rael	5	-	-	-	-	5	-	-	-	-	-	0 .0 3	0 .0 0
	0126 South A fric a	3	-	-	-	-	3	-	-	-	-	-	0 .0 2	0 .0 0
0127 N	ew Zeland	3	-	-	-	-	3	-	-	-	-	-	0 .0 0	0 .0 0
														0 ,0 .5 ,0
0128	O ther c ountries with		-	-	-	-			-	-				7 5 ,1 ,
	total relevant expos ure													1 .2 5 ,1
	values < E U R 1 million	8					8	2			2	25	0 .0 7	5 ,2 ,2 .5
020	Total	12,111	-	-	-	-	12,111	683	-	-	683	8,538	1.00

8. Countercyclical Capital Buffers (continued)

EU CCyB1 - Geographical distribution of credit exposures relevant for the calculation of the countercyclical capital buffer (continued) 8 5 c ountries with 0% C C yB exc ept for the ones indic ated:

EU CCyB1 -
(continued)

Geographical distribution of credit exposures relevant for the calculation of the countercyclical capital buffer

O
ther c
ountries
with total
relevant expos
ure values
< E
U
R
1
million

8
5
c
ountries
with 0%
C
C
yB exc
ept for the ones
indic
ated:
A
lbania, A
ndorra, A
rgentina, A
rmenia (1
.5%
), A
zerbaijan, Bahamas
, Bahrain, Belarus
, Belize, Bots
wana, Brazil, Bulgaria (2%
), C
ameroon, C
ayman I
s
lands
, C
hina,
C
olombia, C
ongo Democ
ratic Republic
, C
ôte d'I
voire, C
roatia (1
.5%
), C
uraç
ao, C
zec
h Republic (1
.2
5%
), Denmark (2
.5%
), Dominic
an Republic
, E
gypt, E
l Salvador,
E
s
tonia (1
.5%
), Georgia, Gibraltar, Guerns
ey, H
ong Kong (0
.5%
), H
ungary (0
.5%
), I
c
eland (2
.5%
), I
ndia, I
ndones
ia, I
ran I
s
lamic Republic
, I
raq, I
taly, Japan,
Jordan, Kazakhs
tan, Kenya, Korea Republic
, Kuwait, Kyrgyzs
tan, Latvia (0
.5%
), Lebanon, Libya, Lithuania (1%
), M
ac
edonia, M
alays
ia, M
alvides
, M
alta, M
auritius
,
M
exic
o, M
oldova, M
onac
o, M
ontenegro, Nigeria, O
man, P
akis
tan, P
hilippines
, P
oland, P
ortugal, P
uerto Ric
o, Q
atar, Saint Kitts and N
evis
, Saudi A
rabia, Serbia,
Seyc
helles
, Singapore, Slovakia (1
.5%
), Slovenia (0
.5%
), Sri Lanka, Swaziland, Sweden (2%
), Syrian A
rab Republic
, T
ajikis
tan, T
hailand, T
urkey, T
urkmenis
tan,
U
ganda, U
kraine, U
zbekis
tan, V
ietnam, Zimbawe.

8. Countercyclical Capital Buffers (continued)

EU CCyB1 - Geographical distribution of credit exposures relevant for the calculation of the countercyclical capital buffer (continued)

31 December 2023		a	b	c	d	e	f	g	h	i	j	k	l	m
		General credit exposure			Relevant credit exposures
				– Market risk						Own fund requirements
		Exposure value under the standardise d approach	Exposure value under the IRB approach	Sum of long and short positions of trading book exposures for S A	Value of trading book exposures for internal models	Securitisation exposures Exposure value for non trading book	Total exposure value	Relevant credit risk exposures - Credit risk	Relevant credit exposures – Market risk	Relevant credit exposures – Securitisation positions in the non trading book	Total	Risk weighted exposure amounts	Own funds requirement s weights	Counter cyclical buffer rate
010	Breakdown by country:	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	%	%
0101	Cyprus	10,584	-	-	-	-	10,584	601	-	-	601	7,513	89.17	0.50
0102	Greece	263	-	-	-	-	263		21 -	-	21	263	3.12	-
0103	Marshall Islands	177	-	-	-	-	177	13	-	-	13	163	1.88	-
0104	United States	127	-	-	-	-	127	6	-	-	6	75	0.84	-
0105	United Kingdom	123	-	-	-	-	123	7	-	-	7	88	1.11	2.00
0106	France	115	-	-	-	-	115	4	-	-	4	50	0.57	0.50
0107	Germany	69	-	-	-	-	69		1 -	-		1 13	0.16	0.75
0108	Canada	49	-	-	-	-	49	-	-	-	-	-	0.06	-
0109	Norway	42	-	-	-	-	42	-	-	-	-	-	0.05	2.50
0110	Liberia	41	-	-	-	-		41 3	-	-	3	38	0.42	-
0111	Netherlands	41	-	-	-	-		41 3	-	-	3	38	0.38	1.00
0112	Ireland	41	-	-	-	-		41 3	-	-	3	38	0.41	1.00
0113	Australia	33	-	-	-	-	33	-	-	-	-	-	0.05	1.00
0114	Virgin Islands, British	24	-	-	-	-	24	2	-	-	2	25	0.24	-
0115	Luxembourg	21	-	-	-	-		21 2	-	-	2	25	0.36	0.50
0116	Belgium	20	-	-	-	-	20	-	-	-	-	-	0.05	-
0117	Jersey	17	-	-	-	-	17		1 -	-		1 13	0.17	-
0118	United Arab Emirates	16	-	-	-	-	16	-	-	-	-	-	0.06	-
0119	Spain	15	-	-	-	-	15		1 -	-		1 13	0.20	-
0120	Austria	14	-	-	-	-	14	-	-	-	-	-	0.02	-
0121	Russian Federation	12	-	-	-	-	12		1 -	-		1 13	0.09	-
0122	Finland	10	-	-	-	-	10		1 -	-		1 13	0.18	-
0123	Switzerland		7 -	-	-	-	7	-	-	-	-	-	0.02	-
0124	Romania		7 -	-	-	-	7		1 -	-		1 13	0.11	1.00
0125	Saudi arabia		6 -	-	-	-	6	-	-	-	-	-	0.02	-
0126	Iran, Islamic Republic of		5 -	-	-	-	5	-	-	-	-	-	0.06	-
0127	Israel		5 -	-	-	-	5	-	-	-	-	-	0.02	-
0128	South Africa		4 -	-	-	-	4	-	-	-	-	-	0.03	-
0129	New Zeland		3 -	-	-	-	3	-	-	-	-	-	0.01	-
0130	Ukraine		2 -	-	-	-	2	-	-	-	-	-	0.01	-
0131	Bahrain		1 -	-	-	-		1 -	-	-	-	-	0.01	-
0132	Other countries with total relevant exposure values < EUR 1 million	12	-	-	-	-	12	3	-	-	3	38		0.12 0,0.5,0.75, 1,1.5,2,2.5
020	Total	11,906	-	-	-	-	11,906	674	-	-	674	8,425	100

8. Countercyclical Capital Buffers (continued)

EU CCyB1 - Geographical distribution of credit exposures relevant for the calculation of the countercyclical capital buffer (continued)

EU CCyB1 - Geographical distribution of credit exposures relevant for the calculation of the countercyclical capital buffer (continued)
O ther c ountries with total relevant expos ure values < E U R 1 million	7 7 c ountries with 0% C C yB exc ept for the ones indic ated: A lbania, A ndorra, A rgentina, A rmenia, A zerbaijan, Bahamas , Belarus , Belize, Bos nia and H erzegovina, Bots wana, Brazil, Bulgaria (2% ), C ameroon, C ayman I s lands , C hina, C ongo Democ ratic Republic , C ôte d'I voire, C roatia (1% ), C uraç ao, C zec h Republic (2% ), Denmark (2 .5% ), Dominic an Republic , E gypt, E l Salvador, E s tonia (1 .5% ), Gambia, Georgia, Ghana, Gibraltar, H ong Kong (1% ), H ungary, I c eland (2% ), I ndia, I s le o f M an, I taly, Japan, Jordan, Kazakhs tan, kenya, Kuwait, Kyrgyzs tan, Latvia, Lebanon, Libya, Lithuania (1% ), M ac edonia, M alays ia, M alta, M auritius , M exic o, M oldova, M onac o, M ontenegro, Nigeria, O man, P anama, P oland, P ortugal, Q atar, Saint Kitts and N evis , Serbia, Seyc helles , Singapore, Slovakia (1 .5% ), Slovenia (0 .5% ), Sri Lanka, Sweden (2% ), Syrian A rab Republic , T aiwan P rovinc e of C hina, T anzania U nited Republic , T hailand, T urkey, T urkmenis tan, U ganda, U zbekis tan, V ietnam, Zimbawe.

8. Countercyclical Capital Buffers (continued)

Amount of specific Countercyclical Capital Buffer

EU CCyB2 - Amount of institution specific countercyclical capital buffer

	a	b
	31 December 2024	31 December 2023
	€ million	€ million
Total risk exposure amount	10,834	10,341
Institution specific countercyclical capital buffer rate	0.92%	0.48%
Institution specific countercyclical capital buffer requirement	100	50

The specific countercyclical capital buffer rate of the Group as of 31 December 2024 increased to 0.92% (31 December 2023: 0.48%). This resulted following CBC's decision to increase the CcyB rate from 0.50% to 1.00% of the total risk exposure amount in Cyprus of each licensed credit institution incorporated in Cyprus, effective from 2 June 2024. Moreover, in January 2025, the CBC, based on its macroprudential policy, decided to increase the CcyB rate from 1.00% to 1.50% of the total risk exposure amount in Cyprus of each credit institution incorporated in Cyprus effective from January 2026. Based on the above, the CcyB for the Group is expected to increase further.

9. Credit Risk

9.1 Past Due and Credit Impaired Loans

Past due and credit impaired loans

Past due loans are those with delayed payments or in excess of authorised credit limits. All past-due exposures more than 90 days are considered to be impaired.

The Group considers loans and advances to customers that meet the NPE definition as per EBA standards to be in default and hence Stage 3 (credit impaired). Therefore, such loans have ECL calculated on a lifetime basis and are considered to be in default for credit risk management purposes.

The definitions of credit impaired and default are aligned so that Stage 3 represents all loans which are considered defaulted or otherwise credit impaired. When a financial asset has been identified as credit impaired, ECL are measured as the difference between the asset's gross carrying amount and the present value of estimated future cash flows discounted at the instrument's original effective interest rate.

From 1 January 2021 two regulatory guidelines came into force that affect NPE classification and Days Past Due calculation. More specifically, these are the RTS on the Materiality Threshold of Credit Obligations Past Due (EBA/RTS/2016/06) and the Guideline on the Application of the Definition of Default under article 178 (EBA/RTS/2016/07).

The Days Past Due (DPD) counter begins counting DPD as soon as the arrears or excesses of an exposure reach the materiality threshold (rather than as of the first day of presenting any amount of arrears or excesses). Similarly, the counter will be set to zero when the arrears or excesses drop below the materiality threshold. Payments towards the exposure that do not reduce the arrears/excesses below the materiality threshold, will not impact the counter.

Expected credit losses (ECL)/impairment of loans and advances to customers

The Group uses a forward looking ECL model, requiring judgement, estimates and assumptions in determining the level of ECL. ECL is recorded for all financial assets measured at amortised cost and FVOCI, lease receivables, loan commitments and financial guarantee contracts. Equity instruments are not subject to impairment.

At initial recognition, impairment allowance (or provision in the case of commitments and guarantees) is required for ECL resulting from default events that are possible within the next 12 months (12-month ECL), unless assets are deemed as Purchased or originated financial asset (POCI) whereby the ECL is measured on a lifetime basis. In the event of a significant increase in credit risk since initial recognition, impairment allowance is required resulting from all possible default events over the expected life of the financial instrument (lifetime ECL).

The Group categorises its financial assets into Stage 1, Stage 2, Stage 3 and POCI for ECL measurement as described below:

Stage 1: Financial assets which did not have a significant increase in credit risk since initial recognition are considered to be Stage 1 and 12-month ECL is recognised.

Stage 2: Financial assets which are considered to have experienced a significant increase in credit risk since initial recognition are considered to be Stage 2 and lifetime ECL is recognised.

Stage 3: Financial assets which are considered to be credit-impaired and lifetime ECL is recognised.

POCI: These are purchased or originated financial assets that are credit impaired on initial recognition. POCI assets include loans purchased or originated at a deep discount that reflects incurred credit losses. Changes in lifetime ECL since initial recognition are recognized until a POCI loan is derecognised.

9.1 Past Due and Credit Impaired Loans (continued)

ECL is recognised in profit or loss with a corresponding ECL allowance reported as a decrease in the carrying value of financial assets measured at amortised cost on the balance sheet. For financial assets measured at FVOCI the carrying value is not reduced, but the accumulated amount of ECL allowance is recognised in OCI. For off-balance sheet instruments, accumulated provisions for ECL are reported in 'Accruals, deferred income, other liabilities and other provisions', except in the case of loan commitments where ECL on the loan commitment is recognised together with the loss allowance of the relevant on balance-sheet exposure, as the Group cannot separately identify the ECL on the loan commitment from those on the on-balance sheet exposure component. ECL for the period is recognised within the consolidated income statement in 'Credit losses on financial assets'.

IFRS 9 ECL reflects an unbiased, probability-weighted estimate based on either loss expectations resulting from default events either over a maximum 12-month period from the reporting date, or over the remaining life of a financial instrument. The Group calculates lifetime ECLs and 12-month ECLs either on an individual basis or a collective basis, depending on the nature of the underlying portfolio of financial instruments.

The Group calculates ECLs based on three-weighted scenarios to measure the expected cash flow shortfalls, discounted at an approximation to the EIR as calculated at initial recognition. A cash flow shortfall is the difference between the cash flows that are due in accordance with the contract and the cash flows expected to be received.

The Group calculates ECL using the following three components:

exposure at default (EAD),
probability of default (PD), and
loss given default (LGD).

9.1.1 Net exposures by residual and exposure classes

EU CR1-A: Maturity of exposures

31 December 2024		a	b	c	d	e	f
		Net exposure value
		On demand	<= 1 year	> 1 year <= 5 years	> 5 years	No stated maturity	Total
		€ million	€ million	€ million	€ million	€ million	€ million
1	Loans and advances1	951	776	2,418	7,512	165	11,822
2	Debt securities	-	615	1,949	1,617	11	4,192
3	Total	951	1,391	4,367	9,129	176	16,014

1. Amounts presented exclude cash balances at central banks, other demand deposits and loans and advances classified as held for sale.

31 December 2023		a	b	c	d	e	f
		Net exposure value
		On demand	<= 1 year	> 1 year <= 5 years	> 5 years	No stated maturity	Total
		€ million	€ million	€ million	€ million	€ million	€ million
1	Loans and advances1	1,000	385	1,630	7,311	59	10,385
2	Debt securities	-	646	1,811	1,084	4	3,545
3	Total	1,000	1,031	3,441	8,395	63	13,930

1. Amounts presented exclude cash balances at central banks and other demand deposits.

Pillar 3 Disclosures 2024

9.2 Non-performing exposures

The tables below disclose NPEs based on the definitions of the EBA standards. The definition of credit impaired loans (Stage 3) is aligned to the EBA NPEs definition. As per the EBA standards and ECB Guidance to Banks on Non-Performing Loans (NPLs) (which was published in March 2017), NPEs are defined as those exposures that satisfy one of the following conditions:

(i) The borrower is assessed as unlikely to pay its credit obligations in full without the realisation of the collateral, regardless of the existence of any past due amount or of the number of days past due.
(ii) Defaulted or impaired exposures as per the approach provided in the CRR, which would also trigger a default under specific credit adjustment, diminished financial obligation and obligor bankruptcy.
(iii) Material exposures as set by the CBC, which are more than 90 days past due.
(iv) Performing forborne exposures under probation for which additional forbearance measures are extended.
(v) Performing forborne exposures previously classified as NPEs that present more than 30 days past due within the probation period.

Exposures are classified as forborne when concessions are made to debtors who are facing or about to face financial difficulties and cannot meet their contractual obligations (Section 9.4).

Non-performing forborne exposures cease to be considered as NPEs and in such case are transferred out of Stage 3, only when all of the following conditions are met:

(i) The extension of forbearance measures does not lead to the recognition of impairment or default.
(ii) A period of one year has passed since the latest of the following events:
- a) The restructuring date
- b) The date the exposure was classified as non-performing
- c) The end of the grace period included in the restructuring arrangements
(iii) Following the forbearance measures and according to the post-forbearance conditions, there is no past due amount or concerns regarding the full repayment of the exposure.
(iv) No Unlikely-to-Pay criteria exist for the debtor.
(v) The debtor has made post-forbearance payments of a non-insignificant amount of capital (different capital thresholds exist according to the facility type).

Non-performing non-forborne exposures cease to be considered as NPEs only when all of the following conditions are met:

(i) At least three months have passed since the date that the conditions for which the exposure was classified as non-performing cease to be met, and within these three months there are no default triggers.
(ii) During the three-month period, the behaviour of the obligor should be taken into account, i.e. there are no arrears/excesses and instalments are being repaid normally.
(iii) During the three-month period, the financial situation of the obligor should be taken into account, i.e. the financial situation of the obligor has improved.
(iv) During the three-month period an Unlikely to Pay criteria assessment is carried out and it is assessed that the obligor can fulfil their obligations without resorting to the liquidation of collateral and there are no other Unlikely-to-Pay criteria.
(v) The obligor does not have any amount past due by more than 90 days.

When a loan facility exits Stage 3, it is transferred to Stage 2 for a probationary period of 6 months. At the end of this period, the significant increase in credit risk (SICR) assessment is performed by comparing the PD at the reporting date with the PD at initial recognition and if PD is assessed to have deteriorated beyond the set thresholds, the loan remains in Stage 2, otherwise the loan is transferred to Stage 1. The reversal of previous unrecognised interest on loans and advances to customers that no longer meet Stage 3 criteria is presented in 'Credit losses to cover credit risk on loans and advances to customers' within 'Credit losses on financial assets'.

9.2 Non-performing exposures (continued)

In September 2024, the Bank entered into an agreement with funds associated with Cerberus Global Investments B.V. to sell a non-performing loan portfolio of mainly corporate secured exposures. In December 2024 the Bank entered into an additional agreement with funds associated with Cerberus Global Investments B.V. for the sale of a non-performing loan portfolio of mainly retail and SME exposures.

Both transactions are subject to the necessary approvals and completion is expected during the first half of 2025. The portfolios are classified as non-current assets held for sale and as at 31 December 2024 the gross book value and net book value amounted to €55 million and €23 million respectively.

The tables below include loans and advances to customers at amortised cost classified as held for sale and loans and advances to customers measured at FVPL.

9.2 Non-performing exposures (continued)

EU CQ3: Credit quality of performing and non-performing exposures by past due days

		a	b	c	d	e	f	g	h	i	j	k	l
		Gross carrying amount/Nominal amount
			Performing exposures			Non-performing exposures
31 December 2024			Not past due or past due ≤30 days	Past due >30 days ≤90 days		Unlikely to pay that are not past due or are Past due ≤90 days	Past due > 90 days ≤180 days	Past due >180 days ≤1 year	Past due >1 year ≤2 years	Past due >2 years ≤5 years	Past due >5 years ≤7 years	Past due >7 years	Of which: defaulted
		€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million
	Cash balances at central
005	banks and other demand	7,623	7,623	-	-	-	-	-	-	-	-	-	-
	deposits
010	Loans and advances
020	Central banks	165	165	-	-	-	-	-	-	-	-	-	-
030	General governments	69	69	-	-	-	-	-	-	-	-	-	-
040	Credit institutions	1,235	1,235	-	-	-	-	-	-	-	-	-	-
050	Other financial corporations	603	603	-	1	-	-	1	-	-	-	-	1
060	Non-financial corporations	4,958	4,954	4	76	62	1	3	3	4	1	2	76
070	Of which SMEs	2,838	2,834	4	63	49	1	3	3	4	1	2	63
080	Households	4,737	4,732	5	125	39	7	9	15	17	6	32	125
		11,767	11,758	9	202	101	8	13	18	21	7	34	202
	Loans and advances classified as held for sale	-	-	-	55	4	1	12	10	8	3	17	55
090	Debt securities
100	Central banks	-	-	-	-	-	-	-	-	-	-	-	-
110	General governments	2,331	2,331	-	-	-	-	-	-	-	-	-	-
120	Credit institutions	1,619	1,619	-	-	-	-	-	-	-	-	-	-
130	Other financial corporations	68	68	-	-	-	-	-	-	-	-	-	-
140	Non-financial corporations	175	175	-	-	-	-	-	-	-	-	-	-
		4,193	4,193	-	-	-	-	-	-	-	-	-	-
150	Off balance sheet exposures
160	Central Bank	-			-								-
170	General governments	13			-								-
180	Credit institutions	64			-								-
190	Other financial corporations	94			-								-
200	Non-financial corporations	1,855			46								46
210	Households	658			6								6
		2,684			52								52
220	Total	26,267	23,574	9	309	105	9	25	28	29	10	51	309

9.2 Non-performing exposures (continued)

EU CQ3: Credit quality of performing and non-performing exposures by past due days

		a	b	c	d	e	f	g	h	i	j	k	l
		Gross carrying amount/Nominal amount
		Performing exposures				Non-performing exposures
	31 December 2023	€ million	Not past due or past due ≤30 days € million	Past due >30 days ≤90 days € million	€ million	Unlikely to pay that are not past-due or are Past due ≤90 days € million	Past due > 90 days ≤180 days € million	Past due >180 days ≤1 year € million	Past due >1 year ≤2 years € million	Past due >2 years ≤5 years € million	Past due >5 years ≤7 years € million	Past due >7 years € million	Of which: defaulted € million
	Cash balances at central
005	banks and other demand	9,738	9,738	-	-	-	-	-	-	-	-	-	-
	deposits
010	Loans and advances
020	Central banks	59	59	-	-	-	-	-	-	-	-	-	-
030	General governments	35	35	-	-	-	-	-	-	-	-	-	-
040	Credit institutions	505	505	-	-	-	-	-	-	-	-	-	-
050	Other financial corporations	252	252	-	1	1	-	-	-	-	-	-	1
060	Non-financial corporations	4,777	4,772	5	155	128	3	5	7	5	3	4	155
070	Of which SMEs	2,893	2,888	5	126	99	3	5	7	5	3	4	126
080	Households	4,573	4,562	11	208	61	9	15	19	25	15	64	208
		10,201	10,185	16	364	190	12	20	26	30	18	68	364
090	Debt securities
100	Central banks	-	-	-	-	-	-	-	-	-	-	-	-
110	General governments	1,919	1,919	-	-	-	-	-	-	-	-	-	-
120	Credit institutions	1,465	1,465	-	-	-	-	-	-	-	-	-	-
130	Other financial corporations	51	51	-	-	-	-	-	-	-	-	-	-
140	Non-financial corporations	111	111	-	-	-	-	-	-	-	-	-	-
		3,546	3,546	-	-	-	-	-	-	-	-	-	-
150	Off balance sheet exposures
160	Central Bank	-			-								-
170	General governments	13			-								-
180	Credit institutions	67			-								-
190	Other financial corporations	32			-								-
200	Non-financial corporations	1,854			54								54
210	Households	645			4								4
		2,611			58								58
220	Total	26,096	23,469	16	422	190	12	20	26	30	18	68	422

9.2 Non-performing exposures (continued)

CR1: Performing and non-performing exposures and related provisions

Accumulated impairment, accumulated negative changes in Gross carrying amount/nominal amount fair value due to credit risk and provisions Non-performing exposures Collateral and financial Performing exposures - accumulated impairment, guarantees received Performing exposures Non-performing exposures accumulated impairment and accumulated negative Accumulated provisions changes in fair value due to 31 December 2024 partial write credit risk and provisions off On On non of which of which of which of which of which of which of which of which performing performing stage 1 stage 2 stage 2 stage 3 stage 1 stage 2 stage 2 stage 3 exposures exposures € million € million € million € million € million € million € million € million € million € million € million € million € million € million € million Cash balances at central 005 banks and other demand 7,623 7,623 - - - - - - - - - - - - - deposits 010 Loans and advances - - - - - - 020 Central banks 165 165 - - - - - - - - - - - - 030 General governments 69 68 1 - - - - - - - - - (2) 68 040 Credit institutions 1,235 1,235 - - - - - - - - - - - 703 050 Other financial corporations 603 555 48 1 - 1 (4) (1) (3) - - - (3) 506 060 Non-financial corporations 4,958 4,389 432 76 - 55 (22) (7) (15) (37) - (26) (204) 4,221 070 Of which SMEs 2,838 2,658 174 63 - 53 (9) (3) (6) (26) - (26) (190) 2,604 36 080 Households 4,737 4,422 294 125 - 115 (26) (4) (21) (58) - (52) (446) 4,246 11,767 10,834 775 202 - 171 (52) (12) (39) (95) - (78) (655) 9,744 Loans and advances - - - 55 - 50 - - - (32) - (29) - - classified as held for sale 090 Debt securities 100 Central banks - - - - - - - - - - - - - - 110 General governments 2,331 2,331 - - - - (1) (1) - - - - - - 120 Credit institutions 1,619 1,619 - - - - - - - - - - - - 130 Other financial corporations 68 57 - - - - - - - - - - - - 140 Non-financial corporations 175 175 - - - - - - - - - - - - 4,193 4,182 - - - - (1) (1) - - - - - - 150 Off-balance-sheet exposures 160 Central banks - - - - - - - - - - - - - 170 General governments 13 11 2 - - - - - - - - - 7 180 Credit institutions 64 64 - - - - - - - - - - - 190 Other financial corporations 94 85 9 - - - - - - - - - 50 200 Non-financial corporations 1,855 1,661 185 46 - 45 - - - (18) - (18) 896 210 Households 658 604 31 6 - 6 - - - - - - 210 2,684 2,425 227 52 - 51 - - - (18) - (18) 1,163 220 Total 26,267 25,064 1,002 309 - 272 (53) (13) (39) (145) - (125) (655) 10,907			a	b	c	d	e	f	g	h	i	j	k	l	m	n	o





- - - - 38 66 104 23 - - - - - - - - - - 3 1 4 131

9.2 Non-performing exposures (continued)

CR1: Performing and non-performing exposures and related provisions

		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o
					Gross carrying amount/nominal amount			Accumulated impairment, accumulated negative changes in fair value due to credit risk and provisions
31 December 2023		Performing exposures			Non-performing exposures			Performing exposures - accumulated impairment and provisions			Non-performing exposures accumulated impairment, accumulated negative changes in fair value due to credit risk and provisions			Accumulated partial write off	Collateral and financial guarantees received
			of which stage 1	of which stage 2		of which stage 2	of which stage 3		of which stage 1	of which stage 2		of which stage 2	of which stage 3		On performing exposures	On non performing exposures
		€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million		€ million € million € million		€ million	€ million	€ million
	005 Cash balances at central banks and other demand deposits	9,738	9,738	-	-	-	-	(1)	(1)	-	-	-	-	-	-	-
	010 Loans and advances
	020 Central banks	59	59	-	-	-	-	-	-		- -	-	-	-	-	-
	030 General governments	35	34	1	-	-	-	-	-		- -	-	-	-	34	-
	040 Credit institutions	505	505	-	-	-	-	-	-		- -	-	-	-	426	-
	050 Other financial corporations	252	211	41	1	-	1	(4)	(1)	(3)	-	-	-	(3)	193	-
	060 Non-financial corporations	4,777	3,993	607	155	-	137	(31)	(16)	(11)	(61)	-	(48)	(219)	4,187	89
070	Of which SMEs	2,893	2,560	313	126	-	108	(18)	(9)	(7)	(48)	-	(36)	(184)	2,619	75
	080 Households	4,573	4,037	512	208	-	189	(25)	(7)	(16)	(59)	-	(56)	(766)	4,109	145
		10,201	8,839	1,161	364	-	327	(60)	(24)	(30)	(120)	-	(104)	(988)	8,949	234
	090 Debt securities
	100 Central banks	-	-	-	-	-	-	-	-		- -	-	-	-	-	-
	110 General governments	1,919	1,919	-	-	-	-	(1)	(1)		- -	-	-	-	-	-
	120 Credit institutions	1,465	1,465	-	-	-	-	-	-		- -	-	-	-	-	-
	130 Other financial corporations	51	47	-	-	-	-	-	-		- -	-	-	-	-	-
	140 Non-financial corporations	111	111	-	-	-	-	-	-		- -	-	-	-	-	-
		3,546	3,542	-	-	-	-	(1)	(1)	-	-	-	-	-	-	-
	150 Off-balance-sheet exposures
	160 Central banks	-	-	-	-	-	-	-	-		- -	-	-	-	-	-
	170 General governments	13	11	2	-	-	-	-	-		- -	-	-		7	-
	180 Credit institutions	67	67	-	-	-	-	-	-		- -	-	-		-	-
	190 Other financial corporations	32	22	10	-	-	-	-	-		- -	-	-		10	-
	200 Non-financial corporations	1,854	1,484	336	54	-	53	-	-		- (19)	-	(19)		922	4
	210 Households	645	571	43	4	-	4	-	-		- -	-	-		185	-
		2,611	2,155	391	58	-	57	-	-	-	(19)	-	(19)		1,124	4
	220 Total		26,096 24,274	1,552	422	-	384	(62)	(26)	(30)	(139)	-	(123)	(988)	10,073	238

The NPEs (under the statutory basis) at 31 December 2024 amounted to €257 million compared to €364 million at 31 December 2023. New loans originated or purchased and drawdowns of existing facilities during 2024 amounted to c€2.3 billion.

9.2 Non-performing exposures (continued)

CQ4: Quality of non-performing exposures by geography

		a	b	c	d	e	f	g
			Gross c a rrying/nomina	l a mount			Provisions on off	Ac c umula te d
3 1 De c e mbe r 2 0 2 4			Of whic h non-	pe rforming	Of whic h	Ac c umula te d	ba la nc e she e t c ommitme nts a nd	ne ga tive c ha nge s in fa ir va lue due to
			Of whic h de fa ulte d		subje c t to impa irme nt	impa irme nt	fina nc ia l gua ra nte e s give n	c re dit risk on non pe rforming e xposure s
		€ million	€ million	€ million	€ million	€ million	€ million	€ million
010	1 On- ba la nc e she e t
020	Cyprus	10,478	187	187	10,347	(134)		-
030	Ireland	489	-	-	489	-		-
040	France	701	-	-	701	-		-
050	Greece	407	-	-	407	(1)		-
060	Germany	699	-	-	699	-		-
070	Other countries	3,388	15	15	3,377	(13)		-
		16,162	202	202	16,020	(148)		-
080	Off- ba la nc e she e t
090	Cyprus	2,559	37	37			(5)
100	France	3	-	-			-
110	Greece	86	14	14			(13)
120	Germany	4	-	-			-
130	Other countries	84	1	1			-
		2,736	52	52			(18)
150	Tota l	18,898	254	254	16,020	(148)	(18)	-

Amounts presented exclude cash balances at central banks, other demand deposits and loans and advances classified as held for sale.

For the above analysis a materiality threshold of 2% on total gross exposures was used to evaluate the material countries. In row "other countries", all immaterial countries were included (please refer to the list of immaterial countries below). As per the above table, 65% of the gross on balance sheet exposures of the Group are in Cyprus.

9.2 Non-performing exposures (continued)

CQ4: Quality of non-performing exposures by geography

"Other countries" included in on-balance sheet exposure:

Marshall Islands, United Kingdom, United States, Liberia, Ireland, France, British Virgin Islands, Luxembourg, Netherlands, Spain, Finland, Russian Federation, United Arab Emirates, Romania, Israel, Islamic Republic of Iran, South Africa, Germany, Australia, Switzerland, Ukraine, Bahrain, Sweden, Saudi Arabia, Kazakhstan, China, Lebanon, Canada, Austria, Italy, Cameroon, Singapore, Qatar, Kuwait, Vietnam, Belgium, Serbia, Azerbaijan, Pakistan, Latvia, Poland, Armenia, Norway, Jordan, Thailand, Belarus, Portugal, Monaco, Botswana, Egypt, Montenegro, Syrian Arab Republic, Malta, Denmark, Slovakia, Iceland, Czech Republic, Seychelles, Hungary, Japan, Paraguay, Bahamas, Brazil, Kyrgyzstan, Mexico, Hong Kong, Bulgaria, Zambia, Belize, Lithuania, Republic of Moldova, Mauritius, Croatia, Uzbekistan, Philippines, Zimbabwe, Estonia, Andorra, Cote d'Ivoire, Malaysia, Albania, Republic of North Macedonia, El Salvador, Georgia, St Kitts and Nevis, Dominican Republic, India, Curacao, Kenya, Gibraltar, Isle of Man, Nigeria, New Zealand, Libyan Arab Jamah, The Democratic Republic of Congo, Turkmenistan, Panama, Uganda, Sri Lanka, Oman, Argentina, Bermuda, Colombia, Indonesia, Slovenia, United Republic of Tanzania, Tajikistan.

9.2 Non-performing exposures (continued)

CQ4: Quality of non-performing exposures by geography

31 December 2023		a	b	c d		e	f	g
			Gross carrying/nominal amount				Provisions on off balance sheet	Accumulated negative changes in
			Of which non-performing		Of which	Accumulated impairment	commitments and	fair value due to credit risk on non
				Of which defaulted	subject to impairment		financial guarantees given	performing exposures
		€ million	€ million	€ million	€ million	€ million	€ million	€ million
010	1 On-balance sheet
020	Cyprus	10,190	328	328	10,051	(173)		-
030	Ireland	508	-	-	508	-		-
040	France	314	-	-	314	-		-
050	Greece	280	-	-	280	(1)		-
060	Germany	278	-	-	278	-		-
070	Other countries	2,541	36	36	2,538	(7)		-
		14,111	364	364	13,969	(181)		-
080	Off-balance sheet
090	Cyprus	2,503	43	43			(5)
100	France	3	-	-			-
110	Greece	66	14	14			(14)
120	Germany	2	-	-			-
130	Other countries	95	1	1			-
		2,669	58	58			(19)
150	Total	16,780	422	422	13,969	(181)	(19)	-

Amounts presented exclude cash balances at central banks and other demand deposits.

For the above analysis a materiality threshold of 2% on total gross exposures was used to evaluate the material countries. In row "other countries", all immaterial countries were included (please refer to the list of immaterial countries below). As per the above table, 72% of the gross on balance sheet exposures of the Group are in Cyprus showing the commitment of the Group to support the local economy.

Pillar 3 Disclosures 2024

9.2 Non-performing exposures (continued)

CQ4: Quality of non-performing exposures by geography

"Other countries" included in on-balance sheet exposure:

Finland, Marshall Islands, Netherlands, Belgium, Norway, United Kingdom, Austria, Sweden, Spain, Japan, Israel, Saudi Arabia, Australia, Iceland, Liberia, Croatia, United States, Italy, Luxembourg, Denmark, British Virgin Islands, Slovakia, Jersey C.I., New Zealand, Russian Federation, Poland, Bulgaria, Romania, United Arab Emirates, Iran (Islamic Republic), Slovenia, South Africa, Switzerland, Ukraine, Bahrain, Canada, Kazakhstan, Qatar, China, Lebanon, Cameroon, Singapore, Kuwait, Azerbaijan, Latvia, Armenia, Jordan, Botswana, Thailand, Belarus, Serbia, Monaco, Egypt, Montenegro, Syrian Arab Republic, Malta, Portugal, Taiwan, Czech Republic, Barbados, Seychelles, Zimbabwe, Hungary, Bahamas, Paraguay, Uganda, Kenya, Mexico, Oman, Turkey, Hong Kong, Kyrgyzstan, Bosnia-Herzegovina, Zambia, Belize, Lithuania, Republic of Moldova, St Kitts and Nevis, Panama, Gibraltar, Mauritius, Malaysia, Uzbekistan, Vietnam, Gambia, Cote d'Ivoire, Dominican Republic, Estonia, Philippines, India, Nigeria, Brazil, Cayman Islands, Andorra, Curacao, Georgia, North Macedonia, Isle of Man, El Salvador, Ghana, The Democratic Republic of Congo, Libyan Arab Jamah, Turkmenistan, Argentina, Sri Lanka, United Republic of Tanzania, Albania, Republic of Yemen, Korea, Bangladesh, Pakistan.

9.2 Non-performing exposures (continued)

The tables below provide an overview of the credit quality of loans and advances to non-financial corporations and related impairments, provisions and valuation adjustments by industry.

EU CQ5: Credit quality of loans and advances to non-financial corporations by industry

		a	b	c	d	e	f
			Gross carrying amount		Accumulated
			Of which non-performing		Of which		negative changes in fair
	31 December 20241			Of which defaulted	loans and advances subject to impairment	Accumulated impairment	value due to credit risk on non performing exposures
		€ million	€ million	€ million	€ million	€ million	€ million
010	Agriculture, forestry and fishing	41	2	2	41	(1)	-
020	Mining and quarrying	8	-	-	8	-	-
030	Manufacturing	314	3	3	314	(2)	-
040	Electricity, gas, steam and air conditioning supply	99	-	-	99	-	-
050	Water supply	20	-	-	20	-	-
060	Construction	484	2	2	484	(9)	-
070	Wholesale and retail trade	891	16	16	891	(9)	-
080	Transport and storage	551	-	-	551	(1)	-
090	Accommodation and food service activities	1,150	2	2	1,019	(3)	-
100	Information and communication	50	-	-	50	-	-
110	Financial and insurance activities	-	-	-	-	-	-
120	Real estate activities	892	22	22	892	(13)	-
130	Professional, scientific and technical activities	296	27	27	296	(17)	-
140	Administrative and support service activities	58	1	1	58	(1)	-
150	Public administration and defence, compulsory social security	-	-	-	-	-	-
160	Education	66	-	-	66	(1)	-
170	Human health services and social work activities	67	-	-	67	(1)	-
180	Arts, entertainment and recreation	19	-	-	19	-	-
190	Other services	28	1	1	28	(1)	-
200	Total	5,034	76	76	4,903	(59)	-

1 Amounts presented exclude loans and advances to customers classified as held for sale.

9.2 Non-performing exposures (continued)

EU CQ5: Credit quality of loans and advances to non-financial corporations by industry

		a	b	c	d	e	f
			Gross carrying amount				Accumulated
			Of which non-performing		Of which		negative
	31 December 2023			Of which defaulted	loans and advances subject to impairment	Accumulated impairment	changes in fair value due to credit risk on non performing exposures
		€ million	€ million	€ million	€ million	€ million	€ million
010	Agriculture, forestry and fishing	42	1	1	42	-	-
020	Mining and quarrying	8	-	-	8	-	-
030	Manufacturing	360	4	4	360	(5)	-
040	Electricity, gas, steam and air conditioning supply	87	-	-	87	(2)	-
050	Water supply	5	-	-	5	-	-
060	Construction	485	25	25	485	(9)	-
070	Wholesale and retail trade	870	38	38	870	(24)	-
080	Transport and storage	345	-	-	345	(1)	-
090	Accommodation and food service activities	1,168	14	14	1,030	(10)	-
100	Information and communication	50	1	1	50	(1)	-
110	Financial and insurance activities	-	-	-	-	-	-
120	Real estate activities	1,020	40	40	1,020	(23)	-
130	Professional, scientific and technical activities	276	27	27	276	(13)	-
140	Administrative and support service activities	39	-	-	39	(1)	-
150	Public administration and defence, compulsory social	-	-	-	-	-	-
160	Education	63	2	2	63	(1)	-
170	Human health services and social work activities	68	-	-	68	(1)	-
180	Arts, entertainment and recreation	20	1	1	20	-	-
190	Other services	26	2	2	26	(1)	-
200	Total	4,932	155	155	4,794	(92)	-

9.2. Non-performing exposures (continued)

The tables below disclose the movements (inflows and outflows) of NPEs:

EU CR2: Changes in the stock of non-performing loans and advances

		a	a
		31 December 2024 31 December 2023
		Gross carrying amount	Gross carrying amount
		€ million	€ million
010	Initial stock of non-performing loans and advances to customers	364	408
020	Inflows to non-performing portfolios	81	170
030	Outflows from non-performing portfolios	(243)	(214)
040	Outflows due to write-offs	(38)	(74)
050	Outflow due to other situations	(205)	(140)
060	Final stock of non-performing loans and advances to customers (excluding loans and advances classified a s held for sale)	202	364

EU CR2a: Changes in the stock of non-performing loans and advances and related net accumulated recoveries

		a	b	a	b
			31 December 2024		31 December 2023
		Gross carrying amount	Related net accumulated recoveries	Gross carrying amount	Related net accumulated recoveries
		€ million	€ million	€ million	€ million
010	Initial stock of non-performing loans and advances to customers	364		408
020	Inflows to non-performing portfolios (including accrued interest)	81		170
030	Outflows from non-performing portfolios	(243)		(214)
040	Outflow to performing portfolio	(38)		(34)
050	Outflow due to loan repayment, partial or total	(88)		(90)
060	Outflow due to collateral liquidations	-	-	-	-
070	Outflow due to taking possession of collateral	(24)	18	(16)	14
080	Outflow due to sale of instruments	-	-	-	-
090	Outflow due to risk transfers	-	-	-	-
100	Outflow due to write-offs	(38)		(74)
110	Outflow due to other situations	-		-
120	Outflow due to reclassification as held for sale	(55)		-
130	Final stock of non-performing loans and advances to customers (excluding loans and advances classified as held for sale)	202		364

9.2 Non-performing exposures (continued)

NPEs, as defined by EBA and excluding loans and advances classified as held for sale, were reduced by €162 million during 2024, accounting for 1.9% of gross loans, compared to 3.6% of gross loans as at 31 December 2023.

Collateral obtained by taking possession

In the context of its loan restructuring activities, the Group hold properties in exchange for the settlement of its customers' borrowings.

REMU completed disposals of €175 million in the year ended 31 December 2024, resulting in a gain on disposal of €1 million, compared to €172 million disposals in the year ended 31 December 2023 at a profit of approximately €11 million. Asset disposals are across all property classes, with 44% of sales in gross sale value in the year ended 31 December 2024 relating to land.

EU CQ7: Collateral obtained by taking possession and execution processes

		a	b
		Collateral obtained by taking possession
	31 December 2024	Value at initial recognition	Accumulated negative changes
		€ million	€ million
010	Property, plant and equipment (PP&E)	23	(1)
020	Other than PP&E	880	(225)
030	Residential immovable property	270	(34)
040	Commercial immovable property	242	(74)
050	Movable property (auto, shipping, etc .)	-	-
060	Equity and debt instruments	67	(41)
070	Other collateral	301	(76)
080	Total	903	(226)

		a b Collateral obtained by taking possession

	31 December 2023	Value at initial recognition	Accumulated negative changes
		€ million	€ million
010	Property, plant and equipment (PP&E)	23	(1)
020	Other than PP&E	1,053	(200)
030	Residential immovable property	313	(28)
040	Commercial immovable property	341	(72)
050	Movable property (auto, shipping, etc .)	-	-
060	Equity and debt instruments	67	(34)
070	Other collateral	332	(66)
080	Total	1,076	(201)

9.2 Non-performing exposures (continued)

EU CQ8: Collateral obtained by taking possession and execution processes – vintage breakdown

31 D ecember 2024		a	b	c	d	e	f	g	h	i	j	k	l
		D ebt balance reductio	n			T o tal co llateral o btained by taking po ssessio n
			A ccumulated			F o reclo sed ≤2 ye a rs		F o reclo sed >2 years ≤5 years		F o reclo sed >5 years		Of which: no n current assets held fo r sale
		Gro ss carrying negative amo unt changes		Value at initial reco gnitio n	A ccumulated negative changes	Value at initial reco gnitio n	A ccumulated negative changes	Value at initial reco gnitio n	A ccumulated negative changes	Value at initial reco gnitio n	A ccumulated negative changes	Value at initial reco gnitio n	A ccumulated negative changes
		€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n
010	C o llateral o btained b y taking po ssessio n classified as P P &E	36	-	23	(1)
020	C o llateral o btained b y taking po ssessio n o ther than classified as P P &E	1,436	(525)	880	(225)	30	-	80	(1)	770	(224)	-
030	Residential immovable property	424	(142)	270	(34)	1	1 -	1 7	(1)	242	(33)	-
040	Commercial immovable property	810	(312)	242	(74)	1	5 -		6 -	221	(74)	-
050	M ovable property	-	-	-	-	-	-	-	-	-	-	-
060	Equity and debt instruments	5 3	(11)	6 7	(41)	-	-	-	-	6 7	(41)	-
				301	(76)		4 -	5	7 -	240	(76)	-
070	Other collateral	149	(60)

9.2 Non-performing exposures (continued)

EU CQ8: Collateral obtained by taking possession and execution processes – vintage breakdown

		a	b	c	d	e	f	g	h	i	j	k	l
31 D ecember 2023		D ebt balance reductio	n	T o tal co llateral o btained by taking po ssessio n
		A ccumulated Gro ss carrying negative amo unt changes			F o reclo sed >2 years ≤5 Of which: no F o reclo sed ≤2 F o reclo sed >5 years ye a rs years held fo								n current assets r sale
				Value at initial reco gnitio n	A ccumulated negative changes	Value at initial reco gnitio n	A ccumulated negative changes	Value at initial reco gnitio n	A ccumulated negative changes	Value at initial reco gnitio n	A ccumulated negative changes	Value at initial reco gnitio n	A ccumulated negative changes
		€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n
010	C o llateral o btained b y taking po ssessio n classified as P P &E	36	-	23	(1)
020	C o llateral o btained b y taking po ssessio n o ther than classified as P P &E	1,634	(615)	1,053	(200)	91	-	119	(2)	843	(198)	-
030	Residential immovable property	423	(146)	313	(28)	13	-	50	(1)	250	(27)	-	-
040	Commercial immovable property	955	(349)	341	(72)	22	-	53	(1)	266	(71)	-	-
050	M ovable property	-	-	-	-	-	-	-	-		- -	-	-
060	Equity and debt instruments	53	(11)	67	(34)	-	-	-	-	67	(34)	-	-
070	Other collateral	203	(109)	332	(66)	56	-	16	-	260	(66)	-
080 T	o tal	1,670	(615)	1,076	(201)	91	-	119	(2)	843	(198)	-	-

9.2 Non-performing exposures (continued)

EU CQ6: Collateral valuation - loans and advances

		a	b	c	d	e	f	g	h	i	j	k	l
						Lo	ans and advances to	custo	mers
ecember 2024 1 31 D		P erfo rming					N o n perfo rming P ast due > 90 days
				Of which past due > 30 days ≤90 days		Unlikely to pay that are no t past due o r past due ≤90 days		Of which past due > 90 days ≤18 0 da ys	Of which past due > 180 days ≤1 ye a r	Of which past due > 1 year ≤2 years	Of which past due > 2 years ≤5 years	Of which past due > 5 years ≤7 years	Of which past due > 7 years
		€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n
010	Gro ss carrying amo unt	11.969	11.767	9	202	101	101	8	13	18	2 1	7	3 4
020	Of which: Secured	1 0 .4 1 4	1 0 .2 3 5	8	179	9 5	8 4	5	9	1 4	1 7	6	3 3
030	Of which: Secured with immovable Property	8 .1 1 7	7 .9 4 2	7	175	9 3	8 2	5	9	1 4	1 7	6	3 1
040	Of which: Instruments with LTV higher than 60% and lower or equal to 80%	1 .1 2 1	1 .0 9 6		2 5	1 7	8
050	Of which: Instruments with LTV higher than 80% and lower or equal to 100%	182	171		1 1	7	4
060	Of which: Instruments with LTV higher than 100%	429	408		2 1	1 7	4
070	A ccumulated impairment fo r secured assets	(118)	(43)	-	(75)	(41)	(34)	(2)	(4)	(6)	(7)	(2)	(13)
080	C o llateral
090	Of which value capped at the value of exposure	9.769	9.666	7	103	53	50	4	5	8	10	5	18
100	Of which: Immovable Property	7.316	7.217	7	99	51	48	3	5	8	10	4	18
110	Of which value above the cap	9.824	9.403	8	421	201	220	8	11	20	34	23	124
120	Of which: Immovable Property	8.539	8.157	8	382	182	200	8	11	20	34	23	104
130	F inancial guarantees received	79	79	-	-	-	-	-	-	-	-	-	-
140	A ccumulated partial write o ff	(655)	(76)	-	(579)	(42)	(537)	(1)	(3)	(75)	(62)	(29)	(367)

¹ Amounts presented exclude loans and advances to customers classified as held for sale.

9.2 Non-performing exposures (continued)

EU CQ6: Collateral valuation - loans and advances

		a	b	c	d	e	f	g	h	i	j	k	l
								Loans and advances to customers
		Performing			Non performing Past due > 90 days
31 December 2023				Of which past due > 30 days ≤90 days		Unlikely to pay that are not past due or past due ≤90 days		Of which past due > 90 days ≤180 days	Of which past due > 180 days ≤1 year	Of which past due > 1 year ≤2 years	Of which past due > 2 years ≤5 years	Of which past due > 5 years ≤7 years	Of which past due > 7 years
			€ million € million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million
010	Gross carrying amount	10,565	10,201	1 6	364	190	174	1 2	2 0	2 6	3 0	1 8	6 8
020	Of which: Secured	9,307	8,966	1 4	341	180	161	1 0	1 7	2 3	2 8	1 7	6 5
030	Of which: Secured with immovable Property	8,185	7,852	1 4	333	175	158	1 0	1 6	2 2	2 7	1 7	6 5
040	Of which: Instruments with LTV higher than 60% and lower or equal to 80%	1,240	1,178		6 2	4 6	1 6
050	Of which: Instruments with LTV higher than 80% and lower or equal to 100%	246	219		2 7	2 0	7
060	Of which: Instruments with LTV higher than 100%	440	390		5 0	4 4	6
070	Accumulated impairment for secured assets	(142)	(40)	(1)	(102)	(64)	(38)	(2)	(5)	(8)	(9)	(5)	(9)
080	Collateral
090	Of which value capped at the value of exposure	9,130	8,897	1 3	233	111	122	8	1 2	1 5	1 9	1 3	5 5
100	Of which: Immovable Property	7,315	7,088	1 3	227	109	118	7	1 2	1 4	1 8	1 2	5 5
110	Of which value above the cap	9,488	8,907	1 5	581	229	352	1 2	1 8	3 0	5 2	4 3	197
120	Of which: Immovable Property	8,260	7,718	1 5	542	216	326	1 2	1 8	3 0	5 1	4 3	172
130	Financial guarantees received	5 3	5 2	-	1	-		1 -	-	-	-	-	1
140	Accumulated partial write off	(988)	(78)	-	(910)	(51)	(859)	(2)	(77)	(11)	(80)	(40)	(650)

9.3 Credit Risk Adjustments

9.3.1 ECL of Loans and Advances to Customers

Individually assessed loans

The individual assessment is performed not only for individually significant performing and non-performing exposures, but also for other exposures meeting specific criteria and thresholds determined by Credit Risk Management. A risk-based approach is used on the selection criteria of the individually assessed population which include, among others, forborne exposures, exposures with significant decrease in the yearly credit turnover and/or in assigned collaterals. Also, significant Stage 1 exposures within sectors assessed by Credit Risk Management to be highly impacted by one or more factors or events (such as a global or local economic/market/regulatory/geopolitical development) are assessed for potential increase in credit risk and significant exposures that have transitioned to Stage 2 from Stage 1 are assessed for potential indications of unlikeness to pay.

The ECL for individually assessed stage 3 assets is calculated on an individual basis and all relevant considerations of the expected future cash flows are taken into account (for example, the business prospects for the customer, the realisable value of collateral, the Group's position relative to other claimants, the reliability of customer information and the likely cost and duration of the work out process).

Collectively assessed loans

All customer exposures that are not individually assessed are assessed on a collective basis. For the purposes of calculating ECL, exposures are grouped into granular portfolios/segments with shared risk characteristics. The granularity is based on different levels of segmentation which, among other factors include customer type, exposure class and portfolio type. The granularity for the IFRS 9 segments is aligned with the Internal Rating Based (IRB) segmentation of the CRR.

In accordance with Article 1(2) Commission Delegated Regulation (EU) No. 183/2014 the criteria for the distinction between General Credit Risk Adjustments and Specific Credit Risk Adjustments has to be that general provisions are freely available to meet losses which subsequently materialise. In addition, amounts included in the calculation of General Credit Risk Adjustments should be fully available, as regards to timing and amount, to meet such losses, at least on a gone-concern basis. The Group concluded that both credit risk adjustments from individually and collectively assessed loans, are Specific Credit Risk Adjustments.

9.3.2 Credit Risk Adjustments recorded to Income Statement

Credit losses on financial assets	2024	2023
	€ million	€ million
Credit losses to cover credit risk on loans and advances to customers
Impairment net of reversals on loans and advances to customers	47	82
Recoveries of loans and advances to customers previously written off	(13)	(15)
Changes in expected cash flows	(1)	5
Financial guarantees and commitments	(1)	1
	32	73
Credit losses on other financial instruments
Other financial assets	-	7
	-	7

9.4 Forbearance/Restructuring

Forborne/restructured loans and advances are those loans and advances that have been modified because the borrower is considered unable to meet the terms and conditions of the contract due to financial difficulties. Taking into consideration these difficulties, the Group decides to modify the terms and conditions of the contract to provide the borrower with the ability to service the debt or refinance the contract, either partially or fully. They include the facilities for which the Group has modified the repayment programme (e.g. provision of a grace period, suspension of the obligation to repay one or more instalments, reduction in the instalment amount and/or elimination of overdue instalments relating to capital or interest).

The practice of extending forbearance/restructuring measures constitutes a grant of a concession whether temporarily or permanently to that borrower. A concession may involve restructuring the contractual terms of a debt or payment in some form other than cash, such as an arrangement whereby the borrower transfers collateral pledged to the Group.

For an account to qualify for forbearance/restructuring it must meet certain criteria including the viability of the customer. The extent to which the Group reschedules accounts that are eligible under its existing policies may vary depending on its view of the prevailing economic conditions and other factors which may change from year to year. In addition, exceptions to policies and practices may be allowed in specific situations in response to legal or regulatory requirements.

Forbearance/restructuring activities may include measures that restructure the borrower's business (operational restructuring) and/or measures that restructure the borrower's financing (financial restructuring).

Forbearance/restructuring options may be of a short or long-term nature or combination thereof. The Group has developed and deployed sustainable restructuring solutions, which are suitable for the borrower and acceptable for the Group.

Short term restructuring solutions are defined as restructured repayment solutions of duration of less than two years. In the case of loans for the construction of commercial property and project finance, a short-term solution may not exceed one year.

The loans forborne continue to be classified as Stage 3 in the case they are performing forborne exposures under probation for which additional forbearance measures are extended, or performing forborne exposures, previously classified as NPEs that present more than 30 days past due within the probation period.

Forbearance modifications of loans and advances that do not affect payment arrangements, such as restructuring of collateral or security arrangements, are not regarded as sufficient to categorise the facility as credit impaired, as by themselves they do not necessarily indicate credit distress affecting payment ability such that would require the facility to be classified as NPE.

The forbearance characteristic contributes in two specific ways for the calculation of lifetime ECL for each individual facility. Specifically, it is taken into consideration in the scorecard development, where, if this characteristic is identified as statistically significant, it affects negatively the rating of each facility. It also contributes in the construction through the cycle probability of default and cure curves, where, when feasible, a specific curve for the forborne products is calculated and assigned accordingly.

The forborne loans classification is discontinued when all EBA criteria for the discontinuation of the classification as forborne exposure are met. The criteria are set out in the EBA Final draft Implementing Technical Standards (ITS) on supervisory reporting and non-performing exposures.

9.4 Forbearance/Restructuring (continued)

The tables below provide an overview of the quality of forborne exposures as per Commission Implementing Regulation (EU) No 680/2014.

EU CQ1: Credit quality of forborne exposures

		a	b	c	d	e	f	g	h
			Gross carrying amount/nominal amount of exposures	with forbearance measures			Accumulated impairment, accumulated negative changes in fair value due to credit risk and provisions	Collateral received and financial guarantees received on forborne exposures
	31 December 2024			Non-performing forborne
		Performing forborne		Of which: defaulted	Of which: impaired	On performing forborne exposures	On non performing forborne exposures		Of which: collateral and financial guarantees received on non performing exposures with forbearance measures
		€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million
005	Cash balances at central banks and other demand deposits	-	-	-	-	-	-	-	-
010	Loans and advances
020	Central banks	-	-	-	-	-	-	-	-
030	General governments	-	-	-	-	-	-	-	-
040	Credit institutions	-	-	-	-	-	-	-	-
050	Other financial corporations	34	-	-	-	(1)	-	34	-
060	Non-financial corporations	154	57	57	57	(4)	(29)	169	28
070	Households	69	53	53	53	(5)	(19)	87	32
		257	110	110	110	(10)	(48)	290	60
	Loans and advances to customers classified as held for sale	-	15	15	15	-	(8)	8	8
080	Debt securities	-	-	-	-	-	-	-	-
090	Loans commitments given	-	1	1	1	-	-	-	-
100	Total	257	126	126	126	(10)	(56)	298	68

9.4 Forbearance/Restructuring (continued)

EU CQ1: Credit quality of forborne exposures

31 December 2023		a	b	c	d	e	f	g	h
			Gross carrying amount/nominal amount of exposures with forbearance measures				Accumulated impairment, accumulated negative changes in fair value due to credit risk and provisions	Collateral received and financial guarantees received on forborne exposures
				Non-performing forborne
		Performing forborne		Of which: defaulted	Of which: impaired	On performing forborne exposures	On non performing forborne exposures		Of which: collateral and financial guarantees received on non performing exposures with forbearance measures
		€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million
005	Cash balances at central banks and other demand deposits	-	-	-	-	-	-	-	-
010	Loans and advances
020	Central banks	-	-	-	-	-	-	-	-
030	General governments	-	-	-	-	-	-	-	-
040	Credit institutions	-	-	-	-	-	-	-	-
050	Other financial corporations	1	-	-	-	-	-	1	-
060	Non-financial corporations	164	95	95	95	(4)	(33)	208	58
070	Households	100	96	96	96	(5)	(25)	152	69
		265	191	191	191	(9)	(58)	361	127
080	Debt securities	-	-	-	-	-	-	-	-
090	Loans commitments given	9	1	1	1	-	-	5	-
100	Total	274	192	192	192	(9)	(58)	366	127

Forborne loans and advances excluding loans and advances classified as held for sale and as defined by EBA were reduced by €89 million during 2024.

9.4 Forbearance/Restructuring (continued)

EU CQ2: Quality of forbearance

The table below presents the gross carrying amount of loans and advances, excluding loans and advances classified as held for sale, that had been granted forbearance measures in the past and more than twice and the gross carrying amount of NPE forborne loans and advances that are in the category of NPE forborne loans and advances under the cure period of 1 year and that failed to comply with the forbearance measures after the 12-month cure period and therefore did not succeed in moving towards performing forborne status but retained NPE forborne within cure period status.

		a	b
			Gross carrying amount of forborne exposures
		2024	2023
		€ million	€ million
010	Loans and advances that have been forborne more than twice	116	6 7
020	Non-performing forborne loans and advances that failed to meet the non-performing exit criteria	1 9	2 6

9.5 Exposures in Equities in the Banking Book

The Group holds certain legacy equity securities and certain equity securities obtained from customers in satisfaction of debt. The intention, in line with an ALCO decision, is to run this portfolio down.

Listed equity securities are measured at fair value, being the market value of these securities on a recognised stock exchange. Unlisted securities are also measured at fair value, which is determined using valuation models with inputs form both, market observable data and non-observable data. These models are periodically reviewed by qualified personnel.

Model inputs for valuation

Observable inputs to the models for the valuation of unquoted equity and debt securities include, where applicable, current and expected market interest rates, market expected default rates, market implied country and counterparty credit risk and market liquidity discounts.

The Group irrevocably made the election to classify its equity investments as equity investments at FVOCI on the basis that these are not held for trading. Equity investments at FVOCI comprise mainly investments in private Cyprus registered companies, acquired through loan restructuring activity and specifically through debt for equity swaps.

The carrying value of the Group's equity securities, per the accounting scope consolidation, at 31 December 2024 at FVOCI amounts to €9 million (2023: €12 million) and at FVPL €1 million (2023: €1 million) and it is equal to their fair value, analysed as follows:

	2024	2023
	€ million	€ million
Listed on the CSE	-	1
Listed on other stock exchanges	1	1
Unlisted	9	1 1
Total	1 0	1 3

During the year ended 31 December 2024 holdings of an equity investment measured at FVOCI with a carrying value of c€1 million have been disposed of (2023: c€1 million).

10. Asset Encumbrance

Asset encumbrance arises from collateral pledged against secured funding and other collateralised obligations.

An asset is classified as encumbered if it has been pledged as collateral against secured funding and other collateralised obligations and, as a result, is no longer available to the Group for further collateral or liquidity requirements. An asset is classified as unencumbered if it has not been pledged as collateral against secured funding and other collateralised obligations.

The regulatory consolidation scope used for the purpose of the disclosures on asset encumbrance in the Report is in line with the scope retained for the application of the liquidity requirements on a consolidated basis as defined in Chapter 2 of Title I of Part Two CRR, which is used to define (E) High Quality Liquid Assets (HQLA) eligibility. There is no intragroup encumbrance, nor any encumbrance of assets or source of encumbrance by any significant currencies other than the reporting currency.

Asset encumbrance indicator is part of the Liquidity Limit Framework as well as the Public Funding Policy and Collateral Management Policy. It is used as a management indicator and not as a critical limit. It is a Recovery Plan Early Warning Indicator and an LCP Early Warning Indicator. It provides a signal that the management can combine with other indicators and tools to decide if any action is deemed necessary. It also ensures that no excessive assets encumbrance occurs without a justified reason. The ratio is monitored quarterly.

All tables below are based on EBA reporting templates pertaining to Asset Encumbrance under CRD. The values presented, including totals, are median values based on quarter end point-in-time (PiT) figures covering the years ended 31 December 2024 and 31 December 2023.

10.1 Encumbered and Unencumbered Assets by Asset Type

EU AE1 - Encumbered and unencumbered assets

	EU AE1 - Encumbered and unencumbered assets
2024		Ca rrying a mount of e nc umbe re d a sse ts		Fa ir va lue of e nc umbe re d a sse ts		Ca rrying a mount of une nc umbe re d a sse ts		Fa ir va lue of une nc umbe re d a sse ts

				€ million	€ million	€ million	€ million	€ million	€ million
010	Asse ts	3 ,5 0 9	4 0			2 1,2 0 2	10 ,6 4 4
030	Equity instrume nts	-	-	-	-	16	-	16	-
040	De bt se c uritie s	4 0	4 0	4 1	4 1	3 ,8 7 9	3 ,3 9 6	3 ,8 8 7	3 ,4 0 7
050	of which: covered bonds	-	-	-	-	387	387	389	389
060	of which: securitisations	-	-	-	-	-	-	-	-
070	of which: issued by general goverments	35	35	36	36	2,131	2,131	2,142	2,142
080	of which: issued by financial corporations	5	5	5	5	1,590	1,107	1,612	1,106
090	of which: issued by non- financial corporations	-	-	-	-	158	158	158	158
120	Othe r a sse ts	3,469	-			17,304	7,248

2023		Ca rrying a mount of e nc umbe re d a sse ts		Fa ir va lue of e nc umbe re d a sse ts		Ca rrying a mount of une nc umbe re d a sse		Fa ir va lue of ts une nc umbe re d a sse ts
			Of whic h notiona lly e ligible EHQLA a nd HQLA		Of whic h notiona lly e ligible EHQLA a nd HQLA		Of whic h EHQLA a nd HQLA		Of whic h EHQLA a nd HQLA
		€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million
010	Asse ts	3 ,6 6 1	8 9			2 1,5 4 3	11,8 3 3
030	Equity instrume nts	-	-	-	-	19	-	19	-
040	De bt se c uritie s	258	8 9	240	7 9	3 ,0 7 2	2 ,6 3 4	3 ,0 0 2	2 ,5 7 8
050	of which: covered bonds	-	-	-	-	278	230	277	230
060	of which: securitisations	-	-	-	-	8	-	8	-
070	of which: issued by general goverments	34	34	33	33	1,717	1,717	1,678	1,678
080	of which: issued by financial corporations	224	55	207	45	1,251	842	1,223	828
090	of which: issued by non- financial corporations	-	-	-	-	104	74	102	72
120	Othe r a sse ts	3,406	-			18 ,5 2 6	9,284

10.1 Encumbered and Unencumbered Assets by Asset Type (continued)

Encumbered assets include cash and other liquid assets placed with banks (which are included in 'Other assets' c.€0.06 billion as at 31 December 2024 and c.€0.07 billion as at 31 December 2023) as collateral under ISDA agreements which are not immediately available for use by the Group but are released once the transactions are terminated. Cash is mainly used to cover collateral required for (i) derivatives and (ii) trade finance transactions and guarantees issued. It may also be used as part of the supplementary assets for the covered bond.

Encumbered assets primarily consist of loans and advances to customers (which are included in 'Other assets' c.€3.5 billion as at 31 December 2024 and c.€3.4 billion as at 31 December 2023) and investment in debt securities. These are mainly pledged for any potential use of the funding facilities of the ECB and for the covered bond.

Loans and advances to customers include mortgage loans of a nominal amount of €1,010 million as at 31 December 2024 (2023: €1,008 million) in Cyprus, pledged as collateral for the covered bond issued by BOC PCL in 2011 under its Covered Bond Programme. As at 31 December 2024, although there is no outstanding funding from the ECB, housing loans of a nominal amount of €2,431 million (2023: €2,329 million) in Cyprus, remain in the collateral pool of the CBC part of the available credit line.

BOC PCL maintains a Covered Bond Programme set up under the Cyprus Covered Bonds legislation and the Covered Bonds Directive of the CBC. Under the Covered Bond Programme, BOC PCL has in issue covered bonds of €650 million secured by residential mortgages originated in Cyprus. The covered bonds have a maturity date on 12 December 2026 and interest rate of 3-months Euribor plus 1.25% payable on a quarterly basis. On 9 August 2022, BOC PCL proceeded with an amendment to the terms and conditions of the covered bonds following the implementation of Directive (EU) 2019/2162 in Cyprus. The covered bonds are listed on the Luxemburg Bourse and have a conditional Pass-Through structure. All the bonds are held by BOC PCL. The covered bonds are eligible collateral for the Euro system credit operations and are placed in the ECB pool providing access to funding from the ECB.

The vast majority of encumbered assets are within the Bank.

Unencumbered assets which can potentially be pledged include debt securities and Cyprus loans and advances which are less than 90 days past due. Balances with central banks are reported as unencumbered and can be pledged, to the extent that there is excess available over the minimum reserve requirement. The minimum reserve requirement is reported as unencumbered not readily available to be pledged.

Unencumbered assets that are not readily available to be pledged primarily consist of loans and advances which are prohibited by contract or law to be encumbered or which are more than 90 days past due or for which there are pending litigations or other legal actions against the customer, a proportion of which would be suitable for use in secured funding structures but are conservatively classified as not readily available to be pledged as collateral. Properties whose legal title has not been transferred to the Company, or a subsidiary are not considered to be readily available to be pledged as collateral.

As at 31 December 2024, the Group has €21.9 billion of unencumbered assets. Included in this amount are other assets of €10.2 billion which consist mainly loans and advances to customers, loans on demand, intangible assets, tax assets, fixed assets and derivative assets. Additionally, included in this amount are assets of €3.9 billion which would not be deemed available for encumbrance in the normal course of business.

Pillar 3 Disclosures 2024

10.2 Collateral Received by Product Type

EU AE2 - Collateral received and own debt securities issued

2024					Unencumbered
			Fair value of encumbered collateral received or own debt securities issued	Fair value of collateral received or own debt securities issued available for encumbrance
			of which notionally eligible EHQLA and HQLA		of which EHQLA and HQLA
		€ million	€ million	€ million	€ million
130	Collateral received	-	-	-	-
140	Loans on demand	-	-	-	-
150	Equity instruments	-	-	-	-
160	Debt securities	-	-	-	-
170	of which: covered bonds	-	-	-	-
180	of which: securitisations	-	-	-	-
190	of which: issued by general governments	-	-	-	-
200	of which: issued by financial corporations	-	-	-	-
210	of which: issued by non-financial corporations	-	-	-	-
220	Loans and advances other than loans on demand	-	-	-	-
230	Other collateral received	-	-	-	-
240	Own debt securities issued other than own covered bonds or securitisations	-	-	-	-
241	Own covered bonds and securitisations issued and not yet pledged			-	-
250	TOTAL ASSETS, COLLATERAL RECEIVED AND OWN DEBT SECURITIES ISSUED	3,509	40

10.2 Collateral Received by Product Type (continued)

EU AE2 - Collateral received and own debt securities issued

2023					Unencumbered
			Fair value of encumbered collateral received or own debt securities issued	Fair value of collateral received or own debt securities issued available for encumbrance
			of which notionally eligible EHQLA and HQLA		of which EHQLA and HQLA
		€ million	€ million	€ million	€ million
130	Collateral received	-	-	-	-
140	Loans on demand	-	-	-	-
150	Equity instruments	-	-	-	-
160	Debt securities	-	-	-	-
170	of which: covered bonds	-	-	-	-
180	of which: securitisations	-	-	-	-
190	of which: issued by general governments	-	-	-	-
200	of which: issued by financial corporations	-	-	-	-
210	of which: issued by non-financial corporations	-	-	-	-
220	Loans and advances other than loans on demand	-	-	-	-
230	Other collateral received	-	-	-	-
240	Own debt securities issued other than own covered bonds or securitisations	-	-	-	-
241	Own covered bonds and securitisations issued and not yet pledged			-	-
250	TOTAL ASSETS, COLLATERAL RECEIVED AND OWN DEBT SECURITIES ISSUED	3,661	89

The current and expected level of asset encumbrance remains at low levels. The main funding sources of the Group do not include any secured funding. Given this funding profile, the asset encumbrance ratio is monitored and expected to remain at low levels.

10.3 Encumbered Assets/Collateral Received and Associated Liabilities

EU AE3 - Sources of encumbrance

		Matching liabilities, contingent liabilities or securities lent	Assets, collateral received and own debt securities issued other than covered bonds and securitisations encumbered
	2024	€ million	€ million
10	Carrying amount of selected financial liabilities	2	3,415
	2023
10	Carrying amount of selected financial liabilities	2,023	3,385

Sovereign ratings

The sovereign risk ratings of the Cypriot government have improved significantly in recent years, reflecting reduced banking sector risks, improved economic resilience and consistent fiscal outperformance. Cyprus has demonstrated policy commitment to correcting fiscal imbalances through reform and restructuring of its banking system.

In December 2024, S&P Global Ratings upgraded Cyprus' long-term local and foreign currency sovereign credit ratings to A- from BBB+ and revised its outlook in Cyprus to stable. This one-notch upgrade of Cyprus' rating reflects the third consecutive solid annual fiscal surplus as well as the capital and labour inflows from nearby conflict zones amid rising geopolitical developments.

Additionally, in December 2024, Fitch Ratings upgraded Cyprus' long-term foreign currency issuer default rating to A- from BBB+ and revised its outlook in Cyprus to stable. The one notch upgrade relates mainly to the rapid decline in public debt, strong fiscal surpluses and strong growth momentum.

In November 2024, Moody's Investors Service upgraded the long-term issuer and senior unsecured ratings of the Government of Cyprus to A3 from Baa2. The outlook was revised to stable from positive. The upgrade of Cyprus ratings reflects the material improvement in fiscal and debt metrics, the reduced government debt ratio and the solid medium-term economic outlook driven by the steady expansion of high-productivity services sectors supported by headquartering of companies, significant foreign direct investments as well as reforms and investments related to Cyprus' National Recovery and Resilience Plan.

In October 2024, Scope Ratings GmbH upgraded the Cyprus' long-term issuer and senior unsecured debt ratings to A- from BBB+ in local and foreign currency and maintained the Stable Outlooks. The upgrade was driven by the strong fiscal outlook characterised by sustained primary surpluses and declining general government debt.

DBRS Ratings GmbH (DBRS Morningstar) confirmed Cyprus' Long-Term Foreign and Local Currency – Issuer Ratings at BBB (high) in September 2024. The trend was revised from stable to positive reflecting the view that public debt metrics are likely to continue to improve and that economic growth is likely to continue to benefit from robust private consumption, rising service exports and strong construction investment over the next few years.

11. Credit Risk Under the Standardised Approach

The Standardised Approach is applied to calculate the RWA in accordance with the requirements laid down in Part 3, Title II Chapters 2 and 4 of the CRR illustrated in the tables below under this section.

The ECAI applied by the Group in the RWA calculation is Moody's in line with the up-to-date standard association published by the EBA. The transfer of the issuer and issue credit ratings onto comparable asset items not included in the trading book are applied in line with articles 135 to 141 of the CRR.

The ECAI are applied to all applicable exposure classes as follows:

Central governments or central banks
Regional government or local authorities
Institutions
Corporates
Institutions and corporates with short-term credit assessment.

For all other exposure classes, for which the Group has exposures, no ratings are applicable by CRR.

As of 28 June 2021, the amending regulation 2019/876 of the CRR, CRR II has been fully applied in line with the regulatory implementation dates in respect of the Credit Risk RWA calculations. The major change in Standardised Approach for Credit Risk is the calculation of RWA on exposures in the form of units or shares in Collective Investment Undertakings (CIUs) whereby the below three approaches have been introduced:

Look-through approach
Mandate approach
Fall-back approach

The Group has applied the Mandate approach in all its positions in the form of shares or units in CIUs where the RWA are calculated based on the underlying assets and limits of each CIU mandate in which the Group has invested in. The RWA impact for the Group from the application of the new methodology was immaterial due to the very small size of the CIU exposures held by the Group.

The Group applies the Standardised Approach for Counterparty Credit Risk (SA-CCR) in calculating the exposure values for derivative transactions used in the RWA for counterparty credit risk and Credit Valuation Adjustment (CVA). Under this approach laid down in Part 3, Title II Chapter 6 of the CRR/CRR2, the exposure values are calculated taking into account margin and netting agreements. Derivative RWA for the Group remain non material.

For the year ended 31 December 2024, on and off-balance sheet exposures decreased by €958 million while RWAs increased by €149 million.

The main driver for the decrease in total exposure is the repayment of the ECB funding (TLTRO) of €1,700 million and the decrease in other assets related exposures (such as investment properties and Deferred tax asset).

Main drivers for the increase in RWA being the increase in operational risk RWAs due to higher income, the increase placements with banks and the overall increase of loans to customer advances partly offset by decreases in other assets related exposures (such as investment properties and Deferred tax asset).

Despite the increase in the Group's portfolio of investments, there was a decrease in the RWA of this portfolio, as was a shift towards lower risk classes (such as Central governments and Covered bonds) and International Financial Reporting Standard (IFRS) 9 phasing in on 1 January 2024.

11. Credit Risk Under the Standardised Approach (continued)

The table below illustrates the effect of CCF and CRM techniques on exposure values that give rise to credit risk applied in accordance with the CRR.

The exposure amounts displayed in table below are after the application of value adjustments. Value adjustments refer to specific credit risk adjustments, additional value adjustments to reflect the fair value of the asset where relevant and other own funds reductions related to specific asset items. CCF refers to the credit conversion factors applied to off-balance sheet exposures to convert them to credit equivalents in line with article 111 of the CRR. CRM refers to the credit mitigation techniques applied. The CRM of the Group refers to eligible financial collateral that is used to decrease the exposure values through the application of the Financial Collateral Comprehensive Method and the eligible credit protection where the exposure RW or exposure class are substituted by the corresponding RW and exposure class of the credit protection provider.

Eligible real estate collateral on which the Group has concentration is included in the exposure classes "Secured by mortgages on immovable property" for performing exposures and form part of "Exposures in default" for non-performing exposures.

RWAs density is a synthetic metric on the riskiness of each portfolio and it is measured by dividing (e) RWA with the sum of columns (c) and (d) Exposure Value after CCF and CRM.

11. Credit Risk Under the Standardised Approach (continued)

EU CR4 Standardised Approach – credit risk exposure and Credit Risk Mitigation (CRM) effects

		a	b	c	d	e	f
	31 December 2024		Exposures before CCF and CRM		Exposures post CCF and CRM	RWAs and RWA density
	Exposure classes	On-balance sheet amount	Off-balance sheet amount	On-balance sheet amount	Off-balance sheet amount	RWEAs	RWEA density
		€ million	€ million	€ million	€ million	€ million	%
1	Central governments or central banks	9,674	-	9,807	-	235	2.39
2	Regional government or local authorities	169	12	101	-	-	0.13
3	Public sector entities	237	5	229	2	1	0.51
4	Multilateral development banks	468	-	481	-	-	-
5	International organisations	248	-	248	-	-	-
6	Institutions	1,281	64	1,208	33	385	31.04
7	Corporates	3,832	1,203	3,496	361	3,357	87.04
8	Retail	1,759	876	1,407	91	1,059	70.71
9	Secured by mortgages on immovable property	3,978	401	3,978	91	1,476	36.27
10	Exposures in default	121	24	120	4	131	106.49
11	Exposures associated with particularly high risk	637	155	585	56	962	150.00
12	Covered bonds	432	-	432	-	43	10.00
13	Institutions and corporates with a short term credit assessment	-	-	-	-	-	-
14	Collective investment undertakings	3	-	3	-	2	71.20
15	Equity	24	-	24	-	58	244.28
16	Other items	1,433	-	1,433	-	1,436	100.20
17	TOTAL	24,295	2,740	23,552	638	9,146	37.81

11. Credit Risk Under the Standardised Approach (continued)

EU CR4 Standardised Approach – credit risk exposure and Credit Risk Mitigation (CRM) effects

		a	b	c	d	e	f
	31 December 2023		Exposures before CCF and CRM		Exposures post CCF and CRM	RWAs and RWA density
	Exposure classes	On-balance sheet amount	Off-balance sheet amount	On-balance sheet amount	Off-balance sheet amount	RWEAs	RWEA density
		€ million	€ million	€ million	€ million	€ million	%
1	Central governments or central banks	11,337	-	11,420	-	243	2.13
2	Regional government or local authorities	145	11	110	-	2	1.41
3	Public sector entities	237	6	228	2	2	1.03
4	Multilateral development banks	336	-	356	-	-	-
5	International organisations	232	-	232	-	-	-
6	Institutions	975	67	928	28	330	34.47
7	Corporates	3,600	1,190	3,355	353	3,259	87.89
8	Retail	1,680	883	1,350	95	1,018	70.44
9	Secured by mortgages on immovable property	3,852	368	3,852	75	1,418	36.12
10	Exposures in default	197	30	196	5	208	103.42
11	Exposures associated with particularly high risk	636	114	586	36	932	150.00
12	Covered bonds	287	-	287	-	29	10.00
13	Institutions and corporates with a short term credit assessment	-	-	-	-	-	-
14	Collective investment undertakings	3	-	3	-	2	75.14
15	Equity	24	-	24	-	59	240.05
16	Other items	1,625	-	1,625	-	1,495	91.99
17	Total	25,169	2,669	24,554	594	8,997	35.78

11. Credit Risk Under the Standardised Approach (continued)

EU CR5 Standardised Approach

The table analyses the exposure values of on and off-balance sheet positions excluding securitisation exposures by RW and regulatory exposure class.

		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p	q
										Risk weight
	31 December 2024	0 %	2 %	4 %	10%	20%	35%	50%	70%	75%	100%	150%	250%	370%	1250%	Others	Total	Of which unrated1
	Exposure classes																€ million € million € million € million € million € million € million € million € million € million € million € million € million € million € million € million € million
1	Central governments or central banks	9,450		-	- 7 5	3	4	- 4	2	-	- 152		- 1	5	-	- 4 0	9,808	167
2	Regional government or local authorities	100		-	-	-	1	-	-	-	-	-	-	-	-	- -	101	-
3	Public sector entities	229		-	-	-	-	-	2	-	-	-	-	-	-	- -	231	-
4	Multilateral development banks	481		-	-	-	-	-	-	-	-	-	-	-	-	- -	481	-
5	International organisations	248		-	-	-	-	-	-	-	-	-	-	-	-	- -	248	-
6	Institutions		-	-	-	- 788		- 451		-	- 2		-	-	-	- -	1,241	-
7	Corporates		-	-	-	- 176		- 5	6	-	- 3,578	4	7	-	-	- -	3,857	3,789
8	Retail		-	-	-	-	-	-	-	- 1,498		-	-	-	-	- -	1,498	1,498
9	Secured by mortgages on immovable property		-	-	-	-	- 3,087	982		-	-	-	-	-	-	- -	4,069	4,069
1 0	Exposures in default		-	-	-	-	-	-	-	-	- 107	1	6	-	-	- -	123	123
1 1	Exposures associated with particularly high risk		-	-	-	-	-	-	-	-	-	- 641		-	-	- -	641	641
1 2	Covered bonds		-	-	- 432		-	-	-	-	-	-	-	-	-	- -	432	-
1 3	Institutions and corporates with a short-term credit assessment		-	-	-	-	-	-	-	-	-	-	-	-	-	- -	-	-
1 4	Unit or shares in collective investment undertakings		-	-	-	-	1	-	-	-	- 2		-	-	-	- -	3	3
1 5	Equity		-	-	-	-	-	-	-	-	- 1		- 2	3	-	- -	2 4	2 3
1 6	Other items	9	5	-	-	- 6	9	-	-	-	- 710	278		-	-	- 282	1,434	908
1 7	TOTAL	10,603	-	-	506		1,069 3,087	1,533	-	1,498	4,551	982	3 8	-	-	322	24,189	11,221

11. Credit Risk Under the Standardised Approach (continued)

EU CR5 Standardised Approach

		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p	q
31 December 2023			Risk weight
		0 %	2 %	4 %	10%	20%	35%	50%	70%	75%	100%	150%	250%	370%	1250%	Others	Total	Of which unrated1
	Exposure classes						€ million € million € million € million € million € million € million € million € million € million € million € million € million € million € million € million € million
1	Central governments or central banks	11,053		- 5 3	8	105		-	-	-	- 190		- 1 2		-	- -	11,421	201
2	Regional government or local authorities	102		-	-	-	8	-	-	-	-	-	-	-	-	- -	110	-
3	Public sector entities	228		-	-	-	-	-	-	-	- 2		-	-	-	- -	230	-
4	Multilateral development banks	356		-	-	-	-	-	-	-	-	-	-	-	-	- -	356	-
5	International organisations	232		-	-	-	-	-	-	-	-	-	-	-	-	- -	232
6	Institutions		-	-	-	- 645		- 221		-	- 9 0		-	-	-	- -	956	-
7	Corporates		-	-	-	- 9	4	- 5 5		-	- 3,496	6 3		-	-	- -	3,708	3,436
8	Retail		-	-	-	-	-	-	-	- 1,445		-	-	-	-	- -	1,445	1,445
9	Secured by mortgages on immovable property		-	-	-	-	- 2,989	938		-	-	-	-	-	-	- -	3,927	3,927
1 0	Exposures in default		-	-	-	-	-	-	-	-	- 187	1 4		-	-	- -	201	201
1 1	Exposures associated with particularly high risk		-	-	-	-	-	-	-	-	-	- 622		-	-	- -	622	622
1 2	Covered bonds		-	-	- 287		-	-	-	-	-	-	-	-	-	- -	287	-
1 3	Institutions and corporates with a short-term credit assessment		-	-	-	-	-	-	-	-	-	-	-	-	-	- -	-	-
1 4	Unit or shares in collective investment undertakings		-	-	-	-	1	-	-	-	- 2		-	-	-	- -	3	3
1 5	Equity		-	-	-	-	-	-	-	-	- 2		- 2 3		-	- -	2 5	2 3
1 6	Other items	9 3		-	-	- 3	5	-	-	-	- 1,453	1 8		-	-	- 2 7	1,626	1,600
1 7	Total	12,065	-	5 3	295	888	2,989	1,214	-	1,445	5,421	716	3 5	-	-	2 7	25,148	11,459

12. Market Risk

There are no minimum capital requirements for market risk for 2024 or 2023. FX risk does not require any capital since the materiality threshold set by Article 351 of the CRR is not met. Other than the foreign exchange risk, the Group does not hold any trading book positions that would fall under Title VI of the CRR.

13. Operational Risk

The minimum capital requirement for operational risk is calculated in accordance with Title III: Own funds requirements for operational risk of the CRR.

The Group uses the Standardised Approach for the operational risk capital calculation.

Under the Standardised Approach, net interest and non-interest income are classified into eight business lines, as set out in CRR. The capital requirement is calculated as a percentage of the average income over the past three years, ranging between 12% and 18% depending on the business line. If the total capital requirement of all business lines in any given year is negative, then the capital requirement is set to zero in the average calculation.

The minimum capital requirement of the Group in relation to operational risk calculated in accordance with the Standardised Approach amounts to €133 million for 2024 and €106 million for 2023. The increase in the operational risk capital requirement is driven mainly by higher net interest Income at Group level.

EU OR1 - Operational risk own funds requirements and risk-weighted exposure amounts

		a	b	c	d	e
	Banking activities		Relevant indicator		Own funds requirements	Risk exposure
		2022	2023	2024		amount
		€ million	€ million	€ million	€ million	€ million
1	Banking activities subject to basic indicator approach (BIA)	-	-	-	-	-
2	Banking activities subject to standardised (TSA) / alternative standardised (ASA) approaches	636	1,039	1,070	133	1,662
3	Subject to TSA:	636	1,039	1,070
4	Subject to ASA:	-	-	-
5	Banking activities subject to advanced measurement approaches AMA	-	-	-	-	-

14. Key Metrics

EU KM1 - Key metrics template

		a	b	c	d	e
			31/12/2024 1 30/09/2024 2,3 30/06/2024 3 31/03/2024 4 31/12/2023 5
		€ million	€ million	€ million	€ million	€ million
	Available own funds (amounts)
1	Common Equity Tier 1 (CET1) capital	2,075	1,937	1,937	1,803	1,798
2	Tier 1 capital	2,295	2,157	2,157	2,023	2,018
3	Total capital	2,603	2,479	2,470	2,323	2,318
	Risk-weighted exposure amounts
4	Total risk exposure amount	10,834	10,441	10,580	10,548	10,341
	Capital ratios (as a percentage of risk-weighted exposure amount)
5	Common Equity Tier 1 ratio (%)	19.16%	18.55%	18.31%	17.10%	17.39%
6	Tier 1 ratio (%)	21.19%	20.66%	20.39%	19.18%	19.51%
7	Total capital ratio (%)	24.02%	23.74%	23.35%	22.03%	22.42%
	Additional own funds requirements to address risks other than the risk of excessive leverage
	(as a percentage of risk-weighted exposure amount) Additional own funds requirements to
EU 7a	address risks other than the risk of excessive leverage (%)	2.75%	2.75%	2.75%	2.75%	3.08%
EU 7b	of which: to be made up of CET1 capital (percentage points)	1.55%	1.55%	1.55%	1.55%	1.73%
EU 7c	of which: to be made up of Tier 1 capital (percentage points)	2.06%	2.06%	2.06%	2.06%	2.31%
	EU 7d Total SREP own funds requirements (%)	10.75%	10.75%	10.75%	10.75%	11.08%
	Combined buffer and overall capital requirement (as a percentage of risk-weighted exposure amount)
8	Capital conservation buffer (%)	2.50%	2.50%	2.50%	2.50%	2.50%
EU 8a	Conservation buffer due to macro-prudential or systemic risk identified at the level of a Member State (%)	0.00%	0.00%	0.00%	0.00%	0.00%
9	Institution specific countercyclical capital buffer (%)	0.92%	0.93%	0.94%	0.49%	0.48%
	EU 9a Systemic risk buffer (%)	0.00%	0.00%	0.00%	0.00%	0.00%
10	Global Systemically Important Institution buffer (%)	0.00%	0.00%	0.00%	0.00%	0.00%
	EU 10a Other Systemically Important Institution buffer (%)	1.88%	1.88%	1.88%	1.88%	1.50%
11	Combined buffer requirement (%)	5.30%	5.31%	5.31%	4.86%	4.48%
	EU 11a Overall capital requirements (%)	16.05%	16.06%	16.06%	15.61%	15.56%
12	CET1 available after meeting the total SREP own funds requirements	13.11%	12.51%	12.26%	11.05%	11.15%

14. Key Metrics (continued)

EU KM1 - Key metrics template

		a	b	c	d	e
		31/12/20241	30/09/20242,3	30/06/20242	31/03/20244	31/12/20235
		€ million	€ million	€ million	€ million	€ million
	Leverage ratio
13	Total exposure measure	26,220	25,558	25,191	24,710	26,389
14	Leverage ratio (%)	8.75%	8.44%	8.56%	8.19%	7.65%
	Additional own funds requirements to address the risk of excessive leverage (as a percentage of total exposure measure)
	EU 14a Additional own funds requirements to address the risk of excessive leverage (%)	0.00%	0.00%	0.00%	0.00%	0.00%
EU 14b	of which: to be made up of CET1 capital (percentage points)	0.00%	0.00%	0.00%	0.00%	0.00%
	EU 14c Total SREP leverage ratio requirements (%)	3.00%	3.00%	3.00%	3.00%	3.00%
	Leverage ratio buffer and overall leverage ratio requirement (as a percentage of total exposure measure)
	EU 14d Leverage ratio buffer requirement (%)	0.00%	0.00%	0.00%	0.00%	0.00%
	EU 14e Overall leverage ratio requirement (%)	3.00%	3.00%	3.00%	3.00%	3.00%
	Liquidity Coverage Ratio
15	Total high-quality liquid assets (HQLA) (Weighted value -average)	11,485	11,670	11,764	11,767	11,276
	EU 16a Cash outflows - Total weighted value	4,012	3,932	3,886	3,863	3,919
	EU 16b Cash inflows - Total weighted value	458	459	470	424	416
16	Total net cash outflows (adjusted value)	3,554	3,473	3,416	3,439	3,503
17	Liquidity coverage ratio (%)	324%	337%	345%	343%	330%
	Net Stable Funding Ratio
18	Total available stable funding	19,894	19,371	19,246	18,528	18,620
19	Total required stable funding	12,258	12,303	12,306	11,933	11,692
20	NSFR ratio (%)	162%	157%	156%	155%	159%

Notes:

1. Amounts and ratios include profits for the year ended 31 December 2024 net of a deduction for a distribution in respect of 2024 earnings of €241 million, following relevant recommendation by the Board of Directors to the shareholders for a final cash dividend of €211 million and approval by the Board of Directors to undertake a share buyback of ordinary shares of the Company for an aggregate consideration of up to €30 million and in compliance with the terms of the ECB approval, as disclosed in subsection 'Distributions' of Section 5.1 CRD Regulatory Capital.
1. Amounts and ratios do not include quarterly profits for the three months ended 30 September 2024. Including the quarterly profits and an accrual for a distribution at a payout ratio of 50% of the Group's adjusted profitability for the period, which represents the top-end range of the Group's approved distribution policy in line with the principles of Commission Delegated Regulation (EU) (241/2014) for foreseeable dividends and charges, the CET1 ratio and Total Capital ratio stood at 19.1% and 24.3% respectively, on a transitional basis.

14. Key Metrics (continued)

1. Amount and ratios include reviewed profits for the six months ended 30 June 2024 in line with the ECB Decision (EU) (2015/656) on the recognition of interim or year-end profits in CET1 capital in accordance with Article 26(2) of the CRR and an accrual for a distribution at a payout ratio of 50% of the Group's adjusted recurring profitability for the period, which represents the top-end range of the Group's approved distribution policy in line with the principles of Commission Delegated Regulation (EU) (241/2014) for foreseeable dividends and charges.
1. Amounts and ratios do not include quarterly profits for the three months ended 31 March 2024. Including the quarterly profits and an accrual for a distribution at a payout ratio of 50% of the Group's adjusted profitability for the period, which represents the top-end range of the Group's approved distribution policy in line with the principles of Commission Delegated Regulation (EU) (241/2014) for foreseeable dividends and charges, the CET1 ratio and Total Capital ratio stood at 17.6% and 22.5% respectively, on a transitional basis.
1. Amounts and ratios include profits for the year ended 31 December 2023 and a deduction for a distribution in respect of 2023 earnings of €137 million, following approval received by the ECB in March 2024 and relevant recommendation by the Board of Directors to the shareholders for a final cash dividend of €112 million and approval by the Board to undertake a share buyback of ordinary shares of the Company for an aggregate consideration of up to €25 million and in compliance with the terms of the ECB approval.

During the year ended 31 December 2024, pre-provision income net of deduction for a distribution in respect of 2024 earnings following ECB approval as disclosed in subsection 'Distributions' of Section 5, had a positive impact on CET1 ratio, whereas provisions and impairments, other movements and increase in risk-weighted assets had a negative impact.

During the second quarter of 2024, the CET1 ratio was negatively affected by the payment of AT1 coupon.

As a result of the above, the CET1 ratio has increased by 177 bps during the year ended 31 December 2024.

During the year ended 31 December 2024, the Group's Total Capital ratio increased by 160 bps.

The decreasing trend of LCR during 2024 is mainly due to a decrease in HQLAs, as a result of the repayment of the €2 billion TLTRO funding, netted by the increase in customer deposits during 2024 (increased by c.€1,182 million) and the issuance of a €300 million Green Senior Preferred Notes.

As at 31 December 2024 the NSFR stood at 162.3% compared to 159.3% as at 31 December 2023.

During the year ended 31 December 2024, RWA increased mainly due to the increase in operational risk RWAs due to higher income, the increase in placements with banks and the overall increase of loans to customer advances partly offset by decreases in other assets related exposures (such as investment properties and Deferred tax asset) and the decrease in the portfolio of investments mainly assigned to lower risk weight classes (such as Central governments and Covered bonds) and International Financial Reporting Standard (IFRS) 9 phasing in on 1 January 2024.

The increase in Tier 1 Capital has been the main driver for the increase in the leverage ratio which stands well above the regulatory minimum requirement of 3%.

15. Exposure to Interest Rate Risk on Positions in the Banking Book

15.1 Nature of the Interest Rate Risk and Key Assumptions

Interest Rate Risk in the Banking Book refers to the current or prospective risk to the Bank's capital and earnings arising from adverse movements in interest rates that affect the Bank's banking book positions. Moreover, optionality embedded in the Bank's products may give rise to interest rate risk.

In order to control/quantify/monitor the risk from changes in interest rates, the outcomes of two types of analysis are calculated:

a. Impact on the NII earnings measure
b. Impact on the EV EV measure

In addition to the above two types of measures, interest rate risk for EUR (which consists of the bulk of the Group's balance sheet) is also measured using interest rate gap analysis where the assets, liabilities and offbalance sheet items are classified according to their remaining repricing period.

Impact on NII is measured assuming that the composition of the Banking Book remains the same (static balance sheet). As per the analysis undertaken for the preparation/update of the Interest Rate Risk assumptions and methodologies, no prepayment models are used due to:

1. the immaterial amount of loans subject to prepayment risk. As per the Mortgage Credit Directive (voted in April 2017) the Bank is allowed to charge the interest rate cost, in case the customer repays early (instead of only admin charge) for all new mortgage loans irrespective of the loan amount and with no retrospective effect. Furthermore, the analysis performed by the Bank for the portfolio before the 2017 aforementioned legislation, indicates that loans subject to prepayment risk on which no interest rate cost can be charged are decreasing to immaterial amounts much lower than 0% of the total positions referred to Article 2(2) of RTS on Standardised methodologies on IRRBB. Thus, no prepayment modelling is required. Prepayment of loans will be assessed for modelling only if the percentage of loans (not in Recoveries) for which no penalty can be charged over the total loans is greater than 5% of total assets in line with Article 8 of EBA/RTS/2022/09.
1. the low level of fixed deposits that allow withdrawals without a penalty charge. Based on the latest analysis, the amount of the deposits with early withdrawal option amounted to 0.13% of the total positions referred to Article 2(2) of RTS on Standardised methodologies on IRRBB. Thus, no early withdrawal modelling is required.

It is noted that the Bank may, at its discretion allow its customers to prepay their loans. However, in the case of loan prepayments, penalty charges can apply for fixed rate loans, to cover any associated cost.

The level of prepayment risk is measured and reviewed at least on an annual basis.

Treatment of Non-Maturing Deposits

Non-Maturing Deposits (NMDs) are liabilities which are free to be withdrawn at any time since they have no contractually agreed maturity date. Historically, NMDs proved to be stable, even when market rates change. Any interest rate paid on these deposits is usually lower than that paid on other sources of funding. The core* deposit assumptions and the maturity profile of these accounts are modelled. It is noted that the assumed maturity profile for all categories is constrained to the tenor limits in line with the EBA guidelines.

^*Core deposits are those balances of NMDs that would remain in place with high probability, based on historical evidence. Statistical analysis indicates that these accounts are unlikely to reprice even under significant changes in interest rates.

15.1 Nature of the Interest Rate Risk and Key Assumptions (continued)

Maturity profile assumptions vary according to depositor characteristics (e.g. retail, wholesale non-financial, wholesale financial) and accounts characteristics (e.g. transactional or non-transactional).

The longest repricing maturity assigned to NMDs is 10 years whereas the average repricing maturity is estimated to be close to the 5-year cap.

Floor on Deposits

All deposit categories are assumed to have a 0% interest rate floor, given that it would be unlikely for the Bank to offer negative deposit rates. However, during the negative interest rate period, the Bank charged a liquidity fee to certain legal entities. As a result, even though all deposit categories were assumed to have a 0% floor, there was NII benefit in case of decrease in rates arising from accounts in which the liquidity fee was applicable. Given the increasing interest rate environment leading to positive interest rates, liquidity fee is no longer charged.

Notice Accounts

In the case of decrease in interest rates, notice accounts, are assumed to have a time lag due to the requirement by PSD to give a 75 days' notice to its clients. This means that the impact of interest rate of these accounts is delayed due to this time lag.

Beta of Bank Base Rate Loans, Fixed Deposits and Notice accounts

It is noted that the EUR Bank base rate loans (referenced mainly to the CBC deposit index) have high correlation to the changes of the fixed deposits and notice account rates. It is noted that Bank base rate loans reprice quarterly and are directly linked to the CBC benchmark rate which is lagged by 2 months compared to the current month. Based on statistical evidence, the sensitivity of CBC index to the Bank's EUR Fixed Deposits and Notice accounts is estimated at 88% in case of increasing rates and 100% in case of decreasing rates. The relationship of the fixed and notice deposit rates to market rate changes has been defined after taking feedback from the Business Lines, Treasury and Finance Division.

Floor on Loans

For existing loans, a floor of 0% on the reference rate is applied only where there is a contractual agreement in place. All new loans have a floor of 0% on the reference rate, given that such a condition is included in all new loan contracts.

Treatment of Equity

Equity does not impact the EV or NII calculations of the Bank.

Interest Rate scenarios

The interest rate risk scenarios selected by the Bank consider:

1. Up and down parallel shifts in the yield curve of varying magnitude based on statistical analysis of past interest rates shifts
1. Changes in the yield curve shape (flattening, steepening, short up and down etc.)

It is noted that different interest rate scenarios apply to exposures in different currencies that account more than 5% of either banking book assets or liabilities. Currencies with less than 5% are included until the sum of assets or liabilities included in the calculation is at least 90%. No change in NII and EV is calculated for the rest of the currencies. The significant currencies of the Bank are currently EUR and USD.

The Interest Rate Effects under the BASEL scenarios (in line with the scenarios presented in the BCBS April 2016 paper) are produced on a quarterly basis and are presented for information purposes.

15.1 Nature of the Interest Rate Risk and Key Assumptions (continued)

Stress Testing and standardised interest rate shock scenarios as specified in Basel Committee on Banking Supervision are performed on a quarterly basis. The standard regulatory shock which involves sudden +/- 200 basis points change of the yield curve is calculated on a monthly basis.

Internal scenarios are performed on a monthly basis and are subject to internal limits. The market rate shocks for EUR and USD, which are the currencies corresponding to the bulk of the Bank's balance sheet items are indicated below:

EUR:

Parallel UP: + 135 bps Parallel DN: - 100 bps, Steepening: 1 day:-100 bps & 360 mons: 135 bps, Flattening: 1 day: +135 bps & 360 mons: -100 bps, Short UP: 1 day: +135 bps & 360 mons: 0 bps, Short DN: 1 day: -100 bps & 360 mons: 0 bps. USD: Parallel UP: +160 bps, Parallel DN: -100 bps, Steepening: 1 day:-100 bps & 360 mons: 160 bps, Flattening: 1 day: +160 bps & 360 mons: -100 bps, Short UP: 1 day: +160 bps & 360 mons: 0 bps, Short DN: 1 day: -100 bps & 360 mons: 0 bps.

The above shocks were calculated using statistical analysis of historical interest rates.

A floor of 0% to all loans with a contractual floor agreement and to all deposits is applied to all scenarios.

15.2 Impact of Downward and Upward Rate Shocks

The ALCO recommends the policy and limits on the maximum allowable interest rate risk in the banking book, which are then approved by the Board. The exposure is described below.

Movements in interest rates affect the Bank's banking book positions and can pose a risk to the Bank's EVE and NII. When interest rates change, the present value and level of future cash flows change. This in turn changes the underlying value of a Bank's assets, liabilities and off-balance sheet items and hence its EVE. Changes in interest rates also affect a Bank's NII by altering interest rate-sensitive income and expenses. The NII and EVE measures are considered of complementary nature (a transaction subject to interest rate risk cannot stabilize both NII and EVE at the same time). The bulk of the Bank's EVE and NII exposure arises mainly from the customer advances, customer deposits, bond investments (securities), bond issuances, Central Bank Balances and interest rate derivatives.

EU IRRBB1 - Interest rate risks of non-trading book activities

		a	b	c	d
Supervisory shock scenarios			Changes of the economic value of equity	Changes of the net interest income
		31 December 2024	31 December 2023	31 December 2024	31 December 2023
		€ million	€ million	€ million	€ million
1	Parallel up	(2)	89	151	210
2	Parallel down	(34)	(140)	(171)	(225)
3	Steepener	81	6
4	Flattener	(160)	(7)
5	Short rates up	(153)	26
6	Short rates down	74	(58)

Pillar 3 Disclosures 2024

16. Environmental, Social and Governance Risks

16.1 Environmental risk

16.1.1 Business strategy and processes

16.1.1.1 Business strategy to integrate environmental factors and risks

As a signatory to the UN PRB, the Group aims to align its own operations, supply chain and portfolios with the transition to a sustainable economy. This commitment was enforced through the Group's ESG primary ambitions, as determined in the ESG strategy, which was formulated in 2021. The Group's primary ESG ambitions are:

Group's ESG Primary ambitions
Ambition	Description
Own operations 42% GHG emission reduction by 2030	The Group aims to become carbon-neutral in own operations by 2050, by gradually eliminating its scope 1 and 2 GHG emissions. The Group has set an interim target in line with carbon-neutrality ambition in own operations to reduce Scope 1 and Scope 2 GHG emissions by 42% (absolute target) by 2030 compared to the baseline of 2021.
Become Net Zero by 2050	The Group's ambition to become Net Zero, by reducing its Scope 3 emissions through its supply chain (i.e. third-party providers) and its financing activities, which also entails the alignment and commitment of its clients towards this goal.
Steadily increase GAR	The GAR indicates the degree of alignment with the EU Taxonomy, such as showing the proportion of the share of credit institution's assets financing and invested in EU Taxonomy-aligned economic activities as a share of total covered assets, such as those consistent with the European Green Deal and the Paris agreement goals.
Steadily increase	In line with the Green Asset Ratio, the numerator consists of mortgages used only
Green Mortgage	for sustainable activities related to the construction of new buildings and renovation
Ratio	of buildings, while the denominator includes all mortgages.

The Group has estimated the Scope 1 (Mobile Combustion, Stationary Combustion and Fugitive Emissions) and Scope 2 GHG emissions of 2021 relating to own operations in order to set the baseline for carbon neutrality target in own operations, given this was the year the Group's decarbonisation efforts were initiated. For the Group to meet the carbon neutrality target by 2050, the Group has set an interim target to reduce Scope 1 and Scope 2 GHG emissions by 42% (absolute target) by 2030. The absolute reduction target has been set following the IEA's B2DS and sectoral decarbonisation approach using Science Based target initiative's (SBTi) tool.

The decarbonisation activities conducted the last two years are depicted in the following table. Group's own funds are supporting the implementation of decarbonisation actions. The Group's Financial Plan embeds actions associated with the decarbonization plan for 2025-2028.

Group's Decarbonisation Actions – Own Operations
	2023	2024
	(€ 000)	(€ 000)
Installation of electric chargers for cars	3	88
Air-conditioning systems replacements	42	107
Roof insulation	-	88
Solar Panels	132	38
Plug in hybrid vehicles	-	139
Electric vehicles	-	139
Lighting replacement	27	55
Total	204	654

Pillar 3 Disclosures 2024

16.1.1.1 Business strategy to integrate environmental factors and risks (continued)

In addition, Branch rationalisation associated with the Digital Transformation programme is considered a decarbonization lever as well. The Group is considering the implementation of a large project which is expected to reduce Scope 1 and Scope 2 GHG emissions between 10%-20% compared to 2024 emissions inventory.

Apart from the strategy to reduce GHG emissions associated with its own operations, BOC PCL should design the strategy to mitigate climate-related and environmental risks associated with loan portfolio (i.e. customers) and investment portfolio. BOC PCL is integrating C&E risks into its Business Strategy through the following:

1. Sector limits;
1. Decarbonisation targets;
1. Green/Transition Lending;
1. Sustainable Finance Framework;
1. ESG and Climate considerations in loan pricing.

Sector Limits

Certain sectors are inherently associated with higher transition risks due to the fact that their current operating model is not considered sustainable under a low carbon economy. The fact that the current and prospective regulatory environment is driving us towards that direction, indicates that the entities, operating in carbon intensive sectors, might fail to adopt. Failure to adopt might impact customer's profitability, liquidity, creditworthiness and ultimately their sustainability in the longer term. In order to manage transition risks and be aligned with Net Zero commitment, BOCH established certain sector lending limits to restrict its exposure to sectors which are widely considered as carbon intensive sectors (i.e. cement, oil, gas, iron, steel, aluminium and power generation through fossil fuels). The role of BOCH is to engage with the customers operating in carbon intensive sectors, in order to educate them on the C&E risks that are exposed and support them in the transition to low carbon economy by providing them Green or transition financing. The sector limits are not applicable to Green or Transition financing or to entities, operating in carbon intensive sectors, with an externally validated transition plan so to motivate and support the customers to their transition to a low carbon economy. The abovementioned sector limits have been reflected in the BOCH Concentration Policy.

Decarbonization targets

The Group, by taking into account the GHG emissions estimated for loan portfolio, the most significant loan exposures and the Materiality Assessment (MA) on C&E risks, decided to set a decarbonisation target on Mortgage portfolio, since their exposure corresponds to 34% of Households, Non-Financial and Other-Financial Corporations exposures and corresponds to c.6% of Group's GHG emissions of loan portfolio. Following the establishment of the decarbonisation target on Mortgage portfolio BOC PCL designed the strategy to meet the target and align its Mortgage portfolio with the International Energy Agency's (IEA) Below 2 Degree Scenario (B2DS) by aiming to finance more energy efficient residential properties. BOC PCL designed and introduced a "Green Housing" product, aligned with GLPs of Loan Market Association (LMA), in order to support the feasibility of the decarbonisation target. The decarbonisation target on Mortgage portfolio and the new lending strategy to meet the target have been incorporated in the Group's Financial Plan.

Green/Transition Lending

The Group, by taking into account the results of Business Environment Scan (BES) and the MA on C&E risks, has set Green /Transition new lending internal KPIs for 2024 in order to support the transition of its customer and Cyprus to a low carbon economy and limit its exposure to transition and physical risks in certain sectors. Specifically, the Group by taking into account the results of the MA on C&E risks, the expected introduction of Green taxation in Cyprus, the amendments adopted on the Energy Performance Directive on buildings as well as the Cyprus Government subsidies identified climate related opportunities and has set Green/Transition new lending internal KPIs on specific sectors (i.e., Manufacturing, Trade, Construction and Accommodation) to enable the Green transition.

Pillar 3 Disclosures 2024

16.1.1.1 Business strategy to integrate environmental factors and risks (continued)

The Green/Transition new lending internal KPIs have been included in the Group's Financial Plan for 2024 – 2027 and monitored on a monthly basis by the BDC of the Group. Green / Transition new lending internal KPIs are set on an annual basis during the development of the Group's Financial Plan.

In addition, the Group offers a range of environmentally friendly products to manage transition risk and help its customers become more sustainable. For example, a number of loan products are offered under the Fileco Product Scheme. The Group offers Environmentally friendly Car Hire Purchase addressed to anyone who wants to buy a new hybrid or electric car, providing its customers the opportunity to buy a new electric vehicle and to move away from transport options reliant on fossil fuels. Moreover, an environmentally friendly loan for home renovation is offered to customers who want to renovate and upgrade the energy efficiency of their privately owned primary residence or holiday home and achieve a higher energy efficiency rating. Further, the customers may benefit from an Energy Loan for the installation of energy saving systems for home use. This product is addressed to customers who seek financing for the installation of photovoltaic systems for home use and other home energy saving systems. At the end of 2023, the Group launched the Green Housing product, with variable interest rate and in 2024 launched Green Housing product with fixed interest rate, aligned with GLP of LMA, which drives the decarbonisation strategy of Mortgage portfolio. Green housing products provide a discount to customers providing the EPC Category A. The new lending strategy of the Group, embedded in the Financial Plan for 2025-2028, includes the ambition on the new Green Housing product in order be aligned with the GHG emissions reduction target set and manage transition risk. The fact that the Cyprus legislation imposes residential properties to have an EPC A so to issue a planning permit after 1 July 2020 facilitates the process. The Environmentally friendly Gross Loans are not verified by independent body.

Sustainable Finance Framework

The Group established a Sustainable Finance Framework ('SFF') aiming to improve disclosure and transparency on sustainability and to bring to international investors more opportunities to invest in sustainable developments in Cyprus and Greece. The SFF is designed to support the management of climate change mitigation, adaptation and energy impacts and risks and grasp opportunities through sustainable financing. The Group has set up a Sustainable Finance Framework which will facilitate the issuance of:

i. Green Bonds/Loans for which the funds raised are exclusively allocated to Eligible Green Projects
ii. Social Bonds/Loans for which the funds raised are exclusively allocated to Eligible Social Projects
iii. Sustainability Bonds whereby the funds raised are exclusively allocated to Eligible Green Projects and to Eligible Social Projects

The SFF is aligned with the Green Bond Principles and defines the following core elements:

i. Use of Proceeds
ii. Process for Project Evaluation and Selection
iii. Management of Proceeds
iv. Reporting

For Use of Proceeds an amount at least equivalent to the net proceeds of any Sustainable Financing Instrument issued by the Group will be allocated to finance new or re-finance, in whole or in part sustainable projects which meet the eligibility criteria of the following Eligible Green and/or Social Project categories. The Project Evaluation and Selection Process ensures that the proceeds of any of the Group's Sustainable Financing Instruments are allocated to new lending or existing projects that meets the criteria set out under the SFF. The Group has established a Sustainable Financing Working Group (SFWG) to carry out the evaluation and selection process.

In addition, it is the BOC PCL's intention to maintain an aggregate amount of Eligible Sustainable Projects that is at least equal to the aggregate net proceeds of all BOC PCL's Sustainable Financing Instrument issuances that are concurrently outstanding under this Framework. In the event that the aggregate value of Eligible Sustainable Projects in the BOC PCL's Eligible Asset Portfolio is less than the total outstanding amount of the BOC PCL's Sustainable Financing Instrument(s), the unallocated surplus funds will be held in line with the Bank's general liquidity management guidelines until allocated to Eligible Sustainable Projects. Eligible projects are:

Pillar 3 Disclosures 2024

16.1.1.1 Business strategy to integrate environmental factors and risks (continued)

a) Renewable Energy (Environmental)
b) Energy Efficiency (Environmental)
c) Clean transportation (Environmental)
d) Green Buildings (Environmental)
e) Access to Essential Services Healthcare
f) Employment Generation and SME financing

For all Sustainable Financing Instrument issuances under this Framework, the Group is committed to providing investors with transparent reporting on the allocation of proceeds towards Eligible Sustainable Projects (Allocation Reporting), as well as to report on the positive environmental and social impacts of those projects (Impact Reporting). The Sustainable Financing Instrument Report will be updated annually, until full allocation of the proceeds of the issued Sustainable Financing Instrument(s).

Following the setup of the SFF in 2023, BOC PCL, in 2024, issued a €300 million green senior preferred notes under the EMTN programme in line with the Group's Beyond Banking approach, aimed at creating a stronger, safer and future-focused bank and leading the transition of Cyprus to a sustainable future. An amount equivalent to the net proceeds of the Notes will be allocated to eligible green projects as described in the SFF.

ESG and Climate considerations in loan pricing

The Group performed market research to identify the best practices to incorporate ESG and climate considerations in the loan pricing. Following the market research, the Group introduced margin discounts by taking into account the customer's ESG score and the transaction eligibility under Green Lending Policy. A margin discount, based on the client's ESG and climate impact, has been implemented for both new and existing clients on new lending requests, for all clients (all sectors) under Corporate Division, differentiating however between carbon-intensive vs. non-carbon intensive sectors. The Group linked the margin discount at the client level to the borrower's "E" scoring (extracted from borrower's "ESG" score). In addition, the margin discount is linked at the transaction level (i.e. whether lending is Green or not) utilizing the provisions of the Green Lending Policy. This approach aims to incentivize customers to have a better ESG score and obtain green lending in order to be exposed to lower level of climate change transition and adaptation risks.

Principles for Responsible Banking (PRB)

In September 2022, BOC PCL voluntarily conducted an impact analysis, using its loan portfolio, in accordance with the PRB's impact analysis tools. In October 2023, BOC PCL has become the first Bank in Cyprus to sign the United Nations PRB which is a single framework for a sustainable banking industry, developed through a collaboration between banks worldwide and the United Nations Environment Programme Finance Initiative (UNEP FI).

The principles are the leading framework for ensuring that banks' strategies and practices align with the vision society has set out for its future in the UN Sustainable Development Goals and the Paris Climate Agreement. BOC PCL, by signing the principles, commits to be ambitious in its sustainability strategy, working to embed sustainability into the heart of its business, while allowing the Bank to remain at the cutting-edge of sustainable finance.

Under the Principles, BOC PCL should identify and measure the environmental and social impact resulting from its business activities, set and implement targets where it has the most significant impact, and regularly report publicly on their progress. BOC PCL has already measured its environmental and social impact by voluntarily applying the PRB's impact analysis tools in order to identify and report on the material impacts arising from its business activities (i.e. loan portfolio). The next step for BOC PCL is to set at least two targets associated with the PRB's impact areas which can have the most significant impact. For BOC PCL the two key impact areas are Climate Stability and availability, accessibility, affordability & quality of resources and services. BOC PCL has set, in 2023, a decarbonization target on Mortgage portfolio which reflects the first SMART target set on loan portfolio for the Climate stability impact area. For the performance against the decarbonization target on Mortgage refer to Section 16.1.1.2 Objective, targets and limits. BOC PCL is expected to set SMART target on availability, accessibility, affordability & quality of resources and services impact area in 2025.

16.1.1.1 Business strategy to integrate environmental factors and risks (continued)

Signatories to the Principles take on a leadership role, demonstrating how banking products, services and relationships can support and accelerate the changes necessary to achieve shared prosperity for current and future generations, building a positive future for both people and the planet. These banks also join the world's largest global banking community focused on sustainable finance, sharing best-practice and working together on practical guidance and pioneering tools of benefit to the entire industry.

The endorsement of the PRB by BOC PCL, is fully aligned with and reinforces our strategic priority to become a market leader for sustainable banking and lead the transition of Cyprus to a sustainable future. We aim not only to deliver financial but also environmental and social value to our stakeholders. As such, our approach is multidimensional: to maintain our leading role in supporting Cypriot society; to implement our commitments to these Principles through effective governance and a culture of responsible banking; to reduce our own environmental footprint as well as supporting our customers to reduce their GHG emissions and to continue supporting our staff by providing training and upskilling opportunities as well as staff wellness initiatives.

BOC PCL is committed to the following principles:

1. Alignment: BOC PCL will align its business strategy to be consistent with and contribute to individuals' needs and society's goals, as expressed in the Sustainable Development Goals, the Paris Climate Agreement and relevant national and regional frameworks.
1. Impact & Target Setting: BOC PCL will continuously increase its positive impacts while reducing the negative impacts on, and managing the risks to, people and environment resulting from our activities, products and services. To this end, BOC PCL will set and publish targets where it can have the most significant impacts.
1. Clients & Customers: BOC PCL will work responsibly with its clients and its customers to encourage sustainable practices and enable economic activities that create shared prosperity for current and future generations.
1. Stakeholders: BOC PCL will proactively and responsibly consult, engage and partner with relevant stakeholders to achieve society's goals.
1. Governance & Culture: BOC PCL will implement its commitment to these Principles through effective governance and a culture of responsible banking.
1. Transparency & Accountability: BOC PCL will periodically review its individual and collective implementation of these Principles and be transparent about and accountable for its positive and negative impacts and its contribution to society's goals.

As a means to enhance not only its ESG and climate risk framework but also its ability to identify future opportunities BOC PCL has introduced new ESG questionnaires within its credit granting process. For more details on ESG questionnaires refer to Section 16.1.3.

Group Financial and Business Plan

The Group enhanced the Group Financial and Business Plan manual to ensure the incorporation of C&E risks and considerations in the Business Strategy. Specifically, during the planning phase of new lending the RMD and Investor Relations and ESG Department (IR&ESG) provides the sectors associated with C&E risks, the preliminary impact assessment derived from BES process, science-based targets (GHG emission reduction targets aligned with a climate scenario) set and the direction of Green/Transition new lending based on BES. In addition, each Division, taking into account the preliminary impact assessment (performed by RMD, IR&ESG and Strategy) on risk profile and strategy arising from the BES on C&E risks as well as the MA on C&E risks, identifies which are the material C&E risks over the Financial plan period and defines the actions, strategies and products to mitigate the C&E risks identified. IR&ESG department ensures the adequacy, relevance and reasonableness of the business lines strategies to manage material C&E risks on the main portfolios.

16.1.1.1 Business strategy to integrate environmental factors and risks (continued)

Business Environment Scan (BES)

BOC PCL, established and implements a structured and detailed process, with clear roles and responsibilities, to gather a broad range of updates and developments, both internal and external, and link them with sectors/industries and products/services so to assess their impact, across different time horizons, and identify C&E risks emerging from these updates and developments and inform the Group's risk and strategic profile.

The BES process facilitates the ongoing monitoring of potential impacts of C&E risks on its business environment across short-, medium- and long-term time horizons. This process involves the systematic monitoring of various news, updates, and developments, including regulatory developments, macroeconomic trends, competitive landscape, technological trends, as well as societal demographic developments and geopolitical updates. As part of the process, the Group collects external information, on a monthly basis, from various sources, such as news articles, publications, policy and regulatory updates, as well as internal information such as strategy updates, process changes and other relevant internal documentation.

The identified developments are then mapped to the relevant business lines, sectors/industries and portfolios that might be impacted, as well as to specific products/services, where applicable. Developments are further assessed in terms of their relevance across the various time horizons, and preliminary impact scores are assigned based on the expected effect on the Group's risk and strategic profile. Scores range from 0 (No impact) to 5 (Critical impact).

The Group has established a dynamic interaction between the BES and the MA to ensure that the insights from both exercises continually inform and enhance each other. The results of the BES, for 2024, have been considered and informed the RIMA and Business Strategy, particularly developments which have been classified as having a "High" or "Critical".

The preliminary impact assessment of key updates and developments on risk profile and strategy is conducted and reported to the Sustainability Committee and Executive Committee on a quarterly basis. The final impact assessment of key updates and developments on risk profile and strategy is conducted and presented to the Sustainability Committee, Executive Committee, Nominations and Corporate Governance Committee and Risk Committee on an annual basis.

The Group established also a BES working group with specific responsibilities assigned to Compliance Division, Risk Management Division and Strategy Department so to collectively perform the impact assessment arising from key updates and developments on risk profile and strategy.

16.1.1.2 Objectives, targets and limits

The Group in its ESG Strategy focus on the following key ambitions:

i. Reduction by 42% of GHG emissions from own operations by 2030;
ii. Become Net Zero by 2050;
iii. Steadily increase Green Asset Ratio; and
iv. Steadily increase Green Mortgage Ratio.

The Group has estimated the Scope 1 (Mobile Combustion, Stationary Combustion and Fugitive Emissions) and Scope 2 GHG emissions of 2021 relating to own operations in order to set the baseline for carbon neutrality target, given this was the year the Group's decarbonisation efforts were initiated. For the Group to meet the carbon neutrality target, the Scope 1 and Scope 2 GHG emissions should be reduced by 42% (absolute target) by 2030. The absolute reduction target has been set following the IEA's B2DS and sectoral decarbonisation approach using Science Based target initiative's (SBTi) tool. The decarbonisation target has not been externally assured by relevant climate global bodies, such as SBTi. The target is directly linked with the Group's ESG strategy until the Group's Environmental policy becomes effective by the end of 2025.

Pillar 3 Disclosures 2024

16.1.1.2 Objectives, targets and limits (continued)

The Group's decarbonisation efforts, including actions described in Section 16.1.1.1 lead to the reduction in Scope 1 and Scope 2 GHG emissions by 3,431 tCO2e in 2024 compared to 2021 which represents c.25% reduction. The Group should perform additional decarbonisation actions to reduce Scope 1 and Scope 2 GHG emissions by c.17% to achieve the interim target of 2030.

The energy efficiency actions conducted in 2024 were netted off with the increased electricity consumption due to cooling needs associated with summer heatwaves, leading to stable Scope 2 GHG emissions between 2023 and 2024.

Metric	2021 Base line	Target year	Target	Target reduction	Performance as at 31/12/2024	Figure as at 31/12/2024	Methodology
tCO2eq	13,693	2030	7,942	(42%)	(25%)	10,262	SBTi

The Group's own carbon footprint will continue to be calculated on an annual basis which will enable comparisons to be made and progress against decarbonisation target to be monitored.

The Group monitors the performance against the GHG emission target on own operation through SC, EXCO and NCGC on a quarterly basis through the Sustainability Performance Report.

For the purpose of the calculation of the 2021, 2022, 2023 and 2024 Carbon footprint, the Group uses the operational GHG accounting approach. The 2021, 2022, 2023 and 2024 carbon footprint for Scope 1 and Scope 2 GHG emissions was estimated based on the methodologies described in the Greenhouse Gas Protocol (GHG Protocol) and ISO14064-1:2019 standard.

Aligned with the Group's 2050 Net Zero ambition, the Group joined the Partnership for Carbon Accounting Financials (PCAF) in October 2022 and adopted its recommended methodology for estimating Financed Scope 3 GHG emissions from the Group's investment and lending activities, as well as its insurance contracts. Group's Financed Scope 3 GHG emissions constitute 97% of the Group's total emissions, estimated using the PCAF Standard and proxies. The PCAF Standard, reviewed by the GHG Protocol, aligns with the Corporate Value Chain (Scope 3) Accounting and Reporting Standard for category 15 investment activities. It includes a data quality ranking scale from 1 (highest quality) to 5 (lowest quality), applied to the estimation of emissions for each asset class.

To improve data quality and reduce data gaps, BOCH launched ESG Due Diligence process to gather relevant data and enhanced its loan origination process to gather Energy Performance Certificates (EPCs) for financed and certain collateral properties. Additional data collection actions will be undertaken in 2025 based on the ESG and Climate Data Gap & Strategy. The loan portfolio has been classified into PCAF asset classes to facilitate future decarbonisation target-setting.

PCAF Asset
class

Definition

Business loans

Business loans include all loans and lines of credit for general corporate purposes (i.e.,
with unknown use of proceeds as defined by the GHG Protocol) to businesses, non
profits, and any other structure of organisation that are not traded on a market and are
on the balance sheet of the financial institution. Revolving credit facilities, overdraft
facilities, and business loans secured by real estate such as Commercial Real Estate
secured lines of credit are also included. Any off-balance sheet loans and lines of credit
are excluded.

Commercial
Real Estate
(CRE)

This asset class includes on-balance sheet loans for specific corporate purposes, namely
the purchase and refinance of commercial real estate (CRE), and on-balance sheet
investments in CRE. This definition implies that the property is used for commercial
purposes, such as retail, hotels, office space, industrial, or large multifamily rentals. In
all cases, the building owner or investor leases the property to tenants to conduct
income-generating activities.

16.1.1.2 Objectives, targets and limits (continued)

PCAF Asset class	Definition
Mortgages	This asset class includes on-balance sheet loans for specific consumer purposes namely the purchase and refinance of residential property, including individual homes and multifamily housing with a small number of units. This definition implies that the property is used only for residential purposes and not to conduct income-generating activities.
Motor vehicles	This asset class refers to on-balance sheet loans and lines of credit for specific (corporate or consumer) purposes to businesses and consumers that are used to finance one or several motor vehicles. Corporate loans for acquisition of vehicles for trade purposes were classified as 'Business Loans'.

The Financed Scope 3 GHG emissions are disclosed in ESG Template 1.

The Group, by taking into account the GHG emissions estimated for loan portfolio, the most significant loan exposures and the RIMA on C&E risks, decided to set a decarbonisation target on Mortgage portfolio, since their exposure corresponds to 34% of Households, Non-Financial and Other-Financial Corporations exposures and corresponds to c.6% of Group's GHG emissions of loan portfolio. The target is aligned with the Group's ESG ambition to reach Net Zero by 2050 and is linked with the objectives of the policies mentioned above. The Group has estimated the GHG emissions per square metre, as at 31 December 2022, for the properties financed under its Mortgage portfolio using the PCAF methodology and proxies, to identify the baseline. By applying SBTi target setting methodology, the baseline should be no more than a year from the target's effective date. Therefore, given the target was effective from December 2023, the baseline was set at December 2022. Then Group utilised the SBTi's tools, sectoral decarbonisation approach, in order to estimate the decarbonisation pathway that the Mortgage portfolio should follow to be aligned with the IEA B2DS. The Group decided to align the Mortgage portfolio with IEA B2DS due to the following reasons:

i. the scenario is consistent with Global warming projections (International Energy Agency (IEA) and Intergovernmental Panel on Climate Change (IPCC)) and is considered a widely acceptable scenario.
ii. The scenario is considered more plausible compared to the International Energy Agency's Net Zero Scenario given the fact that Cyprus market is pre-mature in the climate field. Therefore, BOC PCL considers reasonable to initiate its efforts based on a less intense scenario and then intensify its efforts when the overall Cyprus market is more mature in the field.
iii. Lack of data, enhances the risk of not having a solid baseline, so BOC PCL considers that is more prudent to initiate its efforts based on a less optimistic scenario until data availability and quality is enhanced.
iv. The scenario is more straightforward to obtain and use as it is aligned with SBTI's available tools.

In order to ensure the feasibility of the interim decarbonisation target and derive the decarbonisation strategy of Mortgage portfolio, the Group has projected the GHG emissions per square metre for the properties financed under its Mortgage portfolio as at 31 December 2030. In order to project the Mortgage portfolio as at 31 December 2030, BOCH used various assumptions such as:

i. Projected new lending on Mortgage portfolio between 2025-2030;
ii. Projected square metres of each property financed under projected Mortgage new lending;
iii. Allocation of new lending on Mortgages to Energy Performance Certificate (EPC) classifications;
iv. PCAF proxies on GHG emissions per financed residential property;
v. Cyprus Government targets on the reduction of GHG emissions as well as the utilisation of renewable energy on residential buildings by 2030;
vi. Expiration of Mortgage exposures between 2025-2030.

When setting the target, the Group performed several sensitivities on the assumptions used to project Mortgage portfolio as at 31 December 2030 in order to ensure the feasibility of the target. Under all scenarios (sensitivities) the decarbonisation target on Mortgage on 2030 is achieved. In addition, sensitivities were performed to the baseline of 2022, given the lack of sufficient data, in order to ensure that when data quality of the estimation is improved in the upcoming years the adjusted decarbonisation target will be met. The decarbonisation target on Mortgage is also achieved after the increase / decrease of baseline by 10%, under all scenarios. The decarbonisation target has not been externally assured by relevant climate global bodies such as SBTi.

Pillar 3 Disclosures 2024

16.1.1.2 Objectives, targets and limits (continued)

Metric	Emissions Scope	2022 Base line	Target year	Target	Target reduction	Performance as at 31 December 2024	Figure as at 31 December 2024	Methodology
kgCO2/ m2	S1 & S2	53.50	2030	30.65	(43%)	(12%)	47.19	PCAF/SBTi
kgCO2/ m2	S1 & S2	53.50	2050	2.34	(96%)	(12%)	47.19	PCAF/SBTi

The decarbonization target set on Mortgage portfolio is summarized on the table below:

The Group aims to reduce by 43% the kilograms of GHG emissions financed per square metre (kgCO2e/m2) under the Mortgage portfolio, by 2030 compared to 2022 baseline. The Mortgage portfolio as at 31 December 2024 produced 47.19 kgCO2e/m2 which is 12% lower compared to the baseline due to increase in energy efficient residential properties financed in 2024 following introduction of Green Housing product.

Carbon Intensity Target – Mortgage Portfolio

At the end of 2023, the Group introduced the Green Housing product with a variable interest rate. In 2024, the Group introduced the Green Housing product with a fixed interest rate. Both products are aligned with the GLP of the LMA, supporting the decarbonization strategy of the mortgage portfolio. The Group's new lending strategy, embedded in the 2025-2028 Financial Plan, include a new lending internal KPI associated with the Green Housing product which represents the decarbonization lever to reach the carbon intensity reduction as presented in the above graph.

The feasibility of this GHG emission reduction target is strengthened by Cyprus legislation, which mandates that residential properties must have an EPC Category A to obtain a planning permit for construction after July 1, 2020. The Group's Mortgage portfolio should be aligned with the abovementioned graph in order to be aligned with the climate scenario of IEA B2DS and being exposed to lower transition risks. The Group following the abovementioned analysis determined its new Mortgage lending strategy to meet the decarbonisation target on Mortgage.

The Group monitors the performance against the new lending metric associated with decarbonisation target on Mortgage in order to take remedial action on time;

i. By the SC, EXCO and NCGC through the Sustainability Performance Report (Quarterly);
ii. By the SC, EXCO and RC through the Climate Risk Report (Quarterly);
iii. By EXCO through the monthly performance pack (Quarterly);
iv. By BDC on a monthly basis.

Pillar 3 Disclosures 2024

16.1.1.2 Objectives, targets and limits (continued)

Operational Limits to manage material climate transition and physical risks

In addition to the decarbonisation target set on Mortgage portfolio, the Group has set Key Risk Indicators (KRIs) for both transition and physical risks. The KRI related to Transition Risks of Non-Financial Corporations (NFCs) measures the Scope 1 intensity per loan as compared with the average Scope 1 emission intensity of Cyprus Republic. The KRI and relevant thresholds are updated on an annual basis through revision of Risk Appetite process. The indicator is monitored by the SC, EXCO, RC and Board as part of the Risk Appetite quarterly reporting. The KRI is effective for the year 2025 therefore no progress against the indicator has been reported.

Description	The indicator measures the potential exposure at risk in relation to transition risk. The indicator is applicable to Non – Financial Corporations only.
Thresholds	Business as usual:	Early warning:	In-breach:
	<=30%	30 – 40%	>40%
Note:

1) The KRI measures the Potential Exposure at Risk [PEAR = (Exposures with CO2 emissions >= the Cyprus average Scope 1 emissions)/(Total Exposure)].

2) The GHG emissions for BOC PCL's exposures are estimated using the PCAF (Partnership for Carbon Accounting Financials) proxies and standard.
3) The average Scope 1 emissions for Cyprus, as reported by the Republic to EuroStat, cover the period from 2013 to 2019. The data from 2020 to 2021 were excluded due to the impact of COVID-19, which resulted in lower and non-representative emissions figures. When setting the indicator those were the latest available GHG emission data for Cyprus.
4) To calculate the PEAR ratio, the Scope 1 emissions per loan exceeding the Cyprus average were summed (numerator) and then divided by the total GHG emissions of the Non-Financial Corporation of the Bank (denominator).

The Group is also exposed to climate-related physical acute risks driven by wildfire risk through its impact on credit risk on the loan portfolio. Therefore, the Group has set a KRI that measures the exposure collateralised by immovable property with a "Very High" rating for any physical risk that can impact collaterals (wildfire & landslides) over the total exposure collateralised with immovable property. This allows the monitoring and mitigation of such risks. The indicator is monitored by the SC, EXCO, RC and Board as part of the Risk Appetite quarterly reporting. The KRI is effective for the year 2025 therefore no progress against the indicator has been reported.

Description	The indicator measures the exposure collateralised by immovable property with a "Very High" rating for any physical risk over the total exposure collateralised with immovable property.
	Business as usual:	Early warning:	In-breach:
Thresholds	<=30%	30 – 45%	>45%

Note:

1) The KRI measures the Potential Exposure at Risk [PEAR = (Exposures with physical risk graded "Very High")/(Total Exposure)] both at country and district level.

2) Potential exposure at Risk is calculated by considering exposure collateralised by immovable property with a "Very High" rating for wildfire and / or landslide over the total exposure collateralised with immovable property.

3) Each collateral location receives a rating for each risk, ranging from "Low" to "Very High". This is referred to as the SPRI (Synthetic Physical Risk Index), representing the asset's vulnerability to physical risk based on its geographic location, different climate scenarios and time periods. It is noted that SPRIs do not indicate losses on asset values but aid in measuring the materiality of exposure to physical risks in the Bank's collateral portfolio.

The above indicator also monitored across material portfolios and geographies (concentration) and their thresholds are the same as indicated above. The Group has set the following operational limits, applicable for the year 2025, to track the effectiveness of the policies mentioned in Section Policies and Actions Related to Climate Change Mitigation and Adaptation:

Target	Level	Policies to address material impacts and risks
% of customers with ESG Due Diligence	100% of all eligible customers	Lending Policy
Overdue insurance policies	0% overdue insurance polices	Lending Policy

16.1.1.2 Objectives, targets and limits (continued)

Target	Level	Policies to address material impacts and risks
Outstanding valuations	0% overdue outstanding valuations	Valuation Policy
EPCs collections for new lending	100% of eligible collateral population	Lending Policy
50% of new EPCs to be > C	50% of eligible new collateral to be greater than EPC C	Lending Policy

Operational Limits - Details

Target	% of customers with ESG Due Diligence
Description	Requires the completion of the ESG Due Diligence process through the Synesgy platform (ESG questionnaires). The assessment takes place annually.
Risks addressed	The questionnaires cover a wide spectrum of ESG risks as it is structured based on GRIs, ESRS and SDGs.
Lines / Portfolios	All eligible customers under SME Banking (Line 2) and Corporate Banking (Line 3). The KPI will become applicable to any line to which the ESG Due Diligence process is introduced.
Thresholds	100% of eligible customers within a single calendar year
Target	Overdue insurance policies
Description	Requires that all real estate obtained as collateral maintains insurance against the main physical risks
Risks addressed	Physical risks: wildfire, flood, earthquake
Lines / Portfolios	All lines that obtain real estate as collateral
Thresholds	0% overdue insurance polices
Target	Outstanding valuations
Description	Requires that all real estate obtained as collateral maintains current valuations as defined in the Valuation Policy. Since 2024, all valuers are requested to comment on C&E risks that affect each property. Furthermore, they are required to record in the Valuations System any flood, earthquake, and ground geological suitability findings as determined by the various authorities of the Republic.
Risks addressed	Physical risks: flood, earthquake, geological findings
Lines / Portfolios	All lines that obtain real estate as collateral.
Thresholds	0% overdue outstanding valuations
Target	EPCs collections for new lending
Description	Requires that EPCs are collected for all new real estate obtained as collateral as part of new lending and are required by Law to have an EPC issued.
Risks addressed	Transition risks
Lines / Portfolios	All lines that obtain real estate as collateral.
Thresholds	100% of eligible collateral population
Target	EPCs classification for new lending
Description	Requires that 50% of EPCs collected for all new real estate obtained as collateral as part of new lending to have a classification greater than C. The KPI relates to collaterals that are required by Law to have an EPC.
Risks addressed	Transition risks
Lines / Portfolios	All lines that obtain real estate as collateral.
Thresholds	50% of eligible collateral population to be greater than C

16.1.1.2 Objectives, targets and limits (continued)

The KRIs and operational indicators are effective for the year 2025 therefore no progress against the indicators is reported. The limits are not based on scientific evidence and only internal stakeholders were engaged in setting those limits.

Escalation process

If any of the KRIs listed above is breached (whether at the early warning level or the in-breach level) then the breach is escalated to the CRO. If the breach relates to either a RAS or a Recovery Plan indicator, then the respective escalation process is followed.

KPIs will be monitored as per the existing monitoring process in place which provides for:

KPIs are reported to the Credit Monitoring Forum on a monthly basis and monitored versus targets on a quarterly basis;
In case of material deviations, these will be reported to the RC as necessary.

Given that the KPIs related to C&E risks, deviations will be reported to the CRO who may decide to escalate to the SC before any further escalation to the RC.

16.1.1.3 Activities towards environmental objectives and EU Taxonomy-aligned activities

The Group's current Green Lending Policy is based on the Loan Market Association's Green Loan Principles. The policy provides the basis for developing green products through a set of criteria that includes the attainment of a specific environmental objective, the management of proceeds to ensure that the funds are only used for the specified purpose and appropriate reporting to support the attainment of the objective. The Group aims to enhance further its policy through the development of more detailed procedures to allow for the provision of green lending based upon the said Green Loan Principles and is also in the process of considering EU Taxonomy and looking for ways to implement it going forward on a best effort basis. The environmentally friendly loan portfolio of the Group is presented in the Graph below.

16.1.1.4 Engagement with new or existing counterparties

For the description of the engagement with customers and the actions taken to mitigate risks refer to Section 16.1.3.

Pillar 3 Disclosures 2024

ESG Template 1 - Climate change transition risk

The table below discloses information on exposures (loans and advances, debt securities and equity instruments) towards non-financial corporates operating in carbon-related sectors, and on the quality of those exposures, including non-performing status, stage classification, and related provisions as well as maturity buckets and on scope 1, 2 and 3 emissions of their counterparties.

		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p
				Gross carrying amount				Accumulated impairment, accumulated negative credit risk and provisions	changes in fair value due to	GHG financed emissions (scope 1, scope 2 and scope 3 emissions of the counterparty)		GHG emissions (column i): gross carrying
31 December 2024			Of which exposures towards companies excluded from EU Paris aligned Benchmarks *	Of which environmen tally sustainable (CCM)**	Of which stage 2 exposures	Of which non performing exposures		Of which Stage 2 exposures	Of which non performing exposures		Of which Scope 3 financed emissions	amount percentage of the portfolio derived from company specific reporting	<= 5 years	> 5 year <= 10 years	> 10 year <= 20 years	> 20 years	Average weighted maturity
		€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	tons of CO2 equivalent	tons of CO2 equivalent	%	€ million	€ million	€ million	€ million	Years
1	Exposures towards sectors that highly contribute to climate change	4 ,6 0 4	16	2 -	389	4 6	(38)	(13)	(20)	2,083,262	798,574	0%	1,811	1,385	1,325	83	7
2	A - Agriculture, forestry and fishing	4	1 -	-	6	2	(1)	-	(1)	59,856	21,658	0 %	1 7	1 3	1 0	1	7
3	B - Mining and quarrying		8 -	-	-	-	-	-	-	4,004	2,752	0 %	5		4 -	-	3
4	B.05 - Mining o f coal and lignite	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
5	B.06 - Ex traction o f crude pe troleum and natural gas	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
6	B.07 - Mining o f m e tal ores	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
7	B.08 - O ther mining and quarrying		8 -	-	-	-	-	-	-	4,003	2,752	0 %	5		4 -	-	3
8	B.09 - Mining support service activities		0 -	-	-	-	-	-	-	1	-	0	% -	-	-	-	-
9	C - Manufacturing	420	-	-	1 4	3	(2)	(1)	(1)	274,190	174,899	0 %	244	138	3	8 -	4
1 0	C .10 - Manufacture o f food products	120	-	-	6	1	(1)	-	-	130,109	92,920	0 %	5 1	5 6	1	3 -	5
1 1	C .11 - Manufacture o f	1	0 -	-	1		1 -	-	-	1,547	1,270	0 %	5	2		3 -	6
1 2	beverages C .12 - Manufacture o f		0 -	-	-	-	-	-	-	4	1	0	% -	-	-	-	-
	tobacco products C .13 - Manufacture o f		2 -	-	-	-	-	-	-	313	199	0 %		1 -	-	-	3
1 3	tex tiles C .14 - Manufacture o f	1	2 -	-	1	-	-	-	-	2,411	2,270	0 %	1 1		1 -	-	5
1 4 1 5	wearing apparel C .15 - Manufacture o f leather and related products		1 -	-	-	-	-	-	-	202	108	0	% -	-	-	-	3

Pillar 3 Disclosures 2024

		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p
				Gross carrying amount				Accumulated impairment, accumulated negative credit risk and provisions	changes in fair value due to	GHG financed emissions (scope 1, scope 2 and scope 3 emissions of the counterparty)		GHG emissions (column i): gross
31 December 2024			Of which exposures towards companies excluded from EU Paris aligned Benchmarks *	Of which environmen tally sustainable (CCM)**	Of which stage 2 exposures	Of which non performing exposures		Of which Stage 2 exposures	Of which non performing exposures		Of which Scope 3 financed emissions	carrying amount percentage of the portfolio derived from company specific reporting	<= 5 years	> 5 year <= 10 years	> 10 year <= 20 years	> 20 years	Average weighted maturity
		€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	tons of CO2 equivalent	tons of CO2 equivalent	%	€ million	€ million	€ million	€ million	Years
1 6	C .16 - Manufacture o f wood and o f products o f wood and cork , ex cept furniture; m anufacture o f articles o f straw and plaiting m aterials		7 -	-	1	-	-	-	-	2,370	1,469	0 %	4	2		2 -	7
1 7	C .17 - Manufacture o f pulp, paper and paperboard		7 -	-	-	-	-	-	-	5,817	2,363	0 %	5	1		1 -	3
1 8	C .18 - Printing and service activities related to printing		8 -	-	1	-	-	-	-	6,211	2,213	0 %	4	1		2 -	5
1 9	C .19 - Manufacture o f coke oven products		1 -	-	1	-	-	-	-	1,203	433	0	% -		1 -	-	6
2 0	C .20 - Production o f chemicals	3	8 -	-	1	-	-	-	-	14,190	8,040	0 %	1 7	2	1 -	-	4
2 1	C .21 - Manufacture o f pharm aceutical preparations	6	7 -	-	-	-	-	-	-	19,951	15,302	0 %	5 6	1	1 -	-	3
2 2	C .22 - Manufacture o f rubber products	2	8 -	-	-	-	-	-	-	10,444	9,365	0 %	2 0	4		4 -	3
2 3	C .23 - Manufacture o f other non-m e tallic mineral products	1	1 -	-	-	-	-	-	-	28,861	3,580	0 %	8	2		2 -	5
2 4	C .24 - Manufacture o f basic m e tals		2 -	-	-	-	-	-	-	808	498	0 %	1		1 -	-	7
2 5	C .25 - Manufacture o f fabricated m e tal products, ex cept m achinery and equipm ent	2	2 -	-	-	-	-	-	-	9,191	7,516	0 %	1 0	5		6 -	6
2 6	C .26 - Manufacture o f com puter, electronic and optical products	2	5 -	-	-	-	-	-	-	12,649	6,929	0 %	2 0		4 -	-	2
2 7	C .27 - Manufacture o f electrical equipm ent		2 -	-	-	-	-	-	-	983	664	0 %	1		1 -	-	5
2 8	C .28 - Manufacture o f m achinery and equipm ent n.e .c.	2	1 -	-	-	-	-	-	-	4,941	4,366	0 %	2	1	9 -	-	5
2 9	C .29 - Manufacture o f m otor vehicles, trailers and semi-trailers		2 -	-	-	-	-	-	-	1,946	1,763	0 %		1 -		1 -	7

Pillar 3 Disclosures 2024

		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p
				Gross carrying amount				Accumulated impairment, accumulated negative credit risk and provisions	changes in fair value due to	GHG financed emissions (scope 1, scope 2 and scope 3 emissions of the counterparty)		GHG emissions (column i): gross
31 December 2024			Of which exposures towards companies excluded from EU Paris aligned Benchmarks *	Of which environmen tally sustainable (CCM)**	Of which stage 2 exposures	Of which non performing exposures		Of which Stage 2 exposures	Of which non performing exposures		Of which Scope 3 financed emissions	carrying amount percentage of the portfolio derived from company specific reporting	<= 5 years	> 5 year <= 10 years	> 10 year <= 20 years	> 20 years	Average weighted maturity
		€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million	tons of CO2 equivalent	tons of CO2 equivalent	%	€ million	€ million	€ million	€ million	Years
3 0	C .30 - Manufacture o f other transport equipm ent		0 -		- -	-	-	-	-	8	7	0	% -	-	-	-	-
3 1	C .31 - Manufacture o f furniture	6	-		- 1	-	-	-	-	2,613	1,604	0 %	2	2	2	-	8
3 2	C .32 - O ther m anufacturing	21	-		- 1	-	-	-	-	13,222	9,063	0	% 18	2	2	-	5
3 3	C .33 - Repair and installation o f m achinery and equipm ent	7	-		- -	-	-	-	-	4,196	2,956	0 %	7	-	-	-	3
3 4	D - Electricity, gas, steam and air conditioning supply	121	46		- 1	-	-	-	-	109,840	27,605	0	% 12	47	61	-	9
3 5	D35.1 - Electric power generation, transmission and distribution	94	46		- 1	-	-	-	-	41,446	20,557	0 %	8	26	60	-	10
3 6	D35.11 - Production o f electricity	-	-		- -	-	-	-	-	-	-	-	-	-	-	-	-
3 7	D35.2 - Manufacture o f gas; distribution o f gaseous fuels through m ains	26	-		- -	-	-	-	-	7,817	6,854	0 %	4	21	1	-	5
3 8	D35.3 - Steam and air conditioning supply		0 -		- -	-	-	-	-	60,577	194	0	% -	-	-	-	6
3 9	E - Water supply; sewerage, waste management and remediation activities	20	-		- -	-	-	-	-	3,444	1,761	0	% 18	2	1	-	4
4 0	F - Construction	484	-		- 249	2	(9)	(7)	(1)	123,122	106,099	0	% 207	237	40	-	5
4 1	F.41 - Construction o f buildings	380	-		- 246	1	(8)	(7)	(1)	86,406	75,227	0	% 158	193	29	-	5
4 2	F.42 - Civil engineering	47	-		- 1	-	-	-	-	16,902	15,580	0	% 10	37	1	-	5
4 3	F.43 - Specialised construction activities	56	-		- 3	1	(1)	-	-	19,814	15,292	0	% 39	8	10	-	4
4 4	G - Wholesale and retail trade; repair of motor vehicles and motorcycles	908	67		- 39	16	(9)	(2)	(5)	398,863	342,796	0	% 582	219	108	1	4

Pillar 3 Disclosures 2024

ESG Template 1 - Climate change transition risk (continued)

31 December 2024		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p
				Gross carrying amount			A	ccumulated impairment, accumulated negative changes in fair value due to credit risk and pro	visio ns	GHG financed emissions (scope 1, scope 2 and scope 3 emissions of the counterparty)		GHG emissions (column i): gross
		Of which exposures towards companies excluded from EU Paris aligned Benchmarks *		Of which environmen tally sustainable (CCM)**	Of which stage 2 exposures	Of which non performing exposures		Of which Stage 2 exposures	Of which non performing exposures		Of which Scope 3 financed emissions	carrying amount percentage of the portfolio derived from company specific reporting	<= 5 years	> 5 year <= 10 years	> 10 year <= 20 years	> 20 years	Average weighted maturity
		€ million	€ million	€ million	€ million	€ million		€ million € million	€ million	tons of CO2 equivalent	tons of CO2 equivalent	%	€ million	€ million	€ million	€ million	Years
45	H - Transportation and storage	551		49 -		3 -	(1)	-	-	1,051,534	78,892	0%	290	172	9	80	7
46	H.49 - Land transport and transport via pipelines	42	-	-		1 -	-	-	-	21,558	125	0%	7	34		1 -	6
47	H.50 - Water transport	345	-	-	-	-	-	-	-	1,020,560	70,613	0%	216	129	-	-	4
48	H.51 - Air transport		0 -	-	-	-	-	-	-	202	70	0%	-	-	-	-	-
49	H.52 - Warehousing and support activities for transportation	162		49 -		2 -	(1)	-	-	8,891	7,782	0%	66	8	7	80	12
50	H.53 - Postal and courier activities		2 -	-	-	-	-	-	-	323	302	0%		1 -		1 -	8
51	I - Accommodation and food service activities	1,150	-	-		42 2	(3)	(1)	(1)	30,661	23,041	0%	163	278	710	-	10
52	L - Real estate activities	900	-	-	34	21	(13)	(1)	(11)	27,748	19,071	0%	274	276	349	1	9
53	Exposures towards sectors other than those that highly contribute to climate change	614	-	-	43	30	(20)	(2)	(17)				236	245	132	1	6
54	K - Financial and insurance activities	-	-	-	-	-	-	-	-				-	-	-	-	-
55	Exposures to other sectors (NACE codes J, M - U)	614	-	-	43	30	(20)	(2)	(17)				236	245	132	1	6
	56 Total	5,218	162	-	432	76	(59)	(15)		(37) 2,083,262	798,574	0 %	2,047	1,630	1,457	8 4	7

Pillar 3 Disclosures 2024

	ESG Template 1 -		Climate change transition risk (continued)
		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p
31 December 2023				Gross carrying amount			A ccumulated impairment, accumulated negative changes in fair value due to credit risk and pro visio ns			GHG financed emissions (scope 1, scope 2 and scope 3 emissions of the counterparty) ***		GHG emissions (column i): gross
			Of which exposures towards companies excluded from EU Paris aligned Benchmarks *	Of which environmen tally sustainable (CCM)**	Of which stage 2 exposures	Of which non performing exposures		Of which Stage 2 exposures	Of which non performing exposures		Of which Scope 3 financed emissions	carrying amount percentage of the portfolio derived from company specific reporting	<= 5 years	> 5 year <= 10 years	> 10 year <= 20 years	> 20 years	Average weighted maturity
		€ million	€ million	€ million	€ million	€ million		€ million € million	€ million	tons of CO2 equivalent	tons of CO2 equivalent	%	€ million	€ million	€ million	€ million	Years
1	Exposures towards sectors that highly contribute to climate change	4 ,4 9 2	9 8	-	73 9	12 2	(73)	(13)	(46)	1,76 2 ,2 6 3	752 ,4 4 6	0 %	1,716	1,4 54	1,3 19	3	7
2	A - Agriculture, forestry and fishing	42	-	-	7		1 -	-	-	66,983	24,301	0%	20	13	8	1	6
3	B - Mining and quarrying		8 -	-	-	-	-	-	-	4,161	2,827	0%	4		4 -	-	4
4	B.05 - Mining of coal and lignite	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
5	B.06 - Extraction of crude petroleum and natural gas	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
6	B.07 - Mining of metal ores		0 -	-	-	-	-	-	-		1 -	0%	-	-	-	-	-
7	B.08 - Other mining and quarrying		8 -	-	-	-	-	-	-	3,931	2,703	0%	4		4 -	-	4
8	B.09 - Mining support service activities	-	-	-	-	-	-	-	-	229	124	0%	-	-	-	-	3
9	C - Manufacturing	441	-	-	24	3	(3)	(2)	(1)	259,504	159,319	0%	240	161	40	-	4
10	C.10 - Manufacture of food products	107	-	-	15	2	(1)	(1)	(1)	117,604	78,452	0%	57	36	14	-	5
11	C.11 - Manufacture of beverages	20	-	-	-	-	-	-	-	1,630	1,293	0%	15	2		3 -	3
12	C.12 - Manufacture of		0 -	-	-	-	-	-	-	4	1	0%	-	-	-	-	-
13	tobacco products C.13 - Manufacture of textiles		1 -	-	-	-	-	-	-	328	204	0%		1 -	-	-	3
14	C.14 - Manufacture of wearing apparel		7 -	-	-	-	-	-	-	247	189	0%	1		6 -	-	6
15	C.15 - Manufacture of leather and related products		1 -	-	-	-	-	-	-	216	146	0%		1 -	-	-	1

Pillar 3 Disclosures 2024

	ESG Template 1 -		Climate change transition risk (continued)
		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p
				Gross carrying amount			A ccumulated impairment, accumulated negative changes in fair value due to credit risk and pro visio ns			GHG financed emissions (scope 1, scope 2 and scope 3 emissions of the counterparty) ***		GHG emissions (column i): gross
31 December 2023		*	Of which exposures towards companies excluded from EU Paris aligned Benchmarks	Of which environmen tally sustainable (CCM)**	Of which stage 2 exposures	Of which non performing exposures		Of which Stage 2 exposures	Of which non performing exposures		Of which Scope 3 financed emissions	carrying amount percentage of the portfolio derived from company specific reporting	<= 5 years	> 5 year <= 10 years	> 10 year <= 20 years	> 20 years	Average weighted maturity
		€ million	€ million	€ million	€ million	€ million		€ million € million	€ million	tons of CO2 equivalent	tons of CO2 equivalent	%	€ million	€ million	€ million	€ million	Years
	C.16 - Manufacture of wood and of products of wood and cork, except furniture; manufacture of articles of straw and		6 -	-		1 -	-	-	-	2,203	1,316	0%	3	2		1 -	7
16	plaiting materials
17	C.17 - Manufacture of pulp, paper and paperboard		6 -	-		2 -	-	-	-	5,401	2,180	0%	4	1		1 -	4
18	C.18 - Printing and service activities related to printing	10	-	-		1 -	-	-	-	7,538	2,691	0%	5	2		3 -	6
19	C.19 - Manufacture of		2 -	-		2 -	(1)	(1)	-	1,414	495	0%	-		2 -	-	5
20	coke oven products C.20 - Production of chemicals	34	-	-		1 -	-	-	-	6,849	3,919	0%	22		12 -	-	3
21	C.21 - Manufacture of pharmaceutical preparations	102	-	-	-	-		(1) -	-	23,971	21,296	0%	50	49		3 -	4
	C.22 - Manufacture of	28	-	-	-	-	-	-	-	10,531	9,413	0%	18	7		3 -	3
22	rubber products C.23 - Manufacture of other non-metallic	15	-	-		1 1	-	-	-	35,012	4,491	0%	7	6		2 -	5
23	mineral products C.24 - Manufacture of		3 -	-	-	-	-	-	-	3,477	1,754	0%	1	1		1 -	8
24	basic metals C.25 - Manufacture of fabricated metal products, except machinery and	18	-	-	-	-	-	-	-	8,080	6,526	0%	8	4		6 -	6
25	equipment C.26 - Manufacture of computer, electronic and	20	-	-	-	-	-	-	-	451	346	0%		20 -	-	-	1
26	optical products C.27 - Manufacture of		1 -	-	-	-	-	-	-	821	577	0%	-		1 -	-	7
27	electrical equipment C.28 - Manufacture of
28	machinery and equipment n.e.c.	12	-	-	-	-	-	-	-	2,891	2,524	0%	3		9 -	-	5
29	C.29 - Manufacture of motor vehicles, trailers and semi-trailers		1 -	-	-	-	-	-	-	1,238	1,117	0%		1 -	-	-	3

Pillar 3 Disclosures 2024

	ESG Template 1 -		Climate change transition risk (continued)
		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p
31 December 2023				Gross carrying amount			A ccumulated impairment, accumulated negative changes in fair value due to credit risk and pro visio ns			GHG financed emissions (scope 1, scope 2 and scope 3 emissions of the counterparty) ***		GHG emissions (column i): gross
		Of which exposures towards companies excluded from EU Paris aligned Benchmarks *		Of which environmen tally sustainable (CCM)**	Of which stage 2 exposures	Of which non performing exposures		Of which Stage 2 exposures	Of which non performing exposures		Of which Scope 3 financed emissions	carrying amount percentage of the portfolio derived from company specific reporting	<= 5 years	> 5 year <= 10 years	> 10 year <= 20 years	> 20 years	Average weighted maturity
		€ million	€ million	€ million	€ million	€ million		€ million € million	€ million	tons of CO2 equivalent	tons of CO2 equivalent	%	€ million	€ million	€ million	€ million	Years
30	C.30 - Manufacture of other transport equipment		0 -	-	-	-	-	-	-	11	10	0%	-	-	-	-	-
31	C.31 - Manufacture of furniture	7	-	-	1	-	-	-	-	3,332	2,121	0%	3	2	2	-	7
32	C.32 - Other manufacturing	31	-	-	-	-	-	-	-	20,684	14,332	0%	14	16	1	-	4
33	C.33 - Repair and installation of machinery and equipment	9	-	-	-	-	-	-	-	5,571	3,926	0%	6	3	-	-	4
34	D - Electricity, gas, steam and air conditioning supply	87	25	-	1	-	(2)	-	-	85,967	18,881	0%	8	36	43	-	9
35	D35.1 - Electric power generation, transmission and distribution	57	25	-	1	-	(1)	-	-	12,356	10,829	0%	3	12	42	-	11
36	D35.11 - Production of electricity	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
37	D35.2 - Manufacture of gas; distribution of gaseous fuels through mains	30	-	-	-	-	(1)	-	-	8,944	7,845	0%	5	24	1	-	6
38	D35.3 - Steam and air conditioning supply		0 -	-	-	-	-	-	-	64,667	207	0%	-	-	-	-	7
39	E - Water supply; sewerage, waste management and remediation activities	5	-	-	-	-	-	-	-	1,823	1,118	0%	2	2	1	-	6
40	F - Construction	485	-	-	259	25	(9)	(4)	(3)	120,766	103,850	0%	243	206	36	-	5
41	F.41 - Construction of buildings	414	-	-	246	24	(7)	(3)	(2)	95,722	84,552	0%	200	188	26	-	5
42	F.42 - Civil engineering	24	-	-	7	-	(1)	(1)	-	8,199	7,175	0%	14	10	-	-	4
43	F.43 - Specialised construction activities	47	-	-	6	1	(1)	-	(1)	16,845	12,123	0%	29	8	10	-	5
44	G - Wholesale and retail trade; repair of motor vehicles and motorcycles	881	54	-	112	39	(24)	(6)	(15)	391,991	338,364	0%	579	220	81	1	4

Pillar 3 Disclosures 2024

ESG Template 1 - Climate change transition risk (continued)

		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p
				Gross carrying amount			A	ccumulated impairment, accumulated negative changes in fair value due to credit risk and pro	visio ns	GHG financed emissions (scope 1, scope 2 and scope 3 emissions of the counterparty) ***		GHG emissions (column i): gross
	31 December 2023		Of which exposures towards companies excluded from EU Paris aligned Benchmarks *	Of which environmen tally sustainable (CCM)**	Of which stage 2 exposures	Of which non performing exposures		Of which Stage 2 exposures	Of which non performing exposures		Of which Scope 3 financed emissions	carrying amount percentage of the portfolio derived from company specific reporting	<= 5 years	> 5 year <= 10 years	> 10 year <= 20 years	> 20 years	Average weighted maturity
		€ million	€ million	€ million	€ million	€ million		€ million € million	€ million	tons of CO2 equivalent	tons of CO2 equivalent	%	€ million	€ million	€ million	€ million	Years
45	H - Transportation and storage	345	19	-		6 -	(1)	-	-	765,281	53,507	0%	222	120		3 -	4
46	H.49 - Land transport and transport via pipelines	46	-	-		2 -	(1)	-	-	27,676	135	0%	7	38		1 -	7
47	H.50 - Water transport	250	-	-		1 -	-	-	-	734,000	50,785	0%	176	74	-	-	4
48	H.51 - Air transport	-	-	-	-	-	-	-	-	209	72	0%	-	-	-	-	1
49	H.52 - Warehousing and support activities for transportation	47	19	-		2 -	-	-	-	3,083	2,238	0%	38	8		1 -	2
50	H.53 - Postal and courier activities	2	-	-		1 -	-	-	-	313	277	0%		1 -		1 -	9
51	I - Accommodation and food service activities	1,168	-	-	245	14	(10)	-	(7)	32,707	25,219	0%	172	318	678	-	11
52	L - Real estate activities	1,030	-	-	85	40	(24)	(1)	(20)	33,080	25,060	0%	226	374	429	1	9
53	Exposures towards sectors other than those that highly contribute to climate change	562	-	-	45	33	(19)	(2)	(14)				211	214	136	1	7
54	K - Financial and insurance activities	-	-	-	-	-	-	-	-				-	-	-	-	-
55	Exposures to other sectors (NACE codes J, M - U)	562	-	-	45	33	(19)	(2)	(14)				211	214	136	1	7
	56 Total	5,054	9	8 -	784	155	(92)	(15)	(60)	1,762,263	752,446	0 %	1,927	1,668	1,455	4	7

** Applicable as of end 2023

ESG Template 1 - Climate change transition risk (continued)

BOC PCL joined the PCAF in October 2022 and is following the recommended methodology for the estimation of the Financed Scope 3 emissions. BOC PCL has estimated Financed Scope 3 emissions relating to the loan portfolio based on PCAF standard and proxies. The PCAF Standard has been reviewed by the GHG Protocol and conforms with the requirements set forth in the Corporate Value Chain (Scope 3) Accounting and Reporting Standard for category 15 investment activities. In addition, PCAF provides a data quality ranking for the estimation of Financed Scope 3 emissions based on data applied in the estimation for each asset class. The scale is between 1-5 with 1 being the highest quality and 5 being the lowest quality. BOC PCL aims to continuously enhance the data quality used on the estimation of Financed Scope 3 GHG emissions and eliminate the data gaps, therefore in 2023 a client questionnaire has been launched to gather the relevant data, where possible, as well as continue to enhance the loan origination process. BOC PCL has already established a policy in the loan origination process to gather Energy Performance Certificates (ratings and GHG emissions per square meters) for the financed properties and collateral properties. Additional data gathering actions will be performed during 2024 based on the ESG and Climate Data Gap & Strategy.

BOC PCL has identified a number of transition risks, their potential impact and the transmission mechanisms to traditional risks. Whilst credit risk is one of the risks thought to be most impacted by climate change, potential impacts on liquidity, market, operational and reputational risks were also identified as per Section 16.1.3.3.

ESG Template 2 - Climate change Transition risk: Loans collateralised by immovable property collateral – Energy efficiency of the collateral

The table below shows gross carrying amounts of loans collateralised with commercial and residential immovable property and of repossessed real estate collaterals for all counterparty sectors, including nonfinancial corporates and households.

Total gross carrying amount (column a):

Exposures secured with "Land" as collateral are included only in column a.

Energy efficiency (column b-g):

The Estimates of Energy Efficiency were calculated using data from the Ministry of Energy and Commerce. The ministry uses literature from academia to derive tables of energy efficiency per property per year built.

Pillar 3 Disclosures 2024

ESG Template 2 - Climate change Transition risk: Loans collateralised by immovable property collateral – Energy efficiency of the collateral (continued)

		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p
		Total gross carrying amount amount
			Level of energy efficiency (EP score in kWh/m² of collateral) Level of energy efficiency (EPC label of collateral)											Without EPC label of collateral
	31 December 2024		0; <= 100	> 100; <= 200	> 200; <= 300	> 300; <= 400	> 400; <= 500	> 500	A	B	C	D	E	F	G		Of which level of energy efficiency (EP score in kWh/m² of collateral) estimated
			€ million € million € million € million € million € million € million € million € million € million € million € million € million													€ million € million	%
	1 Total EU area	7,761	1,486	3,691	6 4	2,034	1 0	477	484	6 8	2 5	5 5	2 0	8	5	7,096	100%
2	Of which Loans collateralised by commercial immovable property 1	3,592	950	252	3 2	1,926	3	430	125	2 0	7	1 4	3		1 -	3,422	100%
3	Of which Loans collateralised by residential immovable property 1	3,762	274	3,398	3 2	3 8	7	1 2	358	4 3	6	1 0	8	2	2	3,333	100%
4	Of which Collateral obtained by taking possession: residential and commercial immovable properties 1	408	261	4	1 -	7	1 -	3	5 -	5	1 2	3 1	1 0	6	3	341	100%
5	Of which Level of energy efficiency (EP score in kWh/m² of collateral) estimated	7,173	1,256	3,449	-	2,019	-	449								7,096	100%
	6 Total non-EU area		3 -	-	-	-	-		3 -	-	-	-	-	-	-	3	100%
7	Of which Loans collateralised by commercial immovable property		3 -	-	-	-	-		3 -	-	-	-	-	-	-	3	100%
8	Of which Loans collateralised by residential immovable property	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
9	Of which Collateral obtained by taking possession: residential and commercial immovable properties	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
1 0	Of which Level of energy efficiency (EP score in kWh/m² of collateral) estimated		3 -	-	-	-	-	3								3	100%

€837 million in Row 2, €55 million in Row 3, €246 million in Row 4 under column a concern land

Pillar 3 Disclosures 2024

ESG Template 2 - Climate change Transition risk: Loans collateralised by immovable property collateral – Energy efficiency of the collateral (continued)

		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p
									Total gross carrying amount amount
			Level of energy efficiency (EP score in kWh/m² of collateral) Level of energy efficiency (EPC label of collateral)												Without EPC label of collateral
31 December 2023			0; <= 100	> 100; <= 200	> 200; <= 300	> 300; <= 400	> 400; <= 500	> 500	A	B	C	D	E	F	G		Of which level of energy efficiency (EP score in kWh/m² of collateral) estimated
												€ million € million € million € million € million € million € million € million € million € million € million € million € million				€ million € million	%
	1 Total EU area	9,943	1,924	4,524	-	2,768	-	727	3 3	8	1 4	2 4	9	8	3	9,844	100%
2	Of which Loans collateralised by commercial immovable property 1	4,767	1,291	586	-	2,327	-	563		5 -	-	-	-	-	-	4,762	100%
3	Of which Loans collateralised by residential immovable property 1	4,616	295	3,893	-	317	-	111	2 8	3		1 -	-	-	-	4,584	100%
4	Of which Collateral obtained by taking possession: residential and commercial immovable properties 1	560	338	4	5 -	124	-	5	3 -	5	1 3	2 4	9	8	3	498	100%
5	Of which Level of energy efficiency (EP score in kWh/m² of collateral) estimated	8,995	1,893	4,034	-	2,452	-	616								8,995	100%
	6 Total non-EU area	1		1 -	-	-	-	-	-	-	-	-	-	-	-	1	100%
7	Of which Loans collateralised by commercial immovable property	1		1 -	-	-	-	-	-	-	-	-	-	-	-	1	100%
8	Of which Loans collateralised by residential immovable property	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
9	Of which Collateral obtained by taking possession: residential and commercial immovable properties	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
1 0	Of which Level of energy efficiency (EP score in kWh/m² of collateral) estimated	1		1 -	-	-	-	-								1	100%

€1,187 million in row 2, €264 million in row 3 and €308 million in row 4 under column a concern land

ESG Template 3 - Banking book: Climate change transition risk: Alignment metrics

The Bank has set decarbonisation target on its Mortgage portfolio (part of Household portfolio) for assets that meet the "Mortgage" definition of PCAF:

"This asset class includes on-balance sheet loans for specific consumer purposes namely the purchase and refinance of residential property, including individual homes and multifamily housing with a small number of units. This definition implies that the property is used only for residential purposes and not to conduct income-generating activities.".

The carbon intensity metric of Mortgage portfolio has been estimated using the PCAF methodology and proxies. The decarbonisation target has been set utilising the Science Based Target Initiative's tools based on International Energy Agency's Below 2 Degree Scenario. The decarbonisation targets have been established to monitor the degree of alignment of Mortgage portfolio with the International Energy Agency's Below 2 Degree Scenario. The Bank decided to align the Mortgage portfolio with International Energy Agency's Below 2 Degree Scenario due to the following reasons:

i. The scenario is consistent with Global warming projections (IEA and Intergovernmental Panel on Climate Change (IPCC)) and is considered a widely acceptable scenario.
ii. The scenario is considered more plausible compared to the IEA's Net Zero Scenario given the fact that Cyprus market is pre-mature in the climate field. Therefore, the Bank considers reasonable to initiate its efforts based on a less intense scenario and then intensify its efforts when the overall Cyprus market is more mature in the field.
iii. Lack of data enhances the risk of not having a solid baseline, so the Bank considers that is more prudent to initiate its efforts based on a less optimistic scenario until data availability and quality is enhanced.

Pillar 3 Disclosures 2024

ESG Template 3 - Banking book: Climate change transition risk: Alignment metrics (continued)

	a	b	c	d	e	f	g
31 December 2024	Sector	NACE Sectors	Portfolio gross carrying amount € million	Alignment metric	Year of reference	Distance to IEA NZE2050 in %	Target (year of reference + 3 years)
1	1. Power	C27.12 - Manufacture of electricity distribution and control apparatus	22
2	1. Power	D35.1 - Electric power generation, transmission and distribution	53
3	1. Power	C33.14 - Repair of electrical equipment	7
4	1. Power	F43.21 - Electrical installation	11
5	2. Fossil fuel combustion	C19.20 - Manufacture of refined petroleum products	1
6	2. Fossil fuel combustion	D35.2 - Manufacture of gas; distribution of gaseous fuels through mains	26			Note 1
7	2. Fossil fuel combustion	C20.14 - Manufacture of other organic basic chemicals	4
8	2. Fossil fuel combustion	B8.11 - Quarrying of ornamental and building stone, limestone, gypsum, chalk and slate	8
9	2. Fossil fuel combustion	B8.9 - Mining and quarrying n.e.c.	-
1 0	2. Fossil fuel combustion	B9 - Mining support service activities	-
1 1	2. Fossil fuel combustion	D46.12 - Agents involved in the sale of fuels, ores, metals and industrial chemicals	3
1 2	3. Automotive	C29.1- Manufacture of motor vehicles	-
1 3	3. Automotive	C29.2 - Manufacture of bodies (coachwork) for motor vehicles; manufacture of trailers and semi-trailers	-
1 4	3. Automotive	C29.3 - Manufacture of parts and accessories for motor vehicles	2
1 5	3. Automotive	C28.15 - Manufacture of bearings, gears, gearing and driving elements	-			Note 2
1 6	4. Aviation	C33.14 - Repair of electrical equipment	-
1 7	4. Aviation	H51.10 - Passenger air transport	-
1 8	4. Aviation	H51.21 - Freight air transport	-

Pillar 3 Disclosures 2024

ESG Template 3 - Banking book: Climate change transition risk: Alignment metrics (continued)

	a	b	c	d	e	f	g
31 December 2024	Sector	NACE Sectors	Portfolio gross carrying amount € million	Alignment metric	Year of reference	Distance to IEA NZE2050 in %	Target (year of reference + 3 years)
1 9	4. Aviation	C30.30 - Manufacture of air and spacecraft and related machinery	-
2 0	4. Aviation	H52.23 - Service activities incidental to air transportation	5			Note 2
2 1	5. Maritime transport	C30.11 - Building of ships and floating structures	-
2 2	5. Maritime transport	C33.15 - Repair and maintenance of ships and boats	6
2 3	5. Maritime transport	H50.20 - Sea and coastal freight water transport	341			Note 3
2 4	5. Maritime transport	H50.10 - Sea and coastal passenger water transport	3
2 5	5. Maritime transport	H52.22 - Service activities incidental to water transportation	6 3
2 6	6. Cement, clinker and lime production	C23.5 - Manufacture of cement, lime and plaster	1
2 7	6. Cement, clinker and lime production	C23.6 - Manufacture of articles of concrete, cement and plaster	7
2 8	6. Cement, clinker and lime production	B8.9 - Mining and quarrying n.e.c.	-
2 9	7. Iron and steel, coke, and metal ore production	C24.1 - Manufacture of basic iron and steel and of ferro-alloys	-
3 0	7. Iron and steel, coke, and metal ore production	C24.2 - Manufacture of tubes, pipes, hollow profiles and related fittings, of steel	1			Note 1
3 1	7. Iron and steel, coke, and metal ore production	C24.34 - Cold drawing of wire	-
3 2	7. Iron and steel, coke, and metal ore production	C24.4 - Manufacture of basic precious and other non-ferrous metals		-
3 3	7. Iron and steel, coke, and metal ore production	C24.5 - Casting of metals	1
3 4	7. Iron and steel, coke, and metal ore production	C25.11 - Manufacture of metal structures and parts of structures	1 7
3 5	8. Chemicals	C.20.1/C.20.4/C.20.3/C.20.5/C.20.2	1 3	Note 2
3 6	Households	Not applicable	3,507	47.19	2024	35%	39.82

ESG Template 3 - Banking book: Climate change transition risk: Alignment metrics (continued)

Notes:

1. Taking into account the materiality of exposures to those sectors (0.7% out of Households and Non-Financial Corporations (equities, debt securities and loans and advances)), the Bank has not yet set decarbonisation targets to those sectors so to align them with Paris Agreement objectives. However, as at 31 December 2024 the Bank has set specific sector lending limits to the following sectors:
2. Coal mining (B.05.1 & B.05.2)
3. Oil (B.06.1 & C.19.2)
4. Gas (D.35.2 & B.06.2)
5. Cement (C.23.5 & C.23.6)
6. Iron & Steel & Aluminium (C.24.1 & C.24.2 & C.24.3 & C.24.4 & C.24.5)
7. Power generation (D.35.1 excluding renewable energy projects)

The Bank, through a syndicated project for Cypriot Banking industry, established an ESG Due Diligence process aiming to enhance data gathering efforts and score customers on ESG aspects. The ESG Due Diligence process will support the future disclosures on alignments metrics.

1. The Bank is focusing its portfolio alignment efforts to priority sectors, such as Mortgage, Marinetime transport and commercial real estate, rather than setting decarbonisation targets to sectors with insignificant exposure (0.2% Households and Non-Financial Corporations (equities, debt securities and loans and advances)).
1. The Bank has set an internal decarbonisation target on second-hand vessels financed using International Energy's below 2 degree scenario.

ESG Template 4: Banking book - Indicators of potential climate change transition risk: Exposures to top 20 carbon-intensive firms

The Bank assesses its loan portfolio based on various accurate and publicly available providers' information and sources. With regards to the database used to consider the top 20 carbon-intensive firms the following sourced were used, including the Climate Accountability Institute's list which was released in April 2024 and the Carbon Disclosure Project (CDP), as well as Thomson Reuters.

The Group has not granted any exposures towards the most carbon intensive counterparties in the world during 2024 and 2023 and therefore does not disclose Template 4 - Banking book - Climate change transition risk: Exposures to top 20 carbon-intensive firms.

ESG Template 5 - Banking book - Climate change physical risk: Exposures subject to physical risk

The below table discloses information on exposures in the banking book (including loans and advances, debt securities and equity instruments), towards non-financial corporates, on loans collateralized with immovable property and on repossessed real estate collaterals, exposed to chronic and acute climate-related hazards, with a breakdown by sector of economic activity (NACE classification) and by geography of location of the activity of the counterparty or of the collateral, for those sectors and geographical areas subject to climate change acute and chronic events. It should be noted that the analysis assesses the geolocation of the collaterals of the counterparties in Cyprus only.

Pillar 3 Disclosures 2024

ESG Template 5 - Banking book - Climate change physical risk: Exposures subject to physical risk (continued)

		b	c	d	e	f	g	h	i	j	k	l	m	n	o
								Gross carrying amount
										of which exposures sensitive to impact from climate change physical events
31 December 2024					Breakdown by maturity bucket			of which exposures sensitive to impact from chronic climate change events1	of which exposures sensitive to impact from acute climate change events1	of which exposures sensitive to impact both from chronic and acute climate change events1	Of which Stage 2 exposures	Of which non	Accumulated impairment, accumulated negative changes in fair value due to credit risk and provisions
			<= 5 years	> 5 year <= 10 years	> 10 year <= 20 years	> 20 years	Average weighted maturity					performing exposures		of which Stage 2 exposures	Of which non performing exposures
		€ million	€ million	€ million	€ million	€ million	Years	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million
1	A - A gric ulture, fores try and fis hing	41	2	1	2	-	7	-	5	-	-	-	-	-	-
2	B - M ining and quarrying	8	-	-	-	-	6	-	-	-	-	-	-	-	-
3	C - M anufac turing	420	21	11	5	-	4	-	37	-	3	1	(1)	-	(1)
4	D - E lec tric ity, gas , s team and air c onditioning s upply			-		-	7	-		-	1	-	-	-	-
	E - Water s upply;	121	1		2				3
5	s ewerage, was te management and remediation ac tivities	20	-	-	-	-	5	-	-	-	-	-	-	-	-
6	F - C ons truc tion	484	52	77	5	-	5	-	134	-	104	1	(7)	(6)	-
7	G - Wholes ale and retail trade; repair of motor vehic les and motorc yc les	908	57	22	9	-	4	-	88	-	4	2	(3)	-	(2)
8	H - T rans portation and s torage	551	2	1	-	-	5	-	3	-	-	-	-	-	-
9	L - Real es tate ac tivities	900	91	56	98	-	10	-	245	-	12	11	(11)	-	(10)
10	Loans c ollateralis ed by res idential immovable property	3,762	56	123	321	295	17	-	795	-	52	32	(21)	(4)	(16)
11	Loans c ollateralis ed by c ommerc ial immovable property	3,595	272	222	312	-	8	-	807	-	115	13	(22)	(8)	(13)
12	Repos s es s ed	408	-	-	-	-	-	-	116	-	-	-	-	-	-
	c olalterals O ther relevant
13	s ec tors (breakdown below where relevant)	1,150	39	49	170	-	10	-	258	-	5	-	(1)	-	-
14	I - Accomodation and food s ervice activities	1,150	39	49	170	-	10	-	258	-	5	-	(1)	-	-
1.	To identify climate specific hazards for Cyprus the Bank has obtained geolocation-based data from an external vendor. Focussing on the hazards considered as having impact on immovable properties, namely, wildfire,

To identify climate specific hazards for Cyprus the Bank has obtained geolocation-based data from an external vendor. Focussing on the hazards considered as having impact on immovable properties, namely, wildfire, landslide, wind gust, flood and sea level rise, the Bank is reporting those exposures collateralised by immovable property and the repossessed real estate collaterals, that have been assessed as "Very High" for any of the aforementioned hazards.

Pillar 3 Disclosures 2024

ESG Template 5 - Banking book - Climate change physical risk: Exposures subject to physical risk (continued)

		b	c	d	e	f	g	h	i	j	k	l	m	n	o
								Gross carrying amount
		of which exposures sensitive to impact from climate change physical events
31 December 2023			Breakdown by maturity bucket					of which exposures sensitive to impact	of which exposures	of which exposures sensitive to impact	Of which	Of which non	Accumulated impairment, accumulated negative changes in fair value due to credit risk and provisions
			<= 5 years	> 5 year <= 10 years	> 10 year <= 20 years	> 20 years	Average weighted maturity	from chronic climate change events1	sensitive to impact from acute climate change events1	both from chronic and acute climate change events1	Stage 2 exposures	performing exposures		of which Stage 2 exposures	Of which non performing exposures
		€ million	€ million	€ million	€ million	€ million	Years	€ million	€ million	€ million	€ million	€ million	€ million	€ million	€ million
1	A - A gric ulture,	4 2	4	2	2	-	5	-	7	-	1	-	-	-	-
	fores try and fis hing B - M ining and
2	quarrying	8	-	-	-	-	7	-	-	-	-	-	-	-	-
3	C - M anufac turing	441	1 8	1 3	4	-	4	-	5 3	-	2	1	(1	) -	-
4	D - E lec tric ity, gas , s team and air c onditioning s upply	7 8	-	1	-	-	7	-	1	-	-	-	-	-	-
5	E - Water s upply; s ewerage, was te management and remediation ac tivities	5	-	-	-	-	7	-	-	-	-	-	-	-	-
6	F - C ons truc tion	485	4 9	6 1	1 1	-	5	-	121	-	9 7	1	(4	) - 3	(1 )
7	G - Wholes ale and retail trade; repair of motor vehic les and motorc yc les	881	5 7	3 5	2 1	-	5	-	104	-	4 1	2	(4 )	(1 )	(2 )
8	H - T rans portation and s torage	345	1	3	-	-	6	-	4	-	-	-	-	-	-
9	L - Real es tate ac tivities	1 ,0 3 0	7 3	9 3	126	-	9	-	292	-	0 5	24	(1 7	) -	(1 7 )
10	Loans c ollateralis ed by res idential immovable property	4 ,6 1 6	9 7	188	345	318	6 1	-	948	-	128	45	(2 2 )	(6 )	(1 4 )
11	Loans c ollateralis ed by c ommerc ial immovable property	4 ,7 6 7	299	338	356	69	9	-	1 1 ,0 6	-	204	37	(3 5 )	(8 )	(2 3 )
12	Repos s es s ed c ollaterals	560	-	-	-	-	-	-	106	-	-	-	-	-	-
13	O ther relevant s ec tors	1 ,1 6 8	4 5	6 3	103	-	9	-	211	-	2 1	1	(1	) -	(1 )
14 1.	I - Accomodation and food s ervice activities The source used to identify climate specific hazards for Cyprus was the database of Think Hazard. This database provides information for hazards on a district level and not on a geolocation basis. The Hazards selected	1,168	4 5	6 3	103	-	9	-	211	-	2 1	1	(1)	-	(1)

The source used to identify climate specific hazards for Cyprus was the database of Think Hazard. This database provides information for hazards on a district level and not on a geolocation basis. The Hazards selected are those found to be considered as "High" for Cyprus as per the database. These are the "Coastal Flood / Sea Level Rise" and "Wildfire". Wildfire is considered as an acute risk whilst Coastal Flood / Sea Level Rise as chronic. As per the database, Wildfire is prevalent across the island and as such all exposures relating to all districts of the island were identified as been subject to this risk with the exclusion of urban areas. On the other hand, Coastal Flood / Sea Level Rise is prevalent in the Limassol district and as such all exposures relating to the coastal municipalities were identified as being subject to this risk. It is noted that exposures analysed are those that are collateralised by immovable property.

ESG Template 6 – Summary of KPIs on the Taxonomy-aligned exposures

The table below provides an overview of the KPIs as at 31 December 2024 and 2023 calculated on the basis of ESG Templates 7 and 8, including the green asset ratio (GAR).

		% coverage (over total assets)*
31 December 2024	Climate change mitigation	Climate change adaptation	Total (Climate change mitigation + Climate change adaptation)
GAR stock	% 1	-	1 %	62%
GAR flow	% 1	-	1 %	88%

* % of assets covered by the KPI over banks´ total assets

		KPI		% coverage (over total assets)*
31 December 2023	Climate change mit igat ion	Climate change adaptat ion	Total (Climate change mit igat ion + Climate change adaptat ion)
GAR stock	-	-	-	56%
GAR flow	-	-	-	75%

* % of assets covered by the KPI over banks´ total assets

As companies' transparency in line with the EU Taxonomy increases, it will enable expanded reporting against the Taxonomy. The adoption of Corporate Sustainability Reporting Directive (CSRD) and European Sustainability Reporting Standards (ESRS) will support further implementation of the EU Taxonomy Regulation into our business strategy, systems, and investment and lending processes. Limitations in data when assessing Taxonomy-eligible and Taxonomy-aligned activities for financial and non-financial undertakings, actual published information provided by counterparties is required. However, complete data collection has been limited as published reporting on Taxonomy-alignment KPIs from financial and nonfinancial undertakings is not yet available at the reporting date. It should be noted that for this first round of disclosures we have taken a conservative application of the qualifying criteria underpinning the GAR based on the guidance provided to date and currently available data. Due to these current limitations across the industry changes in this ratio in future reporting periods will be driven in part by increased data availability.

Limitation in data reporting:

i. When assessing Taxonomy-eligible and Taxonomy-aligned activities for financial and non-financial counterparties, actual information published by counterparties is required:
- a. published reporting on Taxonomy-alignment KPIs from financial undertakings is not available at the reporting date for WTR, CE, PPC environmental objectives given financial undertakings are required to report towards eligibility on these objectives for the first time in 2024;
- b. non-financial undertakings have not yet published data for 2024; consequently, the Taxonomy reporting of eligibility and alignment for non-financial undertakings is based on published data from 2023;
- c. furthermore, reporting on Taxonomy-eligibility for the four additional environmental objectives is implemented in 2024, limited to information of non-financial undertakings that were required to report towards these objectives from 2023; and
- d. exposure to non-financial counterparties in the Group's corporate lending portfolio currently considered taxonomy eligible is limited due to the eligibility criteria requiring counterparties to be large companies publicly listed in the EU.
ii. When assessing Taxonomy-eligible and Taxonomy-aligned activities for lending to households, other data limitations impact reporting:
- a. Hybrid and Electric Vehicles lending exposures originated since the beginning of 2024 are considered eligible per taxonomy criteria. However, they are not classified as aligned due to the lack of available information in the industry to assess the vehicles against the Taxonomy DNSH (Do No Significant Harm) criteria.

ESG Template 6 – Summary of KPIs on the Taxonomy-aligned exposures (continued)

Considering lack of available data in the market, BOC PCL has not identified any material exposures that are considered Taxonomy-eligible or Taxonomy-aligned to climate change adaptation environmental objective. Climate change adaptation refers to adaptation solutions that either substantially reduce the risk of the adverse impact of the current climate and the expected future climate on that economic activity or substantially reduce that adverse impact, without increasing the risk of an adverse impact on people, nature or assets. Eligibility and alignment of economic activities to Climate change adaptation is considered a challenging exercise with limited published available data. Due to these current limitations across the industry changes in this ratio in future reporting periods will be driven in part by increased data availability.

Pillar 3 Disclosures 2024

ESG Template 7 - Mitigating actions: Assets for the calculation of GAR

The below table discloses information on gross carrying amount of institutions' loans and advances, debt securities and equity instruments on banking book, with a breakdown of the information by type of counterparty, including financial corporations, non-financial corporations, households, local governments as well as real estate lending towards households, and the taxonomy eligibility and taxonomy alignment of the exposures with regards to the environmental objectives of climate change mitigation and climate change adaptation as defined in Article 9, points (a) and (b) of Regulation (EU) 2020/852.

		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p
	31 December 2024				Climate Change Mitigation (CCM)			Climate Change Adaptation (CCA)					TOTAL (CCM + CCA)
			Of which towards taxonomy relevant sectors (Taxonomy-eligible)						Of which towards taxonomy relevant sectors (Taxonomy-eligible)				Of which towards taxonomy relevant sectors (Taxonomy-eligible)

					Of which environmentally sustainable (Taxonomy-aligned)					Of which environmentally sustainable (Taxonomy-aligned)				Of which environmentally sustainable (Taxonomy-aligned)
		amount								Of which					Of which	Of which
					Of which specialised lending	Of which transitional	Of which enabling			specialis ed lending	Of which adaptation	Of which enabling			specialis ed lending	transitional /adaptatio n	Of which enabling
		€ million			€ million € million € million											€ million € million € million € million € million € million € million € million € million € million € million € million
	GAR - Covered assets in both numerator and denominator
1	Loans and advances, debt securities and equity instruments	8,416	4,188	9 1		7 9	1 2						4,188	9 1		7 9	1 2
	not HfT eligible for GAR calculation	3,224	393	7	- 2 -	7	2	- - -		- -	- -	- - -	- 393	7	- 2 -	7	2 -
2 3	Financial corporations Credit institutions	2,854	358	6	6 -	6	6	- -		-	-	- -	358	6	6 -	6	6 -
4	Loans and advances	1,235	118		7 -		7	- -		-	-	- -	118		7 -		7 -
5 6	Debt securities, including UoP Equity instruments	1,619 -	240 -	5 -	9 -	5	9 -	- - - -		- -	-	- - - -	240 -	5 -	9 -	5	9 - - -
7	Other financial corporations	370	35	6	-		6	- -		-	-	- -	3 5		6 -		6 -
8	of which investment firms	-	-	-	-		-	- -		-	-	- -	-	-	-		- -
9 1 0	Loans and advances Debt securities, including UoP	- -	- -	- -	- -		- -	- - - -		- -	- -	- - - -	- -	- -	- -		- - - -
1 1	Equity instruments	-	-	-			-	- -		-		- -	-	-			- -
1 2	of which management companies	-	-	-	-		-	- -		-	-	- -	-	-	-		- -
1 3 1 4	Loans and advances Debt securities, including UoP	- -	- -	- -	- -		- -	- - - -		- -	- -	- - - -	- -	- -	- -		- - - -
1 5	Equity instruments	-	-	-			-	- -		-		- -	-	-			- -
1 6	of which insurance undertakings	-	-	-	-		-	- -		-	-	- -	-	-	-		- -
1 7 1 8	Loans and advances Debt securities, including UoP	- -	- -	- -	- -		- -	- - - -		- -	- -	- - - -	- -	- -	- -		- - - -
1 9	Equity instruments	-	-	-			-	- -		-		- -	-	-			- -
2 0	Non-financial corporations (subject to NFRD disclosure obligations)	261	21	19	-		7 12	-		-	-	-	2 2 -	1 9	-	7	1 2
2 1	Loans and advances	85	-	-	-		-	- -		-	-	- -	-	-	-		- -
2 2 2 3	Debt securities, including UoP Equity instruments	175 1	21 -	19 -	-		7 11 -	- - -		- -	-	- - - -	2 1 -	1 -	9 -	7	1 1 - -
2 4	Households	4,862	3,773	-	-		-	-					3,773	-	-		- -
2 5	of which loans collateralised by residential immovable property	3,762	3,762	-	-		-	-					3,762	-	-		- -
2 6 2 7	of which building renovation loans of which motor vehicle loans	- 152	- 11	- -	- -		- -	- -					- 11	- -	- -		- - - -
2 8	Local governments financing	69	1	-	-		-	- -		-	-	- -	1	-	-		- -
2 9	Housing financing	1	1	-	-		-	- -		-	-	- -	1	-	-		- -
3 0	Other local governments financing	68	-	-	-		-	- -		-	-	- -	-	-	-		- -
3 1	Collateral obtained by taking possession: residential and commercial immovable properties	408	-	-	-		-	- -		-	-	- -	-	-	-		- -
3 2	TOTAL GAR ASSETS	8,824	4,188	91	-	79	12	-		-	-	- -	4,188	91	-	79	12
	Assets excluded from the numerator for GAR calculation (covered in the denominator)
3 3	EU Non-financial corporations (not subject to NFRD disclosure obligations)	4,570
3 4 3 5	Loans and advances Debt securities	4,562 -
3 6	Equity instruments	8
3 7	Non-EU Non-financial corporations (not subject to NFRD disclosure obligations)	387
3 8	Loans and advances	386
3 9 4 0	Debt securities Equity instruments	- -
4 1	Derivatives	86
4 2	On demand interbank loans	283
4 3 4 4	Cash and cash-related assets Other assets (e.g. Goodwill, commodities etc.)	95 1,530
4 5	TOTAL ASSETS IN THE DENOMINATOR (GAR)	15,775
	Other assets excluded from both the numerator and denominator for GAR calculation
4 6	Sovereigns	2,331
4 7	Central banks exposure	7,506
4 8 4 9	Trading book TOTAL ASSETS EXCLUDED FROM NUMERATOR AND DENOMINATOR	9 9,846
5 0	TOTAL ASSETS	25,621

Pillar 3 Disclosures 2024

ESG Template 7 - Mitigating actions: Assets for the calculation of GAR (continued)

		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p
					Climate Change Mitigation (CCM)						Climate Change Adaptation (CCA)				TOTAL (CCM + CCA)
					Of which towards taxonomy relevant sectors						Of which towards taxonomy relevant sectors					Of which towards taxonomy relevant sectors
		Total gross			Of which environmentally sustainable						Of which environmentally sustainable					Of which environmentally sustainable
	31 December 2023	carrying amount			Of which					Of which					Of which	Of which
					specialised	Of which transitional	Of which enabling			specialis ed	Of which adaptation	Of which enabling			specialis ed	transitional /adaptatio	Of which enabling
					lending					lending					lending	n
		€ million			€ million € million € million											€ million € million € million € million € million € million € million € million € million € million € million € million
	GAR - Covered assets in both numerator and denominator
1	Loans and advances, debt securities and equity instruments not
	HfT eligible for GAR calculation	7,249	3,881	-	-	-	-	-	-	-	-	-	3,881	-	-		- -
2	Financial corporations	2,279	148	-	-	-	-	-	-	-	-	-	148	-	-		- -
3 4	Credit institutions Loans and advances	1,971 505	146 5	- -	- -	- -	- -	- -	- -	- -	- -	- -	146 5	- -	- -		- - - -
5	Debt securities, including UoP	1,465	141	-	-	-	-	-	-	-	-	-	141	-	-		- -
6	Equity instruments	1	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
7	Other financial corporations	308	2	-	-	-	-	-	-	-	-	-	2	-	-		- -
8	of which investment firms	1	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
9	Loans and advances	1	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
1 0	Debt securities, including UoP	-	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
1 1	Equity instruments	-	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
1 2 1 3	of which management companies Loans and advances	- -	- -	- -	- -	- -	- -	- -	- -	- -	- -	- -	- -	- -	- -		- - - -
1 4	Debt securities, including UoP	-	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
1 5	Equity instruments	-	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
1 6	of which insurance undertakings	6	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
1 7	Loans and advances	4	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
1 8	Debt securities, including UoP	-	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
1 9	Equity instruments	2	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
2 0	Non-financial corporations (subject to NFRD disclosure obligations)	154	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
2 1	Loans and advances	43	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
2 2	Debt securities, including UoP	111	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
2 3	Equity instruments	-	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
2 4	Households	4,781	3,732	-	-	-	-	-	-	-	-	-	3,732	-	-		- -
2 5	of which loans collateralised by residential immovable
	property	3,726	3,726	-	-	-	-	-	-	-	-	-	3,726	-	-		- -
2 6 2 7	of which building renovation loans of which motor vehicle loans	- 139	- 6	- -	- -	- -	- -	- -	- -	- -	- -	- -	- 6	- -	- -		- - - -
2 8	Local governments financing	35	1	-	-	-	-	-	-	-	-	-	1	-	-		- -
2 9	Housing financing	1	1	-	-	-	-	-	-	-	-	-	1	-	-		- -
3 0	Other local governments financing	34	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
3 1	Collateral obtained by taking possession: residential and
	commercial immovable properties	560	-	-	-	-	-	-	-	-	-	-	-	-	-		- -
3 2	TOTAL GAR ASSETS Assets excluded from the numerator for GAR calculation	7,809	3,881	-	-	-	-	-	-	-	-	-	3,881	-	-		- -
	(covered in the denominator)
	EU Non-financial corporations (not subject to NFRD
3 3	disclosure obligations)	4,576
3 4	Loans and advances	4,565
3 5	Debt securities	-
3 6	Equity instruments Non-EU Non-financial corporations (not subject to NFRD	11
3 7	disclosure obligations)	324
3 8	Loans and advances	324
3 9	Debt securities	-
4 0	Equity instruments	-
4 1	Derivatives	49
4 2	On demand interbank loans	275
4 3 4 4	Cash and cash-related assets Other assets (e.g. Goodwill, commodities etc.)	93 1,371
4 5	TOTAL ASSETS IN THE DENOMINATOR (GAR)	14,497
	Other assets excluded from both the numerator and
	denominator for GAR calculation	-
4 6	Sovereigns	1,920
4 7	Central banks exposure	9,522
4 8	Trading book	2
4 9	TOTAL ASSETS EXCLUDED FROM NUMERATOR AND DENOMINATOR	11,444
5 0	TOTAL ASSETS	25,941

Pillar 3 Disclosures 2024

ESG Template 8 – GAR (%)

The table below discloses information to show to what extend credit institutions' activities qualify as environmentally sustainable in accordance with Articles 3 and 9 of Regulation (EU) 2020/852 so that stakeholders can understand the actions put in place by the institutions to mitigate climate change transition and physical risks.

		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p
				KPIs on stock
				Climate Change Mitigation (CCM)			Climate Change Adaptation (CCA)						TOTAL (CCM + CCA)
			Proportion of eligible assets funding taxonomy relevant sectors					Proportion of eligible assets funding taxonomy relevant sectors						Proportion of eligible assets funding taxonomy relevant sectors
31 December 2024				Of which environmentally sustainable						Of which environmentally sustainable			Of which environmentally sustainable				Proportion of
				Of which specialised lending	Of which transitional	Of which enabling			Of which specialised lending	Of which adaptation	Of which enabling			Of which specialised lending	Of which transitional/ adaptation	Of which enabling	total assets covered
		%	%	%	%	%	%	%	%	%	%	%	%	%	%	%	%
1	GAR	27%	1	%	- 1	%	-	-	-	-	-	- 27%	1 %		- 1 %		- 62%
2	Loans and advances, debt securities and equity instruments not HfT eligible for GAR calculation	50%	1	%	- 1	%	-	-	-	-	-	- 50%	1 %		- 1 %		- 33%
3	Financial corporations	12%	2	%	- 2	%	-	-	-	-	-	- 12%	2 %		- 2 %		- 13%
4	Credit institutions	13%	2	%	- 2	%	-	-	-	-	-	- 13%	2 %		- 2 %		- 11%
5	Other financial corporations	9 %	2	%	- 2	%	-	-	-	-	-	- 9 %	2 %		- 2 %		- 1 %
6	of which investment firms	-		-	- -		-	-	-	-	-	- -	-		- -		- -
7	of which management companies	-		-	- -		-	-	-	-	-	- -	-		- -		- -
8	of which insurance undertakings	-		-	- -		-	-	-	-	-	- -	-		- -		- -
9	Non-financial corporations subject to NFRD disclosure obligations	8 %	7	%	- 3 %	4	%	-	-	-	-	- 8 %	7 %		- 3 %	4	% 1 %
1 0	Households	78%		-	- -		-					78%	-		- -		- 19%
1 1	of which loans collateralised by residential immovable property	100%		-	- -		-					100%	-		- -		- 15%
1 2	of which building renovation loans	-		-	- -		-					-	-		- -		- -
1 3	of which motor vehicle loans	7 %		-	- -		-					7 %	-		- -		- 1 %
1 4	Local government financing	1 %		-	- -		-					1 %	-		- -		- -
1 5	Housing financing	100%		-	- -		-					100%	-		- -		- -
1 6	Other local governments financing	-		-	- -		-	-	-	-	-	- -	-		- -		- -
1 7	Collateral obtained by taking possession: residential and commercial immovable properties	-		-	- -		-					-	-		- -		- -

Pillar 3 Disclosures 2024

ESG Template 8 – GAR (%) (continued)

	ESG Template 8 – GAR (%) (continued)
		q	r	s	t	u	v	w	x	y	z	a a	a b	a c	a d	a e	a f
			KPIs on flows
				Climate Change Mitigation (CCM)					Climate Change Adaptation (CCA)						TOTAL (CCM + CCA)
	31 December 2024			Proportion of new eligible assets funding taxonomy relevant						Proportion of new eligible assets funding taxonomy relevant					Proportion of new eligible assets funding taxonomy relevant
				sectors					sectors					sectors			Proportion of
				Of which environmentally sustainable						Of which environmentally sustainable					Of which environmentally sustainable	total new
				Of which specialised lending	Of which transitional	Of which enabling			Of which specialised lending	Of which adaptation	Of which enabling			Of which specialised lending	Of which transitional/ad aptation	Of which enabling	assets covered
		%	%	%	%	%	%	%	%	%	%	%	%	%	%	%	%
1	GAR	21%	1	%	- 1	% -		-	-	-	-	- 21%	1	%	- 1 %		- 88%
2	Loans and advances, debt securities and equity instruments not HfT eligible for GAR calculation	33%	2	%	- 1	% 1 %		-	-	-	-	- 33%	2	%	- 1 %	1 %	55%
3	Financial corporations	16%	2	%	- 2	% -		-	-	-	-	- 16%	2	%	- 2 %		- 32%
4	Credit institutions	18%	2	%	- 2	% -		-	-	-	-	- 18%	2	%	- 2 %		- 24%
5	Other financial corporations	10%	1	%	- 1	% -		-	-	-	-	- 10%	1	%	- 1 %		- 8 %
6	of which investment firms	-		-	-	- -		-	-	-	-	- -	-		- -		- -
7	of which management companies	-		-	-	- -		-	-	-	-	- -	-		- -		- -
8	of which insurance undertakings	-		-	-	- -		-	-	-	-	- -	-		- -		- -
9	Non-financial corporations subject to NFRD disclosure obligations	14%	13%		- 5	% 8 %		-	-	-	-	- 15%	13%		- 5 %	8 %	4 %
1 0	Households	65%		-	-	- -						65%	-		- -		- 19%
1 1	of which loans collateralised by residential immovable property	100%		-	-	- -						100%	-		- -		- 12%
1 2	of which building renovation loans	-		-	-	- -						-	-		- -		- -
1 3	of which motor vehicle loans	11%		-	-	- -						11%	-		- -		- 2 %
1 4	Local government financing	-		-	-	- -						-	-		- -		- -
1 5	Housing financing	-		-	-	- -						-	-		- -		- -
1 6	Other local governments financing	-		-	-	- -		-	-	-	-	- -	-		- -		- -
1 7	Collateral obtained by taking possession: residential and commercial immovable properties	-		-	-	- -						-	-		- -		- -

Pillar 3 Disclosures 2024

ESG Template 8 – GAR (%) (continued)

		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p
		KPIs on stock
		Climate Change Mit igat ion (CCM)						Climate Change Adaptat ion (CCA )						TOTAL (CCM + CCA )
31 December 2023			Proport ion of eligible assets f unding taxonomy relevant sectors Proport						eligible assets f	unding taxonomy relevant	sectors	Proport	ion of	eligible assets f	unding taxonomy relevant	sectors
			Of which environmentally sustainable					Of		which environmentally sustainable				Of		which environmentally sustainable
				Of which specialised lending	Of which transit ional	Of which enabling			Of which specialised lending	Of which adaptat ion	Of which enabling			Of which specialised lending	Of which transit ional/ad aptat ion	Of which enabling	total assets covered
		%	%	%	%	%	%	%	%	%	%	%	%	%	%	%	%
1	GAR	27%		-	-	- -	-		-	-	- -	27%		-	-	-	- 56%
2	Loans and advanc es , debt s ec urities and equity ins truments not H fT eligible for GA R c alc ulation	54%		-	-	- -	-		-	-	- -	54%		-	-	-	- 28%
3	Financ ial c orporations	6 %		-	-	- -	-		-	-	- -	6	%	-	-	-	- 9 %
4	C redit ins titutions	7 %		-	-	- -	-		-	-	- -	7	%	-	-	-	- 8 %
5	O ther financ ial c orporations	1 %		-	-	- -	-		-	-	- -	1	%	-	-	-	- 1 %
6	of whic h inves tment firms	-		-	-	- -	-		-	-	- -	-		-	-	-	- -
7	of whic h management c ompanies	-		-	-	- -	-		-	-	- -	-		-	-	-	- -
8	of whic h ins uranc e undertakings	-		-	-	- -	-		-	-	- -	-		-	-	-	- -
9	N on- financ ial c orporations s ubjec t to N FRD dis c los ure obligations	-		-	-	- -	-		-	-	- -	-		-	-	-	- 1 %
1 0	H ous eholds	78%		-	-	- -						78%		-	-	-	- 18%
1 1	of whic h loans c ollateralis ed by res idential immovable property	100%		-	-	- -						100%		-	-	-	- 14%
1 2	of whic h building renovation loans	-		-	-	- -						-		-	-	-	- -
1 3	of whic h motor vehic le loans	4 %		-	-	- -						4	%	-	-	-	- 1 %
1 4	Loc al government financ ing	2 %		-	-	- -						2	%	-	-	-	- -
1 5	H ous ing financ ing	100%		-	-	- -						100%		-	-	-	- -
1 6	O ther loc al governments financ ing	-		-	-	- -	-		-	-	- -	-		-	-	-	- -
1 7	C ollateral obtained by taking pos s es s ion: res idential and c ommerc ial immovable properties	-		-	-	- -						-		-	-	-	- -

Pillar 3 Disclosures 2024

ESG Template 8 – GAR (%) (continued)

		q	r	s	t	u	v	w	x	y KPIs on f lows	z	a a	a b	a c	a d	a e	a f
		Climate Change Mit igat ion (CCM) Proport ion of new eligible assets f unding taxonomy relevant						ion of	Climate Change Adaptat new eligible assets f	ion (CCA ) unding taxonomy relevant		TOTAL (CCM + CCA )
	31 December 2023			sectors			Proport		sectors			Proport ion of new eligible assets f unding taxonomy relevant				sectors	Proport ion of
			Of	which environmentally sustainable				Of		which environmentally sustainable			Of		which environmentally sustainable		total new
				Of which specialised lending	Of which transit ional	Of which enabling			Of which specialised lending	Of which adaptat ion	Of which enabling			Of which specialised lending	Of which transit ional/ad aptat ion	Of which enabling	assets covered
		%	%	%	%	%	%	%	%	%	%	%	%	%	%	%	%
1	GAR	18%		-	-	-	- -		-	-	-	- 18%		-	-	-	- 75%
2	Loans and advanc es , debt s ec urities and equity ins truments not H fT eligible for GA R c alc ulation	30%		-	-	-	- -		-	-	-	- 30%		-	-	-	- 45%
3	Financ ial c orporations	4 %		-	-	-	- -		-	-	-	- 4 %		-	-	-	- 24%
4	C redit ins titutions	4 %		-	-	-	- -		-	-	-	- 4 %		-	-	-	- 22%
5	O ther financ ial c orporations	2 %		-	-	-	- -		-	-	-	- 2 %		-	-	-	- 2
6	of whic h inves tment firms	-		-	-	-	- -		-	-	-	- -		-	-	-	-
7	of whic h management c ompanies	-		-	-	-	- -		-	-	-	- -		-	-	-	-
8	of whic h ins uranc e undertakings	-		-	-	-	- -		-	-	-	- -		-	-	-	-
9	N on- financ ial c orporations s ubjec t to N FRD dis c los ure obligations	-		-	-	-	- -		-	-	-	- -		-	-	-	-
1 0	H ous eholds	64%		-	-	-	-					64%		-	-	-	- 20%
1 1	of whic h loans c ollateralis ed by res idential immovable property	100%		-	-	-	-					100%		-	-	-	- 13%
1 2	of whic h building renovation loans	-		-	-	-	-					-		-	-	-	-
1 3	of whic h motor vehic le loans	12%		-	-	-	-					12%		-	-	-	- 1
1 4	Loc al government financ ing	-		-	-	-	-					-		-	-	-	-
1 5	H ous ing financ ing	-		-	-	-	-					-		-	-	-	-
1 6	O ther loc al governments financ ing	-		-	-	-	- -		-	-	-	- -		-	-	-	-
1 7	C ollateral obtained by taking pos s es s ion: res idential and c ommerc ial immovable properties	-		-	-	-	-					-		-	-	-	- 1

ESG Template 9 – Mitigating actions: BTAR

As per Regulation (EU) 2021/637 the first disclosure date of ESG Template 9 is as of 31 December 2024. Institutions are not required to disclose this information before 1 January 2025 but may choose to include this information on a voluntary basis.

The Group has decided not to disclose BTAR given the limited data available on non-NFRD counterparties. The Group will make reasonable efforts to report towards ESG Template 9 in the future.

Pillar 3 Disclosures 2024

ESG Template 10 - Other climate change mitigating actions that are not covered in Regulation (EU) 2020/852

	a	b	c	d	e	f
31 December 2024	Type of financial instrument	Type of counterparty	Gross carrying amount € million	Type of risk mitigated (Climate change transition risk)	Type of risk mitigated (Climate change physical risk)	Qualitative information on the nature of the mitigating actions
1		Financial corporations	-	-	-
2		Non-financial corporations	-	-	-
3	Bonds (e.g. green, sustainable,	Of which Loans collateralised by commercial immovable property	-	-	-
4	sustainability-linked	Households	-	-	-
5	under standards other than the EU standards)	Of which Loans collateralised by residential immovable property	-	-	-
6		Of which building renovation loans	-	-	-
7		Other counterparties	-	-	-
8		Financial corporations	-	-	-
9		Non-financial corporations	21	Yes	No
10	Loans (e.g. green,	Of which Loans collateralised by commercial immovable property	16	Yes	No	Majority of green loans issued have t o do with renewable energy installations (solar)
11	sustainable,	Households	333	Yes	No	for residential buildings and SMEs, low carbon vehicles and households with EPC
12	sustainability-linked under standards other than the EU standards)	Of which Loans collateralised by residential immovable property	321	Yes	No	A.
13		Of which building renovation loans	-	-	-
14		Other counterparties	-	-	-

Pillar 3 Disclosures 2024

	ESG Template 10 -				Other climate change mitigating actions that are not covered in Regulation (EU) 2020/852				(continued)

	a	b	c	d	e	f
31 December 2023	Type of financial instrument	Type of counterparty	Gross carrying amount € million	Type of risk mitigated (Climate change transition risk)	Type of risk mitigated (Climate change physical risk)	Qualitative information on the nature of the mitigating actions
1		Financial corporations	-	-	-
2	Bonds (e.g. green, sustainable,	Non-financial corporations	-	-	-
3	sustainability-linked under standards other than the EU	Of which Loans collateralised by commercial immovable property	-	-	-
4	standards)	Other counterparties	-	-	-
5		Financial corporations	-	-	-
6		Non-financial corporations	17	Yes	No	Majority o f green loans issued have
7	Loans (e.g. green, sustainable,	Of which Loans collateralised by commercial immovable property	14	Yes	No	to do with renewable energy installations (solar) for residential buildings and SMEs, and low carbon
8	sustainability-linked	Households	7	Yes	No	vehicles.
9	under standards other than the EU standards)	Of which Loans collateralised by residential immovable property Of which building renovation	-	-	-
10		loans	-	-	-
11		Other counterparties	-	-	-

The Group is working towards implementing a green lending framework, initially based on the Loan Market Association's Green Loan Principles (GLP), and gradually on a best effort basis on the EU Taxonomy. The Bank has issued Green Mortgage and Green Car products in 2024 which are based on the GLP. Nevertheless, the Bank has so far issued loans for renewable energy, vehicle purchases (electric and hybrid) and building efficiency. Although these cannot be classified as green under any of the standards of EU Taxonomy and GLP, by virtue of the use of proceeds, they are contributing the environmental objective of climate change mitigation.

16.1.2 Governance

16.1.2.1 Responsibilities of the management body for setting the risk framework

The Sustainability Committee ('SC') is an executive level committee chaired by CEO and has as a primary role the oversight of the ESG agenda of the Group aiming to lead the Group towards a cleaner, fairer, healthier, and safer world by helping its customers manage risks in a long term sustainable and equitable way, and to be an employer of choice.

The SC is responsible for the following:

i. Monitor and review the development of the Group's ESG strategy including the management of ESG risks, including C&E risks and recommend to EXCO for approval. Following EXCO approval then it is recommended to the Board for consideration and approval through NCGC.
ii. Oversee the implementation of the Group's ESG & Climate strategy.
iii. Review the institution's response and plan of action to the objectives set out under international agreements. and makes recommendations for the plan of actions to the EXCO for approval. Following EXCO approval then is recommended to the Board for consideration and approval through NCGC.
iv. Review the ESG including C&E targets and KPIs and recommends to EXCO for approval. Following EXCO approval then is recommended to the Board for consideration and approval through NCGC. Monitor the performance of the targets and KPIs set.
v. Review the incorporation of ESG including C&E targets, KPIs and KRIs in the business strategy and risk appetite.
vi. Monitor progress against the Group's ESG working plan on a quarterly basis including the implementation of the ECB Guide on C&E risks
vii. Monitor progress on KPIs set to manage C&E risks and the performance against wider ESG targets, on a quarterly basis, through the Sustainability Performance Report. The Sustainability performance report is monitored by the EXCO and NCGC on a quarterly basis.
viii. Request from the relevant departments to submit proposals and recommendations of corrective actions whenever a KPI to manage C&E risks is not aligned with the thresholds set.
ix. Monitor KRIs set to manage C&E risks, through the Climate Risk report, on a quarterly basis. The Climate Risk Report will also be monitored by the EXCO and RC on a quarterly basis.
x. Oversee the degree of the Group's alignment with regulatory ESG including C&E related guidance, rules (such as EU Taxonomy, SFDR and CSRD) and ECB expectations.
xi. Oversee the establishment of environmentally friendly products and Sustainable Finance Framework.
xii. Review policies relating to ESG matters, including C&E, matters to ensure that they are in line with the needs of the Group and the Group's ESG strategy and that they comply with applicable legal and regulatory requirements. Monitors the implementation of policies relating to ESG including C&E matters (Excluding ESG and C&E risks related policies).
xiii. Review and challenge Risk Management Division (RMD) regarding ESG matters and policies, including C&E risks related matters and policies, such as ESG and C&E risk identification, quantification, materiality assessment (MA) and establishment of ESG and C&E criteria in the loan origination process. RMD subsequently submits to the Board for consideration and approval through RC for approval of ESG and C&E risks related matters and policies, also notifying EXCO.
xiv. Review non-financial disclosures and recommends to the Board for consideration and approval through NCGC and EXCO.
xv. Monitor the external ESG and C&E trends affecting the formulation of ESG policies, strategies and objectives

16.1.2.1 Responsibilities of the management body for setting the risk framework (continued)

The Role of the Risk Committee

The main purpose of the RC is to review, on behalf of the Board, the aggregate Risk Profile of the Group, including performance against Risk Appetite for all risk types and ensure both Risk Profile and Risk Appetite remain appropriate.

The RC is responsible for the following:

i. Oversee the identification, assessment, control and monitor of financial/economic risks and nonfinancial risks (including operational, technological, tax, legal, reputational, compliance, and ESG including C&E risks) which the Group faces in cooperation with the responsible Board Committees.
ii. Ensure that the Group's overall Risk Profile and Risk Appetite remain appropriate given the evolving external environment, the Group's character and the internal control environment.
iii. Ensure effective and on-going monitoring and review of the Group's management or mitigation of risk, including the Group's control processes, training and culture, information and communication systems and processes for monitoring and reviewing their continuing effectiveness.
iv. Report to the Board any current or emerging topics relating to ESG risks and matters, including C&E risks and matters, that are expected to materially affect the business, operations, performance, or public image of the Group or are otherwise pertinent to it and its stakeholders and if appropriate, detail actions taken in relation to the same.
v. Determine the principles that should govern the management of risks (including ESG and C&E risks), through the establishment of appropriate Risk Policies.
vi. Review and monitor key enterprise wide ESG including C&E metrics, targets, KPIs, KRIs and related goals and monitor the progress towards achieving targets and benchmarks.
vii. Receive and review periodic reports from management on ESG and climate trends, issues, and risks, including developments in applicable regulations, as well as the corresponding mitigation initiatives and controls.

16.1.2.1 Responsibilities of the management body for setting the risk framework (continued)

The role of Nomination and Corporate Governance Committee

The Nominations and Corporate Governance Committee (NCGC) has been delegated authority by the Board to provide oversight to the Group's sustainability strategy aimed at achieving present and future economic prosperity, environmental integrity, climate stability and social equity for the Group and its stakeholders.

The NCGC is responsible for the following:

i. Oversight the development of the strategy for ESG including C&E matters focusing on Environmental, Climate, Ethical, Social, and Economic pillars and ensure it is embedded throughout the operations of the Group.
ii. Advise, support and guide CEO and Executive Management Team in formulating and implementing a business strategy geared to the sustainable development of the Group taking into account ESG including C&E impacts.
iii. Oversee the SC's implementation and progress regarding the ESG working plan.
iv. Review the institution's response and plan of action to the objectives set out under international agreements.
v. Review and recommend to the Board for approval the ESG targets and KPIs, including C&E targets and KPIs, and monitor their performance.
vi. Review and recommend to the Board for approval the non-financial disclosures presented by the SC, including CSRD Sustainability Statement in accordance with ESRS.
vii. Review and recommend to the Board for approval the ESG and Environmental Policy and Sustainable Finance Framework which enables BOCH and/or BOC PCL to issue Green/Social or Sustainable bonds.

The role of Audit Committee

The AC has been delegated authority by the Board to assess the soundness of the methodologies and policies that the management of the Group uses to develop ESG, including C&E metrics and other disclosures and to assess the key vendors' plans for sustainability.

The AC is responsible for the following:

i. Ensure the ESG frameworks/standards, including C&E frameworks/standards, used are proper and relevant climate-related financial disclosures are investor grade.
ii. Consider materiality in terms of how ESG issues, including C&E issues, impact the Group's financial performance and ability to create long-term value (Financial materiality) and how the Group's actions impact people and the planet (Impact materiality).
iii. Review other material public disclosures with respect to ESG, including C&E matters and discuss with management the Group's engagement with stakeholders on key ESG matters, including C&E matters, including in response to any proposals or other concerns that have been submitted to BOCH and/or BOC PCL or the Board.
iv. Ensure that Internal audit incorporates ESG, including C&E risks, in its Risk and Audit Universe.
v. Overseeing all matters relating to the relationship between the Group and the external auditors. This also includes overseeing the external audit activities in relation to the limited assurance over the Sustainability Statement.

Pillar 3 Disclosures 2024

16.1.2.2 Integration of measures to manage environmental factors and risks in internal governance arrangements

The Group has dedicated resources for the handling of ESG matters. Beyond the governance arrangements described above, ESG accountabilities have been set across various divisions of the Group.

Investor Relations and ESG Department (IR&ESG)

The Group's IR&ESG department is developing and implementing the ESG and climate Strategy. The IR&ESG main responsibilities are to:

i. Develop the action plan for the implementation of the ESG and climate strategy;
ii. Compile the ESG working plan and monitor its progress;
iii. Establish the ESG and climate targets and KPIs and monitor their progress;
iv. Develops and rolls out the institution's methodology for portfolio alignment assessments (e.g., using PACTA and SBTi);
v. Develops and rolls out the institution's methodology for measuring financed emissions (e.g., using PCAF);
vi. Prepare ESG and climate-related reporting;
vii. Coordinate the activities and deadlines of the ESG Working Group;
viii. Review in cooperation with RMD the activities completed by the ESG Working Group;
ix. Support other functions in the formulation/update of policies in line with ESG Strategy;
x. Report to the SC in frequent intervals and Board Committees in line with the Terms of Reference;
xi. Update ESG communication messages in coordination with Corporate Affairs Department (CAD);
xii. Communicate ESG strategy to internal and external stakeholders in coordination with CAD and Risk Management; and
xiii. Manage relationship with ESG Rating Agencies & analysts and coordinates improvement actions.

Risk Management Division

The RMD is responsible for the identification, quantification and monitoring of ESG risks, including C&E risks, for own operations and clients. The main responsibilities are to:

i. incorporate ESG risks, including C&E risks, in the Risk Management Framework, policies and procedures;
ii. incorporate ESG and climate criteria in the loan origination process;
iii. review in cooperation with IR&ESG the activities completed by the ESG Working Group;
iv. comply with ECB guide on C&E risks;
v. establish the ESG and climate targets and KPIs in cooperation with IR&ESG; and
vi. establish the C&E KRIs through the ESG and climate targets and KPIs set.

The RMD main tasks regarding ESG risks, including C&E risks:

i. Carries out the necessary materiality assessment in relation to C&E risks;
ii. Identifies ESG risks, including C&E risks, and ensures their inclusion in the risk taxonomy and risk register of BOC PCL;
iii. Quantifies C&E risks through scenario or other analysis and provides estimates for their potential impact;
iv. Assesses the impact of C&E risks on the Bank's capital adequacy from an economic and normative perspective;
v. Incorporates C&E risks in its risk classification procedures;
vi. Analyses and provides expert judgement on exposures to clients from high-risk industries;
vii. Makes recommendations for risk-mitigating actions for transactions assessed as high-risk;
viii. Prepares and maintains the institution's climate-related risk management policies (e.g., exclusion policies);
ix. Develops and rolls out the institution's climate-related client questionnaires for due diligence and data collection purposes;
x. Conducts C&E risks stress testing and provides input on ESG supporting Governance;
xi. Produces reports on C&E risks for submission to the SC, EXCO and RC;
xii. Provides advice and checks on the institution's climate-related product offering, such as green products.

16.1.2.2 Integration of measures to manage environmental factors and risks in internal governance arrangements (continued)

Three Lines of Defence

As per the three lines of defence model established by the Group, Control Functions have defined responsibilities in terms of ESG risks.

Business Lines

The main tasks of Business lines on ESG risks, including C&E risks are to:

i. Lead the interaction with customers regarding the incorporation of the ESG and climate criteria in the credit underwriting process through the ESG questionnaires and scoring process;
ii. Observe and adhere any sector limits being put in place as derived from the science-based targets;
iii. Implement all policies relating to the Green transition (e.g., Environmental and Social Policy, Green Lending Policy etc.);
iv. Enable the Green Transition through promotion of Green products and services;
v. Engage with key customers for investments in Green products;
vi. When discussing a new lending, guide the customers towards green lending which will help them become a more sustainable business;
vii. Implement initiatives included in the BOC PCL's Decarbonisation strategy for own operations to reduce energy consumption, paper consumption and GHG emissions in relation to the operation of their business unit;
viii. Own and manage C&E risks as part of their responsibility for achieving objectives and for implementing corrective actions to address process and control deficiencies; and
ix. Support in the design of "green" products and services to meet customer's needs and incentivise clients to reduce emissions.

Compliance Division

Compliance Division's main tasks regarding ESG risks, including C&E risks, are:

i. Identifying, on an on-going basis, the legal and regulatory framework concerning ESG and climaterelated risks and communicating to business units any regulatory developments applicable to them;
ii. Ensuring that a complete and updated register of ESG and climate-related risks is maintained and that emanating compliance obligations are documented and supported by appropriate action plans by the responsible units;
iii. Assess and monitor the implementation of actions to ensure timely and effective compliance with regulatory obligations concerning ESG and climate-related risks and recommends changes to the institution's policies and coordinates the implementation of such changes;
iv. Updates SC, EXCO and AC on ESG Regulations & Compliance Requirements;
v. Performs compliance reviews taking into account ESG and climate-related laws, rules, regulations and standards identifying compliance weaknesses and risks. Prepares and recommends follow-up actions for mitigating such risks. Reports the outcome of these reviews to the management body and/or its committees, including as regards residual risk;
vi. Provides advice on ESG related policies, ensuring these are consistent with the Board's risk appetite and the Group's ESG Strategy;
vii. Provides advice on design and evolution of the ESG and Climate Governance Structure; and
viii. Supports functions and Business Lines for Compliance with ESG Regulations.

Internal Audit Division

The IA Division, as a third line of defence, provides independent assurance to the Board and Executive Management on the design adequacy and operating effectiveness of the Group's internal control framework, corporate governance and risk management processes (including ESG and climate risks), according to the risk appetite set by the Board.

16.1.2.2 Integration of measures to manage environmental factors and risks in internal governance arrangements (continued)

IA maintains a Risk & Audit Universe, which includes all material risks that BOC PCL is exposed to, as well as all auditable areas of BOC PCL. The management of C&E risks has been included in IA's Risk and Audit Universe both as a relevant primary risk, but also as an auditable area. Therefore, during the risk assessment process, which is followed to derive IA's Annual Audit Plan (AAP), all auditable areas in the Audit Universe are assessed against C&E risks.

Furthermore:

i. IA ensures the existence of adequate and appropriate resources for all audit engagements included in the AAP, through the calculation of the estimated hours needed on the basis of engagement scope and complexity, while also considering the assigned staff's knowledge, skills and other competencies in the area. Through the use of timesheets, the actual hours spent are recorded and compared with the estimated hours, with deviations investigated and if necessary relevant actions being taken.
ii. The knowledge and skills of the IA staff is assessed on an annual basis, in accordance with its Competency Framework. Based on this assessment, IA takes necessary actions and prepares specific development plans, in order to ensure that its staff possesses the necessary skills and knowledge for the performance of their duties (including for C&E related topics, if required).

It is noted that, since the maintenance of the Risk and Audit Universe is an ongoing process, as BOC PCL gradually builds its overall capabilities for managing C&E risks and enhances relevant processes within its first and second lines of defence, IA will be modifying its Risk and Audit Universe to cover them accordingly.

16.1.2.3 Lines of Reporting

The Group has introduced frequent reporting to administrative, management and supervisory bodies around sustainability matters, predominantly climate, as follows:

Reporting	Frequency	Committee	Material Impacts, Risks and Opportunities
Progress update to the ESG working plan	Quarterly	1. SC/EXCO 2. NCGC/RC	1. Progress update on the ESG Working plan designed to articulate delivery of Group's ESG strategic objectives and is aligned with ECB expectations and other regulatory disclosure requirements
Sustainability performance report	Quarterly	1. SC/EXCO 2. NCGC	1. Progress update on Climate change mitigation GHG emission reduction targets (42% reduction of Scope 1 and Scope 2 GHG emissions by 2030 compared to 2021 and 43% reduction in carbon intensity metric of mortgage portfolio by 2030 compared to 2022) 2. Progress update on Climate change mitigation new lending internal KPIs
Climate risk report	Quarterly	1. SC/EXCO 2. RC	1. Update on exposure to C&E risks 2. Progress on Climate change mitigation KRIs 3. Progress on Climate change adaptation KRIs 4. Update on implementation of ESG Due Diligence on loan Origination process 5. Update on Energy Performance Certificates (EPC)
Risk appetite framework (RAS) dashboard	Quarterly	1. EXCO 2. RC	1. Climate change mitigation and climate change adaptation update on KRIs
Business environment scan (BES) preliminary impact assessment on C&E updates and developments	Quarterly	1. SC/EXCO	1. Identification of C&E related updates and developments impacting Business Strategy and Risk assessment of the Group (Climate Change ROs).
BES final impact assessment on C&E updates and developments	Annually	1. SC/EXCO 2. NCGC/RC	1. Identification of C&E risk related updates and developments and integration to the Business Strategy and Risk assessment of the Group (Climate Change ROs).
Double materiality assessment	Annually	1. SC/EXCO 2. NCGC/AC	1. Approach towards DMA 2. Approach to the Group's Business segments on DMA 3. Impacts identified and threshold applied 4. Risks and opportunities identified and threshold applied 5. Key assumptions used in the DMA and procedures performed to support the assumptions 6. Material IROs identified and comparison of IROs with best practices 7. Results of stakeholder validation and consultation procedures
Green new lending internal KPIs	Monthly	1. BDC/EXCO	1. Progress update on energy, climate change mitigation and adaptation new lending internal KPIs

16.1.2.4 Alignment of the remuneration policy with institution's environmental riskrelated objectives

The Group has taken necessary steps in embedding its ESG strategic goals within its remuneration policy, adhering to the importance of connecting the performance of its personnel to ESG and climate matters as a way of incorporating ESG culture within the organisation. The remuneration policy promotes and is consistent with sound and effective risk management, in line with the Group's ESG and climate strategy and does not encourage excessive risk taking that exceeds the level of risk tolerated by the Group.

Remuneration structure of the Group typically consists of fixed plus variable pay. Fixed remuneration does not embed any ESG incentive considerations. Variable remuneration is based on a combination of the performance of the employee, the overall performance of the business unit the individual belongs to, and the Group's consolidated financial results.

Regarding variable remuneration, performance criteria (financial and/or not financial), set to measure the performance of Senior Management, contain KPIs that relate to the implementation of the Group's ESG strategy, reflecting the Group's emphasis on achieving its sustainability related objectives, in accordance with the role and responsibility of each Senior Manager in relation to the ESG Strategy. These KPIs are used to evaluate the performance of Senior Management, when the distribution of a Short-Term Incentive Plan (STIP) is activated. Specifically, the percentage of the salary to be paid as STIP for Senior Management is adjusted in accordance with Group's performance and individual performance. The KPIs embedded in the performance criteria of Senior Management are primarily qualitative (Oversee the ESG Working Plan, effective implementation of decarbonisation activities on own operations etc.) but certain quantitative KPIs are included as well, such as annual Green new lending internal KPIs for Business Lines. The weight of ESG related KPIs on individual Senior Management's performance appraisal is between 3%-15%. Senior Management's KPIs for individual performance appraisal are approved annually by HRRC. The Board should annually approve a proposal for the implementation of a STIP across the organisation. The allocation criteria are to be decided on an annual basis by the HRRC. The annual bonus pool will vary in accordance with the Group's performance/profitability for each financial year. Performance will typically be assessed based on a one-year performance period.

The Long-Term Incentive Plan (LTIP) was approved by the 2022 AGM, which took place on 20 May 2022. The LTIP involves the granting of share awards and is driven by scorecard achievement, with measures and targets set to align pay outcomes with the delivery of the Group's strategy. Currently, under the plan, the employees eligible for LTIP awards are the members of the Extended EXCO, including the executive directors. The LTIP stipulates that performance will be measured over a 3-year period and sets financial and nonfinancial objectives to be achieved. At the end of the performance period, the performance outcome will be used to assess the percentage of the awards that will vest.

The AGM resolution, approved by the shareholders in May 2024, gave the Group the flexibility to increase the ratio of variable to fixed remuneration to up to a maximum of 100% for Material Risk Takers. Up to 100% of the awards will be subject to malus and clawback provisions in accordance with applicable legislation and regulations. The applicable scorecard under the long-term incentive plan ('2022 LTIP') include a KPI on External ESG ratings Score with a target being an AA rating with 5% weight.

The applicable scorecard under the LTIP include a KPI on external ESG rating score with a target being an AA ESG rating for the Group, and this outcome has a 5% weight in the LTIP.

16.1.3 Risk Management

16.1.3.1 Timeframes

Due to the longer timeframes associated with C&E risks, the Group has defined the expected materialisation horizons of the different risks identified. The logic of this is explained below:

Time horizon label	Start Year	End Year	Rationalisation
Short-term (1 years)	2024	2025	The Group is committed to become carbon neutral in own operations by 2050 with interim target to reduce Scope 1 and Scope 2 GHG emissions from own operations by 42% by 2030 compared to 2021 baseline. The Group has focused its main decarbonisation actions in the short-term up to 2026 in order to lead the decarbonisation efforts, lead by example and also to benefit from any government subsidies that will be announced as part of the Recovery and Resilience Facility (RRF) of the EU. Taking also into account the CSRD which is a milestone for sustainability activation effective for FY2024 for EU listed companies, and every year thereafter up until 2028 to include certain SMEs and large companies, the Group decided to set short-term time horizon at 1 year as of the end of the reporting date.
Medium term (2-6 years)	2026	2030	The Group is committed to become carbon neutral in own operations by 2050 with interim target to reduce Scope 1 and Scope 2 GHG emissions from own operations by 42% by 2030 compared to 2021 baseline, therefore sustainability IROs should be identified and managed in a horizon of 2-6 years. As 2030 is the year set by the EU for the goal of "Fit for 55" (i.e., a 55% reduction of GHG emissions below 1990 levels), the Group has also set 2030 as the medium-term risk horizon for the identification and management of sustainability IROs. Therefore, the time horizon for medium term is between 2-6 years.
Long-term (>6 years)	2031	n/a	The Group considers a time horizon of more than 6 years. The Group has set its ambition to become net zero by 2050, which indicates that Scope 1, Scope 2 and Scope 3 GHG emissions should be reduced by 2050 to net zero. The climate related risks associated with Financed Scope 3 GHG emissions depend also on the useful life of the assets, which for the majority of the current loan portfolio of the Group this translates to a maturity beyond 7 years. As such a long-term time horizon has been set of over > 6 years to cover both the risks as well as the strategic aspects of climate-related risks within the organisation.

16.1.3.2 Definitions and methodologies

BOC PCL has aligned its definitions of C&E risks with the requirements set in the ECB's Guide on climaterelated and environmental risks (November 2020), Good practices for climate-related and environmental risk management Observations from the 2022 thematic review (November 2022) and the EBA's report on management and supervision of ESG risks for credit institutions and investment firms (June 2021). BOC PCL has enhanced its Risk Identification and Materiality Assessment process (RIMA), and this analysis was also supported through the usage of the UNEP FI PRB's Impact Analysis Tool as well as several resources through literature and other reports. Furthermore, BOC PCL has used the Network for Greening the Financial System scenarios (NGFS) in the development of its stress testing framework that took place in 2023. More details on these methodologies and the outcome of the analysis are provided in the sections that follow.

16.1.3.3 Processes to identify, measure and monitor activities and exposures

C&E Risks Identification & Materiality Assessment (RIMA) process

In 2023, the Group has refined its MA of C&E risks as drivers of existing financial and non-financial risks, namely Credit risk, Liquidity risk, Market risk, Operational risk, Strategic risk as well as Reputational and Legal risk, taking into consideration its business profile and loan portfolio composition.

As part of the RIMA process, the Group has enhanced the following steps to ensure a comprehensive and structured MA process, having due consideration on the specificities of its business model, operating environment and risk profile:

i. Identification and documentation of C&E risk drivers
ii. Definition of transmission channels for C&E risks
iii. Assessment of materiality of C&E risk drivers

Specifically, the Group has conducted an assessment of the following C&E risks, as drivers of existing risks:

i. Climate-related physical risk drivers
ii. Climate-related transition risk drivers
iii. Environmental transition risk drivers (other than climate risks)
iv. Environmental physical risk drivers (other than climate risks)

The assessment has been conducted using both quantitative and qualitative methods. For data driven methods, a combination of internally collected Group specific data and external data have been used.

In summary, as a first step, a more granular list of potential C&E risk drivers has been identified through the enhancement of the inventory of C&E risks already developed by the Group in the course of the previous C&E risk assessment exercises. In particular, the Group has proceeded with an additional classification and categorisation of the C&E risks across four levels of granularity as per the following example:

i. Climate-related risk (Level-1)
ii. Physical risk (Level-2)
iii. Acute risk (Level-3)
iv. Wildfire (Level-4)

As a second step, the C&E risks have been mapped to the existing financial and non-financial risks through respective transmission channels.

As a third step, a combination of qualitative and quantitative methods has been utilised for the purpose of the performance of the MA of C&E risks using various materiality parameters and thresholds, depending on the method and data used for assessment. In addition, the evolution of C&E risks has been considered over the short, medium and long-term time horizons.

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

An overview of the steps followed for the performance of the MA is presented in the following figure:

Figure X: Overview of BoC's C&E MA 2023 stages

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

The following table, provides an overview of the Group's C&E risks inventory, which includes all C&E risks considered as part of the MA performed. A further split of C&E risks has been considered accordingly by defining thirty (30) underlying risk types.

ID	C&E risk	C&E risk sub-type	C&E risk sub-type	C&E risk sub-type
	[Level 1]	[Level 2]	[Level 3]	[Level 4]
1				(Extreme) Heat
2				Drought (increased frequency, intensity, duration)
3				High intensity / duration precipitation events (increase; causing flooding)
4	Climate	Physical	Acute	Landslide
5	related			River flood
6				Storms (increased activity and/or intensity)
7				Wildfire
8			Chronic	Desertification
9				Ocean acidity
10		Physical	Chronic	Precipitation (decreased average precipitation)
11		Transition		Sea level rise (increasing risk from coastal flood)
12				Temperature (increase of average temperature)
13	Climate		Policy and Regulation	Failure to comply with climate (ESG) disclosures and GHG reporting obligations
14	related			Risks from litigation
15			Technology	Transition to low-emission alternative products and services/business models
16				Increased energy costs and costs of raw materials
17			Market	Increased stakeholder concern or negative stakeholder feedback / markets sentiment and preferences
18				Earthquake
19			Acute	Tsunami
20				Air pollution
21				Soil pollution
22				Water pollution
23		Physical		Biodiversity loss (incl. species extinction)
24	Environme ntal		Chronic	Deforestation (incl. habitat destruction) and land use change
25				Water scarcity
26				Pests (increased prevalence)
27			Policy and	Circular economy & waste management
28			Regulation	Environmental protection requirement
29		Transition	Technology	Environmentally friendly technologies
30			Market	Environmentally driven consumer behaviour

Each C&E risk has been individually assessed as a driver of Credit risk, Liquidity risk, Market risk and Operational risk, and individual risk scores have been assigned. For these categories of existing risks, the results of the assessment have been aggregated at the level of physical and transition risks sub-types. The assessment of C&E risks as drivers of Strategic risk, Reputational risk and Legal risk has been performed on the abovementioned granularity level.

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

C&E Transmission Channels

C&E risks are recognized as drivers of the existing risks (Credit Risk, Market Risk, Liquidity Risk, Operational Risk, Reputational Risk, Strategic Risk and Legal Risk) and may impact BOC PCL directly or indirectly through counterparties, assets (microeconomic channels) or the broader economy in which the relevant clients and BOC PCL operates (macroeconomic channels). BOC PCL has defined the transmission channels through which the C&E risks can influence each of its existing risk categories. The table below provides a non-exhaustive list of transmission channels and is not limited to the C&E risks identified as material. A more detailed description of each of the C&E risk transmission channels with regard to the principal risks and the arising impact on BOC PCL is provided in the Table 1 below.

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

C&E Risk Drivers	Transmission Channels (Non-exhaustive List)	Potential Impact on the Group	Affected Financial and Non-Financial Risk Types
	i. Impact on repayment ability of clients through: i. Increased operating costs for compliance and/or lower revenues ii. Increased capital expenditures to comply with regulatory standards iii. closure of business lines or facilities due to transition to greener economies and public sentiment	Increased Probability of Default ('PD') and LGD	Credit Risk*
Climate - related and Environmental Transition Risks	i. Impact on the price of marketable instruments (bonds/equity) and to Real Estate assets ii. Impact on BOC PCL's valuation if it does not reduce its emissions and/ or increase its GAR	i. Decrease in value of the REMU portfolio due to increase in operational costs and decrease in the value of the assets ii. Large/ small sell-off (of HQLA) against reduced prices and/ or potential difficulty to liquidate iii. Interest rate and FX shocks, credit spreads changes	Market Risk**
	i. Inability to raise funding due to lack of climate change action by the organisation ii. Depletion of deposits to address increase operational costs or mitigate transition risks	i. Rapid withdrawal of customer deposits ii. Unexpected significant expenses or charges that may influence liquidity position and net outflows iii. Lack of funding sources / negative changes in funding structure iv. Lower demand for BOC PCL's capital issuance v. Difficulties in selling assets / selling of assets with a discount	Liquidity Risk***

Table 1: Overview of the key transmission channels and potential impact on the Group through C&E risks

* Including Counterparty risk, Settlement risk, Issuer risk, Concentration risk and Country risk.

** Including Interest rate risk, FX risk, Real Estate risk, Credit Spread risk and Equity risk.

*** Including Liquidity risk and Funding risk.

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

C&E Risk Drivers	Transmission Channels (Non-exhaustive List)	Potential Impact on the Group	Affected Financial and Non-Financial Risk Types
Climate - related and Environmental Transition Risks	Socioeconomic changes (e.g. changing consumption patterns / customer preferences)	i. Losses due to physical damage or shutdowns ii. Increased operational costs for the buildings of BOC PCL iii. Losses from lower productivity iv. Losses from wrong decisions/ process issues v. Additional significant operating or capital expenses	Operational Risk*
	i. Inability to meet stakeholders' demands as a result of changing market sentiment ii. Reputational damage due to the financing of environmentally harmful projects	i. Limited business opportunities/ lessened expansion potential ii. Workforce fluctuations iii. Client withdrawal iv. Additional investments to improve internal processes and comply with expectations	Reputational Risk
	Litigation risks due to financing of environmentally harmful projects	i. Litigation costs may reduce the value of the REMU portfolio ii. Non-compliance with regulation and policy measures iii. Investments in carbon intensive and unsustainable projects, buildings or similar iv. Misalignment of communicated targets and reality	Legal/Litigation Risk
	i. Additional costs and regulatory repercussions relating to, for example, exposure to real estate portfolio without adequate EPC labels, or exposure to high emitting/ polluting sectors ii. Regulatory and / or market developments in relation to financial institutions offering 'green' products impacting BOC PCL's competitiveness	i. Loss of revenue due to strategic reorientation (e.g. loss of profitable business line) ii. Inadequate definition and execution of the strategy (e.g. incorrect or faulty assumptions, poor implementation) iii. Expenses for the implementation of upcoming C&E regulatory requirements / changes iv. Limited business opportunities/ lessened expansion potential	Strategic Risk

Table 1: Overview of the key transmission channels and potential impact on the Group through C&E risks (continued)

* Including Regulatory Compliance/Conduct risk, FEC risk, Internal/ External Fraud risk, People risk, BC risk, IT/ Cyber Risk, Technology risk, Data Accuracy and Integrity risk, Physical Security and Safety risk, Statutory Reporting and Tax risk, Transaction Processing and Execution risk, Project risk, Model risk and Third-Party risk.

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

C&E Risk Drivers	Transmission Channels (Non-exhaustive List)	Potential Impact on the Group	Affected Financial and Non Financial Risk Types
Climate - related and Environmental Physical Risks	i. Increased operating costs due to retrofitting and/or damage / substitution of assets ii. Increase in insurance costs iii. Lower revenues due to reduced productivity or damage in value chain operations iv. Decrease in value of property collateral	Increased Probability of Default (PD) and LGD	Credit Risk
	i. Impact on the price of marketable instruments (bonds/equity) and to Real Estate assets ii. Impact on BOC PCL's valuation if it does not reduce its emissions and/ or increase its GAR	i. Decrease in value of the REMU portfolio due to increase in operational costs and decrease in the value of the assets ii. Large / small sell-off (of HQLA) against reduced prices and/ or potential difficulty to liquidate iii. Interest rate and FX shocks, credit spreads changes	Market Risk
	Depletion of deposits to address increase operational costs or address or mitigate physical risks (e.g. to finance damage repairs)	i. Rapid withdrawal of customer deposits ii. Unexpected significant expenses or charges that may influence liquidity position and net outflows iii. Lack of funding sources / negative changes in funding structure iv. Lower demand for Bank's capital issuance v. Increase in funding costs vi. Difficulties in selling assets/ selling of assets with a discount	Liquidity Risk

Table 1: Overview of the key transmission channels and potential impact on the Group through C&E risks (continued)

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

C&E Risk Drivers	Transmission Channels (Non-exhaustive List)	Potential Impact on the Group	Affected Financial and Non-Financial Risk Types
	Increased operating costs due to damage on premises, operating locations and other facilities	i. Losses due to physical damages or shutdowns ii. Increased operational costs for the buildings of BOC PCL (e.g. to comply with energy efficiency standards) iii. Losses from lower productivity iv. Losses from wrong decisions/ process issues v. Unplanned or additional significant operating or capital expenses	Operational Risk
Climate -related and	Increased operating costs arising from the management of C&E risks	i. Limited business opportunities/ lessened expansion potential (including respective operating losses) ii. Workforce fluctuations (including respective operating losses) iii. Client withdrawal (including respective operating losses) iv. Additional investments to improve internal processes and comply with expectations	Reputational Risk
Environmental Physical Risks	Litigation risks arising from BOC PCL's exposure to physical climate-related and/ or environmental damages	i. Litigation costs may reduce the value of the REMU portfolio ii. Non-compliance with regulation and policy measures iii. Investments in carbon intensive and unsustainable projects, buildings or similar (knock on effects from reputational loss) iv. Misalignment of communicated targets and reality	Legal/Litigati on Risk
	Inadequacies in BOC PCL's product offerings without factoring in the potential damages resulting from physical risks associated with climate change; this could result in increased defaults on loans and negatively impact BOC PCL's asset quality.	i. Loss of revenues due to strategic reorientation (e.g. loss of profitable business line) ii. Inadequate definition and execution of the strategy (e.g. incorrect or faulty assumptions, poor implementation) iii. Expenses for the implementation of upcoming C&E regulatory requirements / changes iv. Limited business opportunities	Strategic Risk

Table 1: Overview of the key transmission channels and potential impact on the Group through C&E risks

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

Assessment of C&E risks as drivers of financial and non-financial risks

Following the mapping of C&E risks as potentially relevant or not-relevant drivers of the principal risks through the transmission channels, follows the assessment of the C&E risks and their relevant impact based on the principal risks. The Group has applied a combination of both qualitative and quantitative methods. The following methodologies have been applied:

a. Quantitative Geographic Assessment

This assessment is applicable to C&E physical risks as drivers of Credit, Market, Liquidity and Operational risks. Specific physical climate related hazards, namely Wildfire, Landslide, River Flood, Wind Gusts (Storms), and Sea Level Rise have been considered using geolocation data (i.e. coordinates, postal codes, municipalities) with respect to the following:

i. Credit risk: borrowers' collateralized (secured) portfolio (geolocation coordinates of collateral properties) and unsecured portfolio (postal codes or municipalities of borrowers' location);
ii. Market risk: properties of BOC PCL's REMU portfolio (geolocation coordinates of collateral properties);
iii. Liquidity risk: deposits held by Cyprus residents (postal codes or municipalities of deposit holders' locations);
iv. Operational risk: BOC PCL's physical locations (postal codes or municipalities of Bank's facilities).

Furthermore, specific environmental hazards, namely Air Pollution, Soil Pollution and Earthquake have been considered with respect to the following:

i. Property collateral for Credit risk secured portfolio (geolocation coordinates of collateral properties) - in respect to Air pollution, Soil pollution and Earthquake;
ii. Borrowers for Credit risk unsecured portfolio (postal codes or municipalities of borrowers' location) – in respect to Air pollution, Soil pollution and Earthquake;
iii. Property collateral for the REMU portfolio for Market risk (geolocation coordinates of collateral properties) - in respect to Earthquake;
iv. Deposits held by Cyprus residents for Liquidity risk (postal codes or municipalities of deposit holders' locations) – in respect to Earthquake;
v. BOC PCL's physical locations for Operational risk (postal codes or municipalities of the Bank's facilities) – in respect to Earthquake.

To further analyze the materiality of risk exposures to both physical and environmental hazards, a distribution analysis of underlying credit exposures (for both secured and unsecured portfolios), deposit amounts and employees count across risk scores (1-Low, 2-Medium, 3-High, 4-Critical) is performed. To conclude on the materiality of a specific hazard based on the distribution analysis across risk scores, a decision tree logic has been applied leading to one resulting risk score per hazard (consistently, the same 4-level unique risk scale has been applied).

b. Quantitative Country Heatmaps

To inform the MA process, the Group has performed a heatmapping exercise to determine how physical and transition risks affect certain industries that the Group is exposed to, and subsequently to determine the impact on the overall Group's risk profile and operations. Three different heatmaps have been constructed to assess specific risks and segments as described below.

Country climate transition risk heat map

The heatmap was used to assess:

i. Liquidity risk: deposits held by non-Cyprus residents (foreign deposit amounts)
ii. Market risk: HQLA Bond portfolio (corresponding Conditional Value at Risk (CvaR))

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

A corresponding risk score from the heat map has been assigned to foreign deposit holders based on the underlying country of residence, and to bonds based on the underlying country of the issuer. As a next step, a distribution analysis of deposit amounts and CVaR across risk scores has been performed.

Country climate physical risk heat map

The heatmap was used to assess:

i. Market risk and Liquidity risk: HQLA Bonds portfolio
ii. Operational risk: Foreign locations of BOC PCL's third-party outsourcing/ providers

A corresponding risk score from the heat map has been assigned to bonds based on the country of issuer and to third party providers based on country of location. As a next step, a distribution analysis of HQLA balances (CVaR for Market risk and market value for Liquidity risk) and number of employees (per country of third-party provider location) across risk scores has been performed.

In order to conclude on the materiality of climate transition and physical risks based on the distribution analysis described above, the same logic as described in the quantitative geolocation methodology (decision tree) has been applied, leading to a single resulting risk score (consistently, the same 4-level unique risk scale has been applied).

c. Qualitative analysis based on Expert Judgement

Expert judgement has been also employed to assess certain risk drivers including those for Strategic, Reputational and Legal risks. Expert judgement includes additional external sources and publicly available statistical data such as consultation reports, scientific publications and other sources featuring Cyprusspecific data from Eurostat, World Resource Institute, Climate Analytics, Climate Vulnerability Monitor etc.

d. Sectoral Analysis

For transition risks, the BOC PCL has used an industry heatmap with GHG emissions intensity as the indicator of the sectors' sensitivity to transition risks (the higher the GHG intensity, the higher exposure to transition risks). As a next step, a distribution of the credit exposures to these emissions categories has been allocated and an overall score for transition related risks was determined.

e. Determination of materiality

Different types of scores have been considered during the MA depending on the type of risks analysed and methods considered. Determination of materiality was concluded at C&E Risks Level 3, i.e., at the level of chronic, acute etc. risks sub-types, utilizing the Group's existing Risk and Control Self-Assessment methodology and thus assessing Magnitude and Likelihood on a scale from one (1) to five (5), to ensure consistency.

The definitions of each Magnitude and Likelihood scores have been formulated, taking into account the nature of C&E risks and encompassing different characteristics of the physical and transition risks, as well as the acute and chronic drivers in a harmonised way. Thus, for the purposes of this MA, the definitions of Impact and Likelihood have been tailored to describe the occurrence of severe C&E events or circumstances, since these are typically responsible for the great majority of the potential risk. In addition, materiality risk score levels "High" and "Critical" have been considered as "material" for the purposes of the Materiality Assessment, whilst "Low' and "Medium" scores as "non-material".

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

f. Reperformance of Materiality

In November 2024, the Bank reperformed the MA using identical methodologies to establish whether new risks must be considered as material. More specifically, Credit, Liquidity, Market and Operational risk analysis was reperformed with revised data and for the rest of prudential risks that were critically assessed based on expert judgement, the assessment has been revisited to ensure its validity. The outcome of this analysis did not yield any changes in the material risks. The RIMA process will be performed at least on an annual basis, or ad-hoc, if necessary.

g. Business Environment Scan (BES)

The Group established and implemented the BES process to monitor C&E developments / updates as already described in Section 16.1.1.1. The process is mainly used as a risk identification tool, that identifies C&E risks emerging from relevant developments and their association with existing risk categories. New developments identified within the BES are carefully analysed for their relevance and potential impact on the Group's risk and strategic profile. This integrated approach enhances the Group's ability to manage and control C&E risks effectively, thus, associated risks arising from C&E risks will be closely monitored and analysed on regular basis and feed into the MA.

The results of the BES, for 2024, have been considered and informed the RIMA and Business Strategy, particularly developments which have been classified as having a "High" or "Critical".

h. Climate risk assessment at loan origination

During 2023, BOC PCL established an ESG Due Diligence process with the objective being to assess customers (existing and new) on their performance against various aspects around ESG and climate risks. The process involved the utilization of internal developed structured questionnaires applied at the individual company level and has been initially deployed to customers within the Corporate Division. The questionnaires focus more on the Environmental / Climate risk pillar and aim to assess various aspects of each customer touching upon matters around Governance, Training, Strategy & Business Planning, Energy metrics and other. The Social and Governance pillars are also assessed through several relevant dimensions such as Corporate and Social Responsibility, Human Rights, Board Composition etc.

The Due Diligence process is applied when granting new and/or reviewing existing credit facilities. Since March 2024, the internally developed questionnaires have been replaced by syndicated questionnaires deployed through a common platform across the Cypriot Banking System, a fact that ensures a harmonised approach in terms of the customers' ESG assessment in all Cyprus Banks. Going forward, the Bank will consider the expansion of the ESG assessment to more customers.

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

i. Syndicated Questionnaire Structure and Outcome

The questionnaires are differentiated by company size allowing for a proportionate assessment to be carried out. Furthermore, the questionnaires utilise a two-tiered assessment approach:

A core version that includes questions aligned with the Global Reporting Initiative (GRI), concentrating on business aspects and ESG principles.
An industry-specific section tailored to the company's sector. 36 Sectors are currently covered by the questionnaires capturing the Key Carbon Intensive sectors indicated by Fit for 55 ECB's Stress Test one-off exercise performed in November 2023.

The syndicated questionnaires are a critical component of the ESG Due Diligence process and enable BOC PCL to effectively assess customer's capacity to manage ESG aspects, ensuring a thorough evaluation of their sustainability practices. The process involves determining significant ESG factors for each sector and establishing key assessment dimensions and performance metrics to evaluate customers' ESG performance compared to industry and business activity. A non-exhaustive list of key assessment dimensions considered are depicted in the following figure.

	Environment	Social	Governance
Management Approach	Management Systems Climate Change Personnel Management Policies Environmental & Social Targets		Code of Conduct Corporate Governance Internal controls ISO Certifications Prescence of a Sustainability Expert
Evaluation of Management approach	External verification Environmental Certifications Number of work -related incidents	Data privacy and Security policies Reporting &
Performance Assessment	Energy consumption Clean technologies Renewable energy Materials Waste separation Waste production Water consumption Scope 1, 2, 3 GHG Emissions	Average Wages of employees Average Age of employees Working hours Training hours Donations/Charities Employee and Customer Initiatives Occupational Health & Safety Stakeholder relations	Accountability

Figure 1: Key assessment dimensions of the ESG Syndicated Questionnaires

The completion of the syndicated questionnaire allows both BOC PCL and the customer to receive the customer's final assessment that includes the ESG Score. The assessment is valid for a 12-month period and following the lapse of that period, a new assessment needs to take place. The ESG Score is provided in a scale of A to E, where A indicates an excellent level of sustainability where E indicates a low level of sustainability respectively.

Upon completion of the process, the customer receives an ESG certificate, a survey report that includes the ESG Score obtained as well as the breakdown of the scores across the macro-areas that make up the questionnaire, the customer responses to the questionnaire and an Action Plan.

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

The Action Plan contains recommendations on actions to be taken by the customer ranked according to their priority. At this point, these recommendations such as calculations of GHG emissions etc. are not binding but they are however viewed as the initial steps to guide customers to improve their customer ESG Score and increase their resilience against C&E risks.

BOC PCL is currently incorporating ESG Covenants to address risks identified during the ESG Due Diligence Process. Recognizing the current market conditions and the gradual shift of its customers towards sustainability in Cyprus, the Bank will align the imposition of these covenants with the implementation timeline of the CSRD. As customers become subject to CSRD, they will also be subject to the Bank's ESG Covenants.

j. Climate Risk Sensitivity and Stress Testing

(a) Sensitivity Analysis

Scenario analysis and climate risk stress testing are methods which assist in evaluating and managing the possible effects of C&E risks, to the Group's business strategy and financial planning decisions. By nature, this analysis is of an informative nature and focuses on the planning horizon of the business plan. The sensitivity analysis carried out on physical and transition risks are described below.

Transition risks

To assess the potential impact of transition risks on the Business Model, a sensitivity analysis was carried out on portions of the corporate and mortgage portfolios that were identified as being exposed to transition risks. The analysis related to the Financial Plan for the period between 2025 – 2028 and reflected the potential impact of a short-term disorderly scenario according to which a set of climate related policies are implemented at the beginning of 2024.

Estimation of impact was done on a top-down basis considering the outcome of regulatory climate stress tests, and specifically the outcome of the Bank of England Climate Biennial Exploratory Scenario. Considering the specific composition of BOC PCL's portfolio, such climate related policies would most likely affect customers in the sectors identified as vulnerable to transition risks as well as customers with mortgage loans granted prior to 2009, implying thus a less-energy efficient property. These sectors account for c.49% of the Bank's total loan portfolio as at September 2024. The outcome of the analysis thus provided a magnitude of losses BOC PCL might face if both BOC PCL and its customers do not respond effectively to climate risks. The analysis indicated that over the period of the next financial plan (2025 – 2028), an average decrease of the Bank's profitability of €19 million per year was estimated, totalling to €75 million for the period. This is an adverse sensitivity scenario and given the energy strategy of Cyprus, this is not considered a likely outcome.

Physical risks

This sensitivity analysis is designed to evaluate the financial implications of climate-related physical risks on the real estate assets we hold as collateral within the four-year timeframe of the financial plan. It focuses on three risks, namely wildfire, landslide and flood. The analysis utilised the concept of damage functions.

The analysis assumes that climate-related risks will gradually materialize through market pricing mechanisms, even before physical damage occurs. This assumption reflects growing market awareness of climate risks and their incorporation into property valuations. The transmission channels through which these risks affect property values could include:

Insurance premium adjustments reflecting increased risk exposure
Market participants' risk perception and preference shifts
Regulatory changes affecting building requirements and land use
Adaptation costs necessary to protect properties
Changes in local economic conditions due to climate vulnerabilities

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

While actual climate impacts may materialize over longer timeframes, it is possible that market pricing mechanisms will begin to incorporate these risks more rapidly as climate risk awareness increases.

Scenarios

The NGFS scenarios considered for this assessment were the Hot House World and the Orderly Transition. The former scenario is more appropriate for wildfires and floods as it implies that physical risks increase the further you move into the future. On the other hand, the Orderly Transition scenario is more appropriate for landslide as the particular risk requires the additional element of heavy rain to act as a trigger. Heavy rain is not assumed in the Hot House World scenario. The damage functions resulting from each scenario up to the year of 2034 were thus compared. No significant differences were observed between the two scenarios given the short time frame examined and therefore the Hot House World scenario was used to run the sensitivity analysis which aligns with the scenario used for physical risks in the RIMA process.

Results

The sensitivity analysis results indicate a collective charge of €3.5 million and €6.8 million, assuming that prices are reduced equally to the calculated damage functions for the years 2028 and 2034 respectively. Both charges are not deemed material.

Employing the damage functions over a longer term would yield additional provisions as per the logic embedded in the climate scenarios which provide for increasing impacts as you move further into the future. However, that would ignore both the dynamic nature of the balance sheet and the mitigating actions that the BOC PCL can put in place in the interim. Furthermore, the precise timing and magnitude of any climate impact on property prices remain uncertain.

(b) Transition Risk Framework

BOC PCL developed a Framework to quantify transition risk for the purposes of stress-testing within the context of ICAAP, under the normative perspective. The framework addresses all sectors of the BOC PCL's portfolio, but dedicated models were created for those sectors that are more susceptible to transition risks, based on their inherent activities and their exposures. Such sectors include Construction, Hotels, Real Estate and Mortgages whilst the remainder of BOC PCL's portfolio is catered through a generic model.

The approach builds on the risk quantification methodology that BOC PCL has put in place. The main elements of the approach are described below. The overall approach regrading Climate Stress Testing (CST) design is structured into three layers:

Scenario Layer: This layer encompasses scenario variables, which are divided into macroeconomic variables and climate risk parameters. It is essential that the macroeconomic variables remain internally consistent with the climate risk parameters.
Climate Risk Layer: The climate risk parameters are utilized to adjust the rating components through transition risk models.
Quantification Layer: The macroeconomic variables are used to estimate IFRS 9 PD and LGD based on a forward-looking approach.

The Bank has assessed the Climate Transition Risk for both Normative and Economic dimension in the 2024 year-end ICAAP.

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

Physical Risks on Collateral Portfolio

In terms of physical risks, efforts were focussed on estimating the impact on property value from the potential materialisation of climate-related physical risks. This is considered relevant to BOC PCL, given the concentration of clients in activities relating to immovable properties such as Construction, Accommodation & Food Service, Real Estate, Mortgages as well as the fact that a significant portion of BOC PCL's collaterals are real estate assets.

To that end, data were obtained from an external vendor, providing granular, location level information. Based on existing literature¹ , only five physical hazards are considered as having impact on immovable properties and these were analysed further. These include wildfire, landslide, wind gust, flood and sea level rise.

For the purposes of the analysis which was also used as part of its RIMA process, the NGFS scenarios were employed and used as a reference. In particular, the following scenarios were used and projected up to 2050:

i. Orderly transition: assume that climate policies are introduced early and gradually become more stringent. Physical and transition risks are relatively small.
ii. Disorderly transition: explore higher transition risk due to delayed or divergent policies across countries and sectors.
iii. Hot House World: assume that some climate policies are being implemented in some jurisdictions, but that global efforts are insufficient to halt significant global warming. These scenarios pose serious physical risks.

The analysis of the data allowed BOC PCL to gain an understanding of the assets vulnerable to the various physical risks, their level of riskiness as well as potential concentrations across the island. Furthermore, following the identification of physical risks, the monetary impact (damage function) for each combination of property, hazard, scenario, and year was estimated. This monetary impact considered not only the geolocalisation features, but also the asset-specific characteristics, i.e., commercial, industrial, residential, other use.

Focusing on the most conservative climate scenario (Hot House World) the data indicated that only three hazards, namely wildfire, landslide and flood could potentially impact collaterals' value. The impact of wildfires on the collateral portfolio was quantified in the 2024 year-end ICAAP as well as in the subsequent quarterly updates both from an economic and a normative perspective.

For the purposes of the quantification and taking a worst-case scenario perspective, BOC PCL considered the effectiveness of insurance contracts as mitigants of wildfire and flood as well as the below factors:

Macro-economic conditions: Economic downturns could increase insurance lapses.
Severe economic depression: This could challenge insurers' financial stability and ability to pay claims.
Climate change: Increasingly severe wildfires may lead insurers to limit coverage.
Limited coverage: Standard policies might not cover all wildfire damages.

Economic Perspective

Conclusively, based on the revised reduced market value of collaterals, the economic capital requirement add-on for the impact on Physical Risk for the four-year period of the financial plan (2025 – 2028) was calculated to c. €3 million. The presence of insurance contracts as mitigant was considered in the calculation.

¹ Real-Estate-Sector-Risks-Briefing.pdf (unepfi.org)

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

Normative Perspective

For the normative perspective, three different potential scenarios were considered for each of the ICAAP horizon based on once-off event impact, for wildfires in 2025, floods in 2026 and landslides in 2027.

To estimate the impact of wildfire, the rural areas in the Limassol district were selected based on the latest destructive fires that have occurred in that area. To establish the potential scenario for floods, the areas identified as risky by the Ministry of Agriculture within the districts of Nicosia, Larnaca, and Limassol were considered. Given the lack of available historical data on the occurrence of landslides, BOC PCL has considered all collaterals rated as "Very High" on the mountainous areas of Cyprus and additional collaterals that met the same criteria from the Limassol district.

To calculate the impact of climate-related physical risks, the market value of the selected collaterals was reduced by a certain percentage (damage function provided by an external vendor) to simulate the respective physical risk destruction caused under the Hot House World scenario.

Based on the revised reduced market value of the selected collaterals and the presence of insurance contracts as mitigant for both wildfire and flood, the impact was calculated at c.€0.4 million.

Physical Risks on Non-Financial Corporations (NFCs)

BOC PCL has estimated the impact of physical risks on NFCs credit risk profiles. This project involved geolocating companies and their units to map and measure physical risks such as floods, heatwaves, and other hazards. The mapping process assigns risk levels to different locations based on the likelihood and severity of these hazards, and the potential financial impacts on companies are assessed by focusing on key financial metrics like revenue and operating costs.

The final output of this process shows the potential financial losses for each company due to various hazards, helping to understand the vulnerability of NFCs to these risks. This information will be considered by BOC PCL and will enable to adjust risk drivers in the rating model and calculate climate-adjusted ratings under different climate scenarios and time horizons.

k. ILAAP Updates

BOC PCL considered the C&E risks in relation to liquidity risks financial through its liquidity Stress scenarios. The impact of C&E risks considered relate to transition risk and the climate physical risk of Wildfires.

It is assessed that the main risk arises from the possibility of increased deposit withdrawals by customers. Climate-related, acute, physical risk of Wildfires also impacts the valuation of the Cyprus Government bonds held in the liquidity buffer of the Bank.

With regards to deposit outflows, stress testing analysis was used to assesses the impact effects on BOC PCL's liquidity, by focusing on the sectors expected to be impacted by transition risks. Higher outflows are assumed for the deposits of economic sectors which are expected to be more vulnerable to C&E risks and more specifically to transition risk.

In relation to the physical risk of Wildfires, upon realization of a severe hazard event, the liquidity position of the Bank might undergo stress since depositors might simultaneously withdraw deposits to address increased costs. Higher deposit withdrawals are assumed for deposits which have been assessed with high risk of wildfire. However, it is highlighted that outflows due to C&E risks are significantly less than those caused due a loss of depositor confidence under the liquidity stress scenarios.

16.1.3.3 Processes to identify, measure and monitor activities and exposures (continued)

Losses in the market value of Cyprus Government bonds, which constitute 20% of the marketable securities and 6% of the total internal liquidity buffer, are anticipated due to extreme wildfires. As per stress scenarios assumptions, investors' confidence in the country's ability to meet its obligations deteriorates, negatively impacting the price of Cyprus government securities. This is attributed to unexpected increased government spending on relief efforts, support for the health system, and aid for severely impacted local sectors.

The BOC PCL maintains sufficient buffers to cover the potential negative impact of C&E risks under stress conditions.

l. Risk Control, Monitoring and Reporting

BOC PCL has taken actions in relation to collecting C&E risk data for internal C&E risk monitoring and reporting purposes, across risk types as per the established ESG data working group.

16.1.3.4 Mitigation measures

Changing regulatory and legal requirements, increased stakeholder concern, shifts in consumer preferences, and the mandates on and regulation of existing products and services are just a few ways that BOC PCL can be exposed to climate risk. The RIMA process is fundamentally based on an inherent risk basis and the RIMA outcome as described in Section 16.1.3.6 are used to inform key stakeholders. These results guide decisionmaking and key processes at BOC PCL, promoting awareness of C&E risks. Management prioritizes measures to efficiently handle significant C&E risks, aiming to minimize their impact on BOC PCL's business model and operations.

Measures involve all management levels and are implemented across the three Lines of Defence. They address both downside risks (to minimize the impact of significant risk sources) and opportunities (to promote sustainability objectives and maximize positive impacts that offset adverse C&E risks). Specifically, the outcomes and conclusions of the C&E RIMA provide insights on:

The existing risk types significantly affected by C&E risk drivers.
The main regions/geographies most relevant to the BOC PCL's overall C&E risk profile.
How C&E risk factors may impact key portfolios/business lines critical to the business model.
The main economic activities (sectors) likely more vulnerable to C&E risk factors, both currently and in the future.
The time horizons for potential risk impacts and the estimated impact size, considering BOC PCL's size and operations.
The assumptions and conditions under which various C&E risk implications may be enhanced or mitigated.

In addition, BOC PCL has implemented several mitigation measures as follows:

Establishment of both physical and transition risks KPIs to comprehensively cover all material portfolios of BOC PCL; namely, Mortgages/Retail/Corporate and SME Division.
Monitoring of the business, regulatory, and financial environment in relation to developments linked to C&E risk transmission channels is essential for promptly identifying necessary strategy changes and/or improvements.
Internal control, monitoring and reporting from the Risk Management perspective, employing financial and non-financial KRIs and risk analytics, addressing holistically the C&E risks across primary risk types.
Establishment of the E&S policy to manage environmental impacts of new lending.
ESG Questionnaires aiming to identify C&E risks of counterparties and set mitigation action for risk reduction.
Continuous enhancement of Credit granting processes in relation to C&E set of assessment criteria.
Introduction of pricing arrangements, supporting the C&E objectives' achievement.
Integration of transition risks in scenario analysis with regards to the repayment ability based on climate scenarios.

Pillar 3 Disclosures 2024

16.1.3.4 Mitigation Measures (continued)

Inclusion of C&E elements in the collateral policies and relevant valuation processes; specific provisions relating to energy efficiency and insurance policies, grounded on the indications of the C&E RIMA on the secured portfolios (both in terms of transition and physical risk components).
Presence of lending restrictions to carbon intensive sectors through both BOC PCL's Concentration and E&S policy.
Setting of decarbonization targets in Mortgage asset class and other carbon concentrated sectors, where these targets will be incorporated into the Group's strategy and Financial Plan to reach Net-Zero by 2050.
Regular monitoring of the new legal actions faced by BOC PCL to establish if any C&E related actions have materialised performed by the Legal Department.
A Corporate Bond Investment Framework is in place and describes the approach followed for the risk assessment and exclusion of corporate bond investments in case of non-permissible industries.
Development of a classification methodology to identify and monitor which positions of Corporate and Sovereign bonds are the most exposed to C&E risks based on transition risk.
Ongoing monitoring of C&E risks arising from regulatory developments, macroeconomic trends, technological advances and geopolitical updates across short-, medium- and long-term time horizons though the BES process.
Introduction of a Green Lending Policy that provides a framework for creating green loans and supporting environmentally sustainable projects.
Identification of the main material physical risks events affecting each branch, own building as well as each building that it operated but is not owned by BOC PCL and has assigned the physical risks of the branches/owned buildings/ supplier's buildings, to the existing risk classification system.
Business continuity plan in place captures the risks through the relevant business continuity procedures/manuals and branches relocation matrices that provide the required course of action in the case these events materialise.
Establishment of the Reputational Risk Policy provides guidelines on the identification, quantification and management of reputational risks that might arise from the business activities of the Group, including all ESG related risks that may have a material impact on its reputation.

16.1.3.5 Tools for identification, measurement and management of environmental risks

As already mentioned, MA, BES and UNEP FI's Impact Analysis Tool are used by BOC PCL to identify and manage any potential environmental risks associated with the operations and the portfolio of BOC PCL. Refer to Section 16.1.1.1 for more details on BES. Refer to Section 16.1.3.3 for more details on UNEP FI's impact analysis tools. The Bank is currently developing a stress test framework to incorporate identified climate risks as described in the above Climate Risk Sensitivity and Stress testing section.

16.1.3.6 Results and outcome of the risk tools implemented

BOC PCL considered the impact of climate-related, acute physical risks from its collateral portfolio in its 2024 ICAAP process as well as climate-related transition risks. In terms of the top-down sensitivity analysis carried out in relation to transition and physical risks. These analyses are detailed in section 16.1.3.3 above.

Materiality Assessment Results per Risk

The Group has taken several steps to ensure a concrete process by which C&E risks are fully considered and subsequently assessed in order to carry out a robust materiality assessment. When assessing the materiality of C&E risks, a proportionate approach was adopted, focusing only on the most negatively impactful risks. At the same time, it is noted that impacts were assessed on a gross/aggregated basis, by not considering any particular approaches to reduce potential risks.

Pillar 3 Disclosures 2024

16.1.3.6 Results and outcome of the risk tools implemented (continued)

BOC PCL has established respective definitions of C&E risks and the results of the materiality assessment exercise regarding the impacts derived from relevant risks have been included to BOC PCL's Risk Register and Risk Inventory.

Moreover, the identified material risks are in the process of being incorporated into all relevant processes of the Risk Management Division including the ICAAP and ILAAP scenario analysis, thus BOC PCL will recognise various mitigation measures to ensure that such risks are controlled to the extent possible.

Credit Risk

As part of the credit risk analysis, an assessment of secured (collateralized) and unsecured credit exposures has been performed utilizing quantitative and qualitative methods. The analysis indicated that climaterelated physical risks, acute hazards are material due to BOC PCL's significant exposure to high Wildfire risk. With respect to climate-related transition risks, the assessment highlighted the need for attention to risk categories, particularly concerning increased energy and raw material costs, as well as transition to loweremission technologies. Notwithstanding that most of the environmental risk categories have been assessed as not material, it should be noted that risks related to earthquakes and water scarcity have emerged as material over the long term. The overall score for environmental physical risks has been assessed as nonmaterial for the short term.

Market Risk

For each of the identified C&E risks, a tailored combination of quantitative and qualitative methods was applied. Based on this analysis, climate physical risks, acute hazards were identified as material due to the very high exposure of the REMU portfolio to Wildfire risk. Wildfire has a relatively high impact and occurrence probability and thus can cause significant direct damage or broad devaluation of REMU properties. Other acute and chronic physical risks pose a non-material level of concern for the REMU portfolio.

The Market Risk in connection with the CVaR of the HQLA portfolio has been assessed through a country heatmap of physical risk and was also identified as a non-material. Other than acute physical climate risks, the remaining C&E risk categories are found to be non-material as well.

Nevertheless, attention should be paid to the elevated Earthquake risk in Cyprus, which might also induce severe depreciation of the REMU portfolio upon realisation of a severe event. Due to the very low likelihood of severe earthquakes, the resulting materiality was however also assessed as non-material. Furthermore, all C&E risks within climate-related transition risks were also assessed non-material mainly because of the potential depreciation of aged REMU real estate assets which lag in terms of energy efficiency and other lowemission standards and certifications. Environmental transition risks are assessed as non-material, but they need to be closely monitored due to potential stricter requirements in terms of environmental standards in the real estate sector.

Liquidity Risk

As part of the liquidity analysis, for each of the identified C&E risks, the combined materiality of the deposits and the value of HQLA portfolio was assessed with a tailored combination of quantitative and qualitative methods. The outcome of the assessment indicated that there are no material C&E risks identified with respect to Liquidity Risk. However, within climate-related physical risks, the acute risk driver Wildfire has been identified as the dominant cause of liquidity issues due to possible simultaneous deposit withdrawals upon a widespread wildfire damage in Cyprus. Similar considerations are held for the environmental acute risk Earthquake, whose likelihood is however extremely improbable for high magnitude events. Chronic physical risks are not relevant for liquidity considerations due to their progressive and long-term character. In terms of transition risks, increased deposit withdrawals might be triggered in the event of very high and volatile costs of energy and raw materials, an aspect which is particularly sensitive for Cyprus because of its high import dependency.

16.1.3.6 Results and outcome of the risk tools implemented (continued)

Operational Risk

For each of the identified C&E risks, the materiality in connection with the operations of its owned and rented properties and third-party providers was assessed. Based on quantitative geolocation analysis and country physical and climate heatmap exercising, both physical and transitional risks have been assessed accordingly. Although the overall results indicate that C&E risks are non-material for BOC PCL, the need for close monitoring is required to ensure ongoing operational resilience.

Reputational Risk

Reputational Risk may be affected by C&E risks directly or through the realisation of other principal risks, and Strategic, Operational and Legal Risks. BOC PCL's reputation has been assessed in terms of its business operations and other key risk areas that could potentially impact BOC PCL's reputation. Overall, all C&E risks regarding physical and transition risks for Reputational risk have been assessed as non-material. This is the case as BOC PCL has a good prevention and recovery plan in place to minimize risks from acute environmental hazards such as earthquakes. Additionally, BOC PCL's limited exposure in heavy manufacturing sectors reduces its exposure to transition risks. This strategic position aligns BOC PCL with evolving environmental standards and stakeholder expectations, thereby safeguarding its reputation.

Legal and Strategic Risk

The analysis of C&E risks as drivers of Legal and Strategic risk has been performed using qualitative analysis and expert judgment across all C&E risk types. The analysis regarding Legal Risk has been conducted based on various factors including, the regulatory requirements in Cyprus, shifts in consumer behaviour and any technological advancements. The assessment also included considerations of compliance, customer due diligence, and litigation risk. In terms of Strategic Risk, BOC PCL considers its exposure concentration, vulnerabilities and stakeholder engagement to proactively manage and mitigate potential risks to its strategic objectives.

The overarching conclusion indicates that the Legal Risk for BOC PCL is generally low across different C&E risk categories, however, climate-related transition risks are the higher risk from a reputational and legal perspective. It should be noted that BOC PCL has implemented measures such as continuous monitoring, preventive plans, and compliance checks to address potential legal implications arising from C&E factors. Ongoing efforts are directed at minimizing risks and ensuring compliance with evolving standards and regulations. Therefore, BOC PCL does not foresee worsening of the impact of C&E risk drivers over the time and it is expected that this impact will remain Low.

With regards to the Strategic risk, BOC PCL acknowledges that its concentration in Cyprus, with significant exposure to Real Estate, Construction, and Accommodation sectors, makes it vulnerable to the impact of climate-related physical risks, acute risks and primarily wildfire. In addition, most of the collaterals are real estate assets. As such, the impact of physical risks could affect BOC PCL and its customers going forward in terms of the value of these assets, insurance costs, and any associated cost to restore resulting damages from acute physical climate-related hazards. The primary concerns are the potential effects on the value of real estate assets and associated costs for restoring damages. It is expected that the impact of climaterelated physical risk drivers will remain material in the future as well.

In conclusion, BOC PCL is proactively addressing C&E risk drivers, recognizing their potential impact on strategic risk. BOC PCL is implementing measures, engaging with stakeholders, and adapting its strategies to navigate the evolving landscape of climate and environmental challenges. Ongoing monitoring, customer engagement, and strategic adjustments are integral to BOC PCL's approach in managing these risks effectively.

Risk Quantification Results

Results on risk quantification for both physical and transition risks are stated in Section 16.1.3.3 (point i).

Pillar 3 Disclosures 2024

16.1.3.6 Results and outcome of the risk tools implemented (continued)

The table 2 below shows the aggregated results of the MA, across the assessed time horizons, with regards to the C&E risks, along with the approach that was used to assess each type of principal risk.

C&E Risks		Risk			Materiality Result
				Time Horizons
			Approach	Short-term	Medium term	Long-term
				(1 year)	(2-6 years)	(>6 years)
		Credit Risk	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Material	Material	Material
		Market Risk	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Material	Material	Material
		Liquidity Risk	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Non material	Non material	Non-material
	Physical Risk	Operational Risk	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Non material	Non material	Non-material
		Reputational Risk	Qualitative Analysis (Expert Judgment)	Non material	Non material	Non-material
		Legal Risk	Qualitative Analysis (Expert Judgment)	Non material	Non material	Non-material
Climate		Strategic Risk	Qualitative Analysis (Expert Judgment)	Material	Material	Material
related Risk	Transitional Risk	Credit Risk	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Non material	Non material	Non-material
		Market Risk	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Non material	Non material	Non-material
		Liquidity Risk	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Non material	Non material	Non-material
		Operational Risk	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Non material	Non material	Non-material
		Reputational Risk	Qualitative Analysis (Expert Judgment)	Non material	Non material	Non-material
		Legal Risk	Qualitative Analysis (Expert Judgment)	Non material	Non material	Non-material
		Strategic Risk	Qualitative Analysis (Expert Judgment)	Non material	Non material	Non-material

Table 2: Overview of the aggregated results of the C&E risk MA

16.1.3.6 Results and outcome of the risk tools implemented (continued)

C&E Risks				Materiality Result
		Risk	Approach	Time Horizons
				Short-term	Medium-term	Long-term
				(1year)	(2-6 years)	(>6 years)
	Physical Risk	Credit	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Non-material	Non-material	Material
		Market	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Non-material	Non-material	Non-material
		Liquidity	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Non-material	Non-material	Non-material
		Operational	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Non-material	Non-material	Non-material
		Reputational	Qualitative Analysis (Expert Judgment)	Non-material	Non-material	Non-material
Environmen		Legal	Qualitative Analysis (Expert Judgment)	Non-material	Non-material	Non-material
tal-related		Strategic	Qualitative Analysis (Expert Judgment)	Non-material	Non-material	Non-material
Risk	Transitio n Risk	Credit	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Non-material	Non-material	Non-material
		Market	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Non-material	Non-material	Non-material
		Liquidity	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Non-material	Non-material	Non-material
			Operational	Quantitative Assessment (Geographical/ Industry Heatmapping)/ Qualitative Analysis (Expert Judgment)	Non-material	Non-material	Non-material
		Reputational	Qualitative Analysis (Expert Judgment)	Non-material	Non-material	Non-material
		Legal	Qualitative Analysis (Expert Judgment)	Non-material	Non-material	Non-material
		Strategic	Qualitative Analysis (Expert Judgment)	Non-material	Non-material	Non-material

Table 2: Overview of the aggregated results of the C&E risk MA (continued)

Pillar 3 Disclosures 2024

16.1.3.7 Data availability, quality and accuracy, and efforts to improve aspects

The Group determined to approach holistically the ESG and Climate Data, by developing an ESG and Climate Data Gap & Strategy. Specifically, the Group:

i. Established an ESG Data Working Group.
ii. Set up weekly catch-up calls for the ESG Data Working Group.
iii. Identified Data Gaps under various workstreams (Disclosures, Risk Management, Group's Commitments, Business Strategy).
iv. Determined the strategy to close the Gaps.
v. Set indicative deadlines to close the gaps.
vi. Discussed with several third-party software providers on ESG and Climate Risk Management platform and Disclosure platform.
vii. Determined the follow up actions on the ESG and Climate Data Gap & Strategy.

The Group acknowledges that the ESG and Climate spectrum is extremely fast pacing, therefore the ESG and Climate Data Gap & Strategy is an ongoing process and further actions are expected to be performed in the future to further enhance the existing ESG and Climate Data Gap & Strategy. The ESG Data Gaps have been identified by focusing to the main ESG risks' workstreams run by the Group as well as strategic priorities:

i. Corporate Sustainability Reporting Directive (Annual report) Disclosures
ii. Pillar 3 Disclosures on ESG risks (Semi-annually) Disclosures
iii. Sustainability Performance Report (Monitoring Key Performance Indicators) Business Objectives
iv. Climate Risk Report (Internal risk reporting) Risk Management Needs
v. ESG Questionnaires for Due Diligence purposes Risk Management Needs
vi. Physical Risks & Transition Risks assessment, quantification and management Risk Management Needs
vii. Sustainable Finance Framework Business Objectives
viii. Net Zero by 2050 Group's Commitments
ix. Financed Scope 3 GHG emissions estimation of loan and investment portfolio Disclosures/ Risk Management Needs/Business Objectives

ESG Data Sources to close the ESG Data Gaps:

i. ESG questionnaires (Utilised for customer's Due Diligence)
ii. Customer's disclosures
iii. Third party provider (Acquisition of certain databases)
iv. Public open sources (Online databases)
v. Cyprus Government databases

16.1.3.7 Data availability, quality and accuracy, and efforts to improve aspects (continued)

Financed Scope 3 GHG Emission on Mortgages & Commercial Real Estate
			Data Strategy -	Data Strategy -
Field Name	Level of Data	Source Document	New lending	Existing Lending
Property value at origination		Sales Agreement		Use Collaterals
GHG Emissions per m2		EPC		Access to EPC database of the Government
EPC rate		EPC		Access to EPC database of the Government
Floor Area (square meters)	Financed Property	Building permit	Loan origination	Use Collaterals
Under construction / Built		Building permit	process	Use Collaterals
Year of Construction		Sales Agreement		Use Collaterals
Property type		Building permit/Sales Agreement		Use Collaterals
# of Properties per account number	Account	Sales Agreement		Use Collaterals
		Financed Scope 3 GHG Emission on Business Loans
Total Debt		Financial Statements	Annual revision	Annual revision
Total Equity		Financial Statements	Annual revision	Annual revision
Total Assets		Financial Statements	Annual revision	Annual revision
Scope 1 GHG Emissions	Account level	ESG Questionnaires	Loan Origination	Annual Questionnaire run
Scope 2 GHG Emissions		ESG Questionnaires	Loan Origination	Annual Questionnaire run
Scope 3 GHG Emissions		ESG Questionnaires	Loan Origination	Annual Questionnaire run
		Collaterals
Field Name	Level of Data	Source Document	Data Strategy - New lending	Data Strategy - Existing Lending
Physical Risk - Acute Physical Risk - Chronic Physical Hazard - Wildfire Physical Hazard - Landslide Physical Hazard - Sea Level Rise Physical Hazard - Flood Physical Hazard - Wind Gust Physical Hazard Score Climate Scenarios Climate Scenarios Time Horizon	Collateral	Acquired from Vendor	Loan origination through an interactive tool	Existing property collaterals were mapped to physical risks manually. The data should be updated to collateral tables when the fields are ready
Property Use		Sales agreement/Valuation Report	Loan origination	Annual valuation of collaterals

Refer to the following table for a summary of the ESG and Climate Data Gap & Strategy.

16.1.3.8 Description of limits to environmental risks

The Group has introduced lending restrictions on carbon intensive sectors. A limited amount of new lending for carbon intensive NACE sectors subject to a total (cumulative) exposure of €100 million as per the provisions of the policy, unless for green or transition purposes, will be allowed subject to approval by the RC or BOC the Group's highest credit committee.

The restricted sectors relate to certain activities within:

i. Coal Mining
ii. Oil
iii. Gas
iv. Cement
v. Iron & Steel & Aluminium
vi. Power Generation (excluding renewables)

As also indicated the Group earmarked exposures identified as vulnerable to transition risk as appropriate to receive transition finance. Furthermore, the Group does have in place certain restrictions in lending as provided by the Environmental and Social Policy which is described below.

Environmental and Social Policy

The Group's E&S Policy aims to address E&S responsibilities by establishing an E&S management framework, fostering a culture of E&S responsibility, managing E&S risks in lending activities, training staff for policy implementation, and supporting customers address E&S matters. The policy guides departments involved in credit granting process and applies to granting new facilities to physical persons or legal entities secured by mortgage on immovable property and granting of new funded facilities to legal entities (excluding credit cards). The Policy does not apply to activities outside of Cyprus nor to restructuring cases unless new facilities are also requested with the restructuring.

Lending applications associated with activities included in the policy's Exclusion Sectors / Prohibited Activities (i.e. Thermal coal mining, upstream oil exploration etc.) are rejected and reported to RMD. For activities that are classified as low risk by EBRD's E&S Risk Categorization assessment a written customer confirmation for proper business conduct, relevant licenses and work permits must be obtained. For activities that are classified as Medium / High risk by EBRD's E&S Risk Categorization assessment a written customer confirmation for proper business conduct, relevant licenses and work permits must be obtained and an E&S study by external expert should be performed. In addition, other E&S checks should be performed, such as investigations into penalties, public complaints, adverse media reports, accidents / incidents, regulatory investigations and legal actions as well as site visits. The findings of the above actions must be stated in the credit application together with any corrective measures for the mitigation of the E&S risk.

The approving authority decides whether the E&S risk is acceptable and set specific terms and covenants to control any E&S risks as well as decides the frequency of future E&S studies (at least every 3 years for High-Risk E&S ratings).

E&S risks associated with a facility are monitored throughout its lifetime:

As part of the normal monitoring of the facility (i.e. customer's credit review)
When certain events qualify for re-evaluation of the E&S risks, such as change in business activity, expiry of operating permits, regulatory investigations, company investments / improvements, public complaints or adverse media reports, changes to environmental legislation, accidents / incidents and legal actions.

The Board bears the ultimate responsibility for the effective implementation of the Policy and for setting the right tone from the top. Credit Risk Control & Monitoring (CRC&M) reviews the Policy for proper governance and is responsible to examine adherence to policy and report divergence to guidelines, as part of on-going monitoring, through the review of credit applications on a sample basis, at regular intervals, as described in the Credit Monitoring Policy and CRC&M operations manual. Monitoring compliance with this Policy, on a regular basis, is a key factor in minimizing E&S risks.

Pillar 3 Disclosures 2024

16.1.3.8 Description of limits to environmental risks (continued)

This is achieved through quality checks from CRC&M, which indicate the level of adherence to the Policy in order to take corrective action. Findings are communicated to Chief Risk Officer (CRO), and recommendations are made for enhancing compliance. RMD performs periodic (at least on an annual basis) monitoring on the E&S management procedures, to inform management and other stakeholders if policies and procedures have been implemented and are functioning as expected or if improvements or revisions are required. An annual report is submitted by CRM to the EBRD, covering the previous financial year and confirming that BOCH is in full compliance with EBRD's E&S requirements. The Board approves the Policy, RC reviews and recommends the Policy prior to the submission to the Board for approval, making sure, that sufficient, dependable, and secure internal procedures are in place to ensure that the Group complies with the Policy and monitoring the effective implementation of the Policy via the Control Functions. The policy is available for all employees through internal portal.

Details on the E&S Policy are provided directly to customers through Business lines as part of the loan origination process.

The above-mentioned actions are not associated with any capital or operating expenditure as are allocated on existing resources of the Group including Consumer Banking Division, Corporate & SME Division, International Banking Division, Credit Risk Control & Monitoring, Corporate & SME Credit Risk and Credit Sanctioning.

Concentration Risk Policy

The Concentration Risk Policy captures any single exposure or group of exposures with the potential to produce losses large enough, to threaten the financial institution's health, reputation, or ability to maintain its core operations. This Policy is aligned with the RAF and applies at Group level by defining limits and the methodology for limit setting for exposures in specific assets, liabilities and off-balance sheet items to ensure that the concentration risk is within the Group's Risk Appetite.

Consequently, the Group has introduced lending and corporate bond restrictions on carbon intensive sectors as mentioned above.

Risk Appetite Framework (RAF)

The Group maintains a RAF which sets out the level of risk that the Group is willing to take in pursuit of its strategic objectives, outlying the key principles and rules that govern the risk appetite setting. It includes qualitative statements as well as quantitative measures expressed relative to Financial and Non-Financial risks. Within this context, the Group has incorporated in the RAF the below KRIs as already mentioned in Section 16.1.1.2:

i. PEAR Physical risks on immovable properties and;
ii. PEAR Transition risks of NFCs

16.2 Social Risk

16.2.1 Business strategy and processes

16.2.1.1 Business strategy to integrate social factors and risks

1. Health & Safety

The Group, following the Double Materiality Assessment conducted in accordance with European Sustainability Reporting Standards, is exposed to Health & Safety risks associated with its own workforce and customers and end users. To mitigate the above-mentioned risks, the Group is implementing the following policies and actions:

Health & Safety (H&S) Policy

The Group's H&S policy supports a safe and healthy environment for its employees, customers, visitors, suppliers, external associates and other third parties. The policy emphasises risk prevention, legal compliance, and continuous improvement. It includes regular risk assessments, workplace inspections, corrective actions, and oversight by Safety Committees.

The policy was updated in 2023 and is readily available through Internal Employee Portal. The policy was reviewed in 2024 and no changes were deemed necessary. The Organisational Procedure on H&S and the H&S internal manual, outlines the responsibilities of line management, employees, and departments. These resources foster collaboration and accountability in maintaining safety standards.

Executive Management has the ultimate responsibility to ensure compliance with the H&S regulatory framework, its relevant provisions and adherence to H&S policy.

Health and Safety Management System (HSMS)

At the cornerstone of the Group's approach is its HSMS, which complies with the Safety and Health at Work Laws of 1996 to 2020 in Cyprus. This system defines clear roles and responsibilities for management, employees, and technical teams to identify and address hazards across all operations. It incorporates tailored measures for each facility, including emergency response plans, risk assessments, training protocols, and detailed record-keeping.

In 2023, the HSMS underwent an external audit by a H&S Consultant (approved by the Department of Labour Inspection – member in EXYPP registry). The findings identified, were assessed and an action plan was prepared to address them. External audit confirmed the system's compliance and effectiveness. Senior Management ensure consistent application of HSMS protocols, promoting accountability and standardisation across all offices. The system applies to all employees and extends to outsourced workers and associates whose work is under the Group's control.

Employees under HSMS	Unit	2023	2024
Percentage of people in its own workforce who are covered by the undertaking's health and safety management system based on legal	#	2,673	2,726
requirements and/or recognised standards or guidelines	%	94.45%	94.65%

Notes:

i. The percentage of own workforce who are covered by the Group's HSMS is calculated on a head count basis at the end of the reporting date.
ii. Employees of JCC Payment Systems Ltd, Unoplan and representatives' offices abroad are not covered by the Group's HSMS.
iii. The above-mentioned metric has not been validated by an external body.

16.2.1.1. Business strategy to integrate social factors and risks (continued)

H&S Committees

The Group promotes H&S at work and takes measures to prevent any occupation hazards and inform and share knowledge to its workforce on H&S issues. The Group has approximately 51 H&S Committees that meet every six months and, on an ad-hoc basis when requested by a member or in response to an incident. The Group's employees are represented in committees by staff from all the units of the buildings. As per the regulatory framework, a committee must exist at all premises with more than 10 employees and its composition depends on the number of employees stationed at the premises. The presidents of H&S Committees are the manager of the branch or the Technical Project Coordinator of the building. Buildings with less employees have a responsible person for the H&S issues which is the manager. The Committees are responsible to identify workplace hazards, prevent / assess risks of accidents and resolve issues at the premises in cooperation with other departments (e.g. Technical Services).

Incident Investigation

Employees play an active role in the HSMS by identifying hazards in their work environment. They are trained to report these hazards via the Group's dedicated application, or directly to the Safety Committee of their respective building or H&S Officer. This ensures timely response and resolution of any identified issues.

The investigation of H&S incidents and work-related accidents are managed by the H&S Officer in collaboration with the Manager of the respective branch or unit. The procedure includes:

A detailed analysis of the cause;
A description of the incident provided by the affected employee and witnesses;
A site inspection; and
The implementation of corrective actions to minimise future risks.

Any investigation of an incident/accident is documented in the relevant form, by the H&S officer and delivered to the Manager of the Branch or Unit, Head of Claims of General Insurance and Human resources. The H&S officer, within 15 working days from the accident, reports through dedicated forms the Department of Labour Inspection of Cyprus Government.

Following the incident investigation, a form detailing corrective measures and actions is delivered by the H&S officer to the Manager of Branch or Unit associated with the incident. The measures and actions are implemented by Technical Services Department of the Group. The Implementation of corrective measures is monitored by the Manager of the Branch or Unit associated with the incident and the Chairman of H&S Committee. Written confirmation of the completion of these actions is provided to all involved parties.

Emergency Response and Preparedness

The Group premises have emergency evacuation plans. Annual evacuation drills are conducted across branches and buildings, under the supervision of the Corporate Security Manager for all employees. These drills involve fire prevention and evacuation training for assigned employees, with outcomes reviewed to implement any necessary improvements.

The H&S Officer, as mandated by law, oversees the coordination and effectiveness of these procedures within the broader HSMS. This ensures that emergency response measures are both comprehensive and compliant with legal and operational standards, supporting the Group's commitment to a safe and secure working environment.

16.2.1.1. Business strategy to integrate social factors and risks (continued)

H&S Inspections

Inspections are conducted across the Group's branches and buildings to identify and mitigate H&S risks to maintain a healthy environment for own workforce and any other party.

Inspections are conducted by:

An H&S officer on an annual basis (random inspection and ad-hoc following incidents or complaints);
An H&S representative of the property every three months;
The Chairman of H&S Committee on a six-month basis.

Inspections are conducted to:

Identify issues and weaknesses that should be remediated;
Assess issues and weaknesses identified;
Document an action plan to remediate the issues and weaknesses identified.

The Technical Services department or any other relevant department should be informed about the action plan and the relevant timelines for implementation. The measures to remediate the issues and weaknesses identified are monitored by the H&S Officers and Chairman of the H&S Committee. When the measures are implemented the H&S Officer and Chairman of the H&S Committee are properly informed and subsequently re-assess whether the remedial actions implemented have resolved the issues and weaknesses identified.

H&S risk assessment studies

Additionally, the Group conducts H&S risk assessments in partnership with external H&S consultants (EXYPP). These assessments, performed every two years, prioritise high and medium risks through detailed action plans. Hazards such as slips and falls are addressed proactively by measures like floor inspections, placement of anti-slip tapes, and safety signage.

Work-related injuries

The work-related injuries reported by the Group relate to slip and fall type injuries, none of which resulted in high-consequence injuries. A procedure has been implemented by the Group in order to provide an analysis of the cause, description of the incident by the affected employee and the people involved, along with the site inspection and decisions taken to minimise the identified incident. Such incidents are addressed on a case-by-case basis, and the actions taken by the Group include floor inspection, placement of anti-slip tapes and safety signs wherever considered necessary. The chart below illustrates Group's employees only, as no work-related injuries occurred for workers who are not employees but whose work is controlled by the Group.

16.2.1.1. Business strategy to integrate social factors and risks (continued)

Notes:

i. The rate of recordable work-related injuries has been calculated as follows:
(Total number of recordable work-related injuries) / (Total number of hours worked) x 1,000,000.
ii. The number of hours worked was compiled using estimation. The total number of hours (2024: 4,646,016 2023: 4,670,066) is estimated based on total number of employees at each year end multiplied by 52 weeks/year multiplied by 5 working days/week and excludes average leave days per employee and public holidays.
iii. Recordable work-related injuries exclude JCC Payment Systems Ltd, Unoplan and representative offices abroad as those establishments are not covered by BOCH's Health and Safety Management System.
iv. The above-mentioned metrics have not been validated by an external body.

Physical and Environmental Security Policy

This policy applies to all property, facilities, assets, and equipment, whether owned or leased by the Group, including but not limited to all premises and buildings of the Group. In addition, this policy applies to all individuals working at all levels and grades. The Group regularly reviews and updates its strategic plans and compliance with health and safety and physical security policies. Performance metrics and compliance audits ensure risks are effectively mitigated. The policy ensures effective implementation of security controls, access controls, physical monitoring controls, equipment security and measures against physical and environmental threats. The material risks primarily affect customers who visit the Group's branches or premises. By mitigating these risks, the Group ensures a safe and secure environment for these interactions, reducing potential harm to consumers and end-users. Through these proactive measures, the Group demonstrates its commitment to minimising material risks and safeguarding its operations, customers, and stakeholders.

Privacy

The Group maintains a Personal Data Protection Compliance Policy, to align with relevant regulations, including the EU General Data Protection Regulation (GDPR) and national laws such as the Protection of Natural Persons regarding the Processing of Personal Data Law 125(1)/2018 and section 106 of the 'Regulation of Electronic Communications and Postal Services Law 112(I)/2014', as well as the relevant guidelines issued by the CPDP from time to time. This policy outlines the Group's commitment in protecting the personal data of customers, employees, suppliers, and business partners, ensuring that data collection, use, and retention are lawful, transparent, and aligned with GDPR principles. Protecting the security and privacy of personal data is important to the Group, in order to conduct its business activities in the context of the envisaged privacy culture. The Board and Senior Management are responsible to oversee the Group`s compliance with this policy.

16.2.1.1. Business strategy to integrate social factors and risks (continued)

Additionally, they have the ultimate responsibility for the implementation and adherence to this policy throughout the Group, and the imposition of any remedial action. BOCH and its subsidiaries must, as a minimum meet the requirements of this policy. The policy is applicable for all subsidiaries of the Group as they are considered separate data controllers. The management of each subsidiary is ultimately responsible for the implementation of this policy and to ensure, at entity level, that there are adequate and effective procedures in place for its implementation and ongoing monitoring to its adherence. The policy is readily available to all employees through internal portal and to any affected stakeholder through Group's website.

The Group complies with GDPR requirements, ensuring transparency and accountability in employee data processing activities. The Employee Privacy Notice, which was last updated in March 2024, outlines how employee data is collected, processed, and protected. This notice is readily accessible on the Group's internal portal, ensuring employees are informed of their data privacy rights at all times.

The Group collects and processes personal data strictly as necessary for its business activities, in accordance with legal obligations, contractual requirements, legitimate interests, or with employee consent. Data collection is limited to relevant and essential information, with retention periods aligned to guidelines provided by the Local CPDP. To ensure lawful processing, employees are informed of their right to withdraw consent at any time, and specific consent is appropriately secured and documented when required.

Employees can raise concerns about how employee data are collected, processed or protected by emailing a dedicated Human Resources address for GDPR matters or contacting the CPDP, as described in the Employee privacy notice. In the event of suspected or actual data breaches, employees are required to report such incidents to the Data Protection Officer (DPO), within a maximum timeframe of 24 hours. The reporting can be done through designated communication channels, including email or phone and after completing a form (form for reporting a possible personal data breach).

In case where the data breach incident affects a large volume (combination between data subjects affected and systems affected or could be affected) of customers/employees, the Information Security Department is notified, and the Security Incident Response Plan procedures are initiated. The Group has established an incident response plan that includes containment, investigation and notification procedures in the event of data breach. The plan is annually tested and updated to ensure effectiveness and compliance with applicable laws and regulations. To facilitate effective reporting of data breaches, the Group has established a guidance that serves as a reference for all employees and is embedded in the Employee Portal. This guidance outlines the criteria and procedures for identifying and reporting reportable data breaches, empowering employees to promptly and accurately report any incidents.

The Group has faced privacy-related challenges, including a data breach in 2023 due to human error, where inaccurate addresses were used to mail loan sale notification letters. The breach was identified through internal reporting mechanisms and assessed by the DPO within 72 hours, as required by GDPR. Remedial actions were immediately implemented, including strengthening internal controls, while the breach was reported to the CPDP, resulting in a fine of €8,000. The Group did not have any fine relating to breach of the Regulation 2016/679 in 2024.

In addition, the Group employs Data Protection Impact Assessments (DPIAs) at all stages of data processing and follows a data minimisation strategy. DPIAs support the identification of potential data privacy risks and comply with data protection obligations and meet individuals' expectations on privacy. The DPIA is initiated whenever a new process/ product or system that involves personal data is implemented and it shall be revisited/updated when there is a change in the risk profile of the process (e.g. new vendor, change of the procedure etc.). All procedures relating to DPIA are analysed in the relevant circular which is readily available in the Internal Employee Portal.

Pillar 3 Disclosures 2024

16.2.1.1. Business strategy to integrate social factors and risks (continued)

Internal circulars and manuals are annually reviewed and updated to ensure adherence from own workforce. The Group's DPO oversees GDPR compliance, provides guidance on data protection policies, and ensures effective handling of data breaches and privacy complaints as part of the complaints handling procedure. The DPO advises the Group on GDPR obligations, monitors compliance, oversees DPIAs, consults on highrisk processing, and liaises with supervisory authorities. The DPO also ensures the resolution of data breaches and privacy complaints, coordinating with other Group DPOs to address compliance issues. The Chief Information Officer (CIO) works closely with the DPO to address and mitigate data security incidents. This collaborative approach reflects the Group's commitment to maintaining a high standard of data privacy and security, protecting employees' personal data, and adhering to all regulatory requirements.

The Group tracks the effectiveness of its privacy actions through quarterly monitoring report submitted by the DPO to the Board through AC. Metrics such as the number of reported incidents, participation rates in training programs, and vendor compliance evaluations enhance processes. The incident response plan undergoes annual testing to ensure readiness, while privacy statements and data-handling procedures are reviewed annually to maintain compliance with the regulations.

Internal Audit includes Personal Data Protection Compliance Policy as part of its Risk & Audit Universe and assesses the need for audit engagements during the annual audit planning process.

The Group invests in privacy management through cybersecurity tools, dedicated DPOs for each legal entity handling personal data, and cross-departmental collaboration across Legal, IT, HR, Internal Audit, Compliance, Procurement, Vendor Management and Risk Management. This approach aims to mitigate risks, enhance privacy practices, and maintain stakeholder trust.

Information Technology and Security

The Group's Information Security Policy further outlines a structured management approach, to address information and cybersecurity risks and events associated with the Group's technology systems and information assets.

The purpose of the Policy is to provide an unambiguous set of standards, guidelines, controls, measures and requirements designed to achieve a desired level of information security across all business and technical layers of the Group. In essence, it governs the direction of all activities in the areas of information security and acts as an umbrella document to all other Group Security Policies and associated standards, aiming to contribute to a safe and responsible Information Security Management System (ISMS) within the Group, while supporting the overall business objectives and goals. The scope of this policy includes all subsidiaries of the Group and all individuals working at all levels and grades.

The functional scope of the policy includes all assets (in the broadest sense, e.g. systems, platforms, networks, applications, documents, devices, etc.) that are used to store, process and transport Group's information and the information belonging to the customers, as well as facilities, equipment, resources, people and property.

This Policy is approved by the Group Board Risk Committee (RC) and reviewed on an annual basis, adhering to internal guidelines for continued pertinence of the business documentation, to reflect in the policies and procedures the latest regulatory requirements and any changed business processes and circumstances.

The Group has adopted an Information Security Management System (ISMS), in line with acknowledged international standards (ISO/IEC 27001, NIST, CSA), as a basis for the structuring and maintaining of a system of measures to safeguard confidentiality, integrity and availability of its information assets and information systems. The ISMS provides a set of policies, frameworks, standards, guidelines, controls, measures and requirements designed to achieve a desired level of information security across all business and technical layers of the Group.

Pillar 3 Disclosures 2024

16.2.1.1. Business strategy to integrate social factors and risks (continued)

The Group is committed in protecting the security of its business information. For the purposes of meeting that business objective the Group established the Information Security Division with the IT related personnel and implemented, maintained an ISMS based on internationally acknowledged standards. Information Security team is constantly monitoring cyber security threats (either internal or external, malicious or accidental) and invests in cyber security measures and controls to protect, prevent, and respond against such threats to Group systems and information. The ISMS ensures the protection of information assets through key security controls:

Risk Management: Identifies, assesses, and mitigates security risks.
Information Protection: Implements measures to classify, handle, and secure data.
Supplier Security: Ensures third-party security compliance.
Human Resources Security: Trains employees and contractors on security responsibilities.
Physical Security: Protects assets from unauthorized access and disruptions.
Operations Security: Secures IT infrastructure, networks, and communication channels.
Cloud Security: Maintains data integrity and security in cloud environments.
Mobile Security: Controls for secure mobile device management.
Access Management: Restricts system and data access to authorized users.
System Security: Integrates security in system development and maintenance.
Backup Management: Ensures data recovery through secure backups.
Data Retention: Defines retention and archival policies.
Data Leakage Prevention: Detects and prevents unauthorized data distribution.
Patch Management: Regularly updates systems to address vulnerabilities.
Incident Response: Implements processes for managing security incidents.
Business Continuity: Ensures resilience against data loss and disruptions.

The Group implements processes to conduct periodic reviews to evaluate the effectiveness of implemented information security controls in accordance with current risk appetite and prioritise corrective actions. The reviews combine several different approaches, to improve situational awareness on the status of security controls across the Group's environment and increase insights into the processes used to manage organisational security. Those reviews include Information security assessments, Information security controls maturity assessment, Vulnerability and Security Configuration assessments/scanning, Enterprise penetration testing and Penetration testing of specific applications/systems.

Where a control is found to operate outside the Group's defined risk appetite:

A risk assessment should be performed and risks should be managed using the procedure defined in the Information Security Risk Management Methodology.
Each control owner should aim to reduce the identified exposure within the defined risk appetite, in line with the defined risk remediation targets.

The Board Technology Committee (TC) supports the Board in fulfilling the oversight responsibilities with respect to the overall role of technology, including information security. The RC has the responsibility for the oversight of Operational and Information Security risks. The TC is informed on the application of Information Security policies. No significant operational expenditures and/or capital expenditures are associated with the above-mentioned actions.

16.2.1.1. Business strategy to integrate social factors and risks (continued)

System Downtime and Disaster risks

The Group's wide range of financial products and services change from time to time and in order to adapt to the needs of its customers, whether businesses or individuals, and aim to be in line with the changes in the broader economy and environment. However, access to products and services can be significantly affected by system downtimes, posing a material risk to the Group's operations. Such downtimes disrupt customer services and hinder transaction capabilities, leading to potential revenue losses, customer dissatisfaction, and reputational damage. To address these risks, the Group has adopted a Business Continuity Management Policy that demonstrates its commitment to maintaining a Business Continuity Management System (BCMS). This policy applies to all employees within the Group that support the delivery of financial products and services to consumers and businesses. It ensures that essential banking functions remain available, even in the event of disruptions, safeguarding customer access and operational stability.

This internal policy approved by the Board through RC, supports with the Group's business continuity objectives as well as statutory, regulatory, and contractual obligations. The BCMS framework is designed according to the standards set by ISO 22301:2019 "Societal security - Business continuity management systems – Requirements." BCMS aims to safeguard the interests of key stakeholders, reputation, brand and value creating-activities. It also adheres to directives from the Central Bank of Cyprus, in order to ensure a structured and reliable approach to mitigating the risks associated with service disruptions. The overall responsibility for approving and monitoring the Group`s strategy and policy for managing Business Continuity risk lies with the Board which exercises this responsibility through the RC. The Policy, circulars and procedures are readily available on the Employee Internal Portal. In addition, the Head Business Continuity Risk Management conducts BCMS workshops and training programs to ensure that the business continuity liaisons who are assigned business continuity responsibilities are competent to perform the required tasks.

To manage interruptions of critical IT systems and to avoid loss of data and services, as an after effect of natural or man-made disasters, the Group implements a Disaster Recovery Plan (DRP). The DRP applies both to major events that deny access to datacentres for an extended period, and to events that may deny access to parts of the datacentres or certain systems. In that respect, the DRP is IT focused and designed to restore operability of IT systems and applications at an alternative site, with the aim to mitigate any effects a disaster might have upon the on-going operations of the Group. The Executive Director Technology & Operations is responsible for reviewing, amending and updating the Group's DRP for the recovery of key IT systems, telecommunications and data to support the implementation of recovery locations in the context of Business Continuity Plan (BCP).

The DRP covers all relevant risk and incident types (i.e., flood, fire, tornado, electrical storms, act of sabotage, electrical power failure, loss of communications network services), including recovery options and strategies for cyber-security scenarios. The plan incorporates and define the priorities in recovering IT systems, considering their interdependencies. Procedures for recovery priority identification and management are defined and periodically reviewed. Ownership of the DRP is assigned to the Disaster Recovery Committee (DRC), which nominates a Disaster Recovery Coordinator (DR Coordinator) to undertake responsibility for the efficient maintenance of the DRP. The DRP is tested annually for the identification and implementation of necessary remedial actions on any issues recognised during the test. The Group must maintain Crisis Management processes towards the effective and efficient management of any crisis events in order to mitigate, as much as possible, the impact on the organization, its stakeholders and its customers.

16.2.1.2 Objectives, targets and limits

Health & Safety

There are no measurable, time-bound, outcome-oriented targets associated with H&S risks, however the Group nevertheless tracks the effectiveness of these actions through qualitative Key Risk Indicators and monitoring mechanisms designed to mitigate potential hazards and ensure a safe working environment. Current qualitative statements include:

1. Managing H&S risks:

o Reducing the number of occupational accidents, illnesses, and injuries through preventive measures and improved systems.
o Monitoring and reducing the number of untrained first aiders across premises to ensure preparedness in emergencies.
o Addressing high- and medium-risk findings from risk assessments through corrective actions within defined timelines.
o Conducting regular audits and inspections of the HSMS to ensure compliance with regulatory requirements and industry standards.

2. Compliance statements:

o Maintaining full compliance with the H&S regulatory framework, ensuring all policies and practices align with legal obligations.
o Incorporating new regulations into the H&S Management System as they are issued, with annual reviews to ensure alignment.

The process of setting the above-mentioned qualitative indicators is described in the Risk Appetite Framework of the Group. The objective of the Risk Appetite Framework (RAF) is to set out the level of risk that the Group is willing to accept in pursuit of its strategic objectives, outlying the key principles and rules that govern the risk appetite setting. It comprises the Risk Appetite Statement (RAS), the associated policies and limits where appropriate, as well as the roles and responsibilities for the implementation and monitoring of the RAF.

Privacy

There is no set measurable, time-bound and outcome-oriented target associated with data protection and privacy however, the Group nevertheless tracks the effectiveness of these actions through quarterly reporting to EXCO and AC. Metrics reported include the number of data incidents, employee participation in privacy and information security training programs. Board, Management and all staff participate, in 2024, in Information security training (9,889 training hours), GDPR training (107 hours) and use of personal data training (1,207.5 hours).

Metrics associated with information security and GDPR training hours as well as personal data leakage reported to the CPDP, are not validated by an external body.

Pillar 3 Disclosures 2024

16.2.1.2. Objectives, targets and limits (continued)

In line with its Risk Appetite Statement (RAS), the Group has adopted the following qualitative stances associated with data privacy and information security:

Zero Tolerance for Privacy Risks: BOCH maintains a strict no-tolerance policy for any non-compliance with GDPR and expects full adherence to legal and regulatory requirements across all operations.
No Data Leakage: The Group has zero tolerance to data leakage, whether due to system vulnerabilities or employee mishandling. Rigorous protocols are in place to prevent and respond to potential breaches.
Vendor Compliance: BOCH does not engage with vendors who lack robust GDPR-aligned procedures and practices. All third-party relationships are subject to assessments to ensure compliance with data protection standards.
Immediate Response to Data Subject Rights: The Bank has a zero-tolerance approach to delays or avoidance in responding to data subject rights under GDPR. Processes are streamlined to ensure timely action on data access, correction, or deletion requests.

The process for setting the above-mentioned qualitative metrics is described in the Risk Appetite Framework of the Group. The objective of the Risk Appetite Framework (RAF) is to set out the level of risk that the Group is willing to accept in pursuit of its strategic objectives, outlying the key principles and rules that govern the risk appetite setting. It comprises the Risk Appetite Statement (RAS), the associated policies and limits where appropriate, as well as the roles and responsibilities for the implementation and monitoring of the RAF.

Information Security

There is no set measurable, time-bound, outcome-oriented target however, the Group nevertheless tracks the effectiveness of these actions through established processes, procedures and KRIs. The Group maintains a leakage registry to document and monitor data incidents, reviewed quarterly and reported to senior management and the AC. Data subject requests and complaints are tracked to ensure resolution. Cyberattacks and resolutions are recorded, with updates provided to the DPO and regulatory authorities. The Group also maintains a Record of Processing Activities (RoPA), conducts Data Protection Impact Assessments (DPIAs), updates GDPR-related actions, including Privacy Statement revisions and provides internal training. Moreover, the Group's Risk Appetite Statement (RAS) reflects a zero-tolerance approach to privacy and data protection risks. Board, Management and all staff participate, in 2024, in Information security training (9,889 training hours), GDPR training (107 hours) and use of personal data training (1,207.5 hours).

System Downtime and Disaster risks

There are no measurable, time-bound and outcome-oriented targets on system downtime and disaster risks however, the Group tracks effectiveness of these actions through established escalation arrangements to CEO, CRO and Deputy CEO in case of a critical impact incidents. The Group, in 2024, conducted Business Continuity Management training (1,299.5 hours in 2024) and Disaster Recovery training (161 hours in 2024). 5 system downtime incidents were reported, in 2024, to CBC. No disaster incidents occurred in 2024.

16.2.1.3 Engagement with counterparties

Social risk assessment at loan origination

As indicated under the environmental risks in Section 16.1.3.3 the Group has implemented an ESG questionnaire within the context of its underwriting processes. The completion of the ESG questionnaire results in an action plan with suggested actions that each customer can take to improve its practices around social risks such as, for instance, the adoption of ISO26000 for social responsibility or 450001 for occupational health and safety etc. The action plan will allow the Group to engage with its counterparties with the aim to remediate social risks.

It is noted that very few companies in Cyprus are obliged to publish Sustainability reports. Under the EU Non-Financial Reporting Directive (NFRD) very limited number of entities in Cyprus met the Directive's criteria so there was no need to publish Sustainability reports. The EU CSRD, apart from entities that are already within the scope of NFRD, will apply for large corporates for financial years starting 1 January 2025 and for listed small and medium sized entities for financial years starting 1 January 2026. Therefore, from 2026 and 2027 onwards better data availability and quality is expected to derive from the loan origination process.

Environmental and Social Policy

Similarly, as described under Section 16.1.3.8 an Environmental and Social Policy is in place in relation to its lending activities which requires to ensure acceptable of E&S risks. Examples of activities that are excluded through the policy relevant to social risks are:

i. Activities involving child or forced labour, or violations of human rights
ii. Activities prohibited by host country legislation or international conventions relating to the protection of biodiversity resources or cultural heritage
iii. Forced evictions
iv. Production and trafficking of military goods and lethal weapons, the use of which violates basic humanitarian principles

Hence, all lending applications regarding for the above activities, are rejected and no lending is allowed.

Sourcing and Procurement & Vendor Management Policy

Under the Sourcing and Procurement & Vendor Management Policy the Group established specific ESG criteria that the vendors or suppliers must adhere to. Specifically, suppliers must adhere all the principles regarding Labour, Human rights, ethics, working conditions and Health & Safety matters.

Labour / Human Rights / Ethics

i. Suppliers must respect internationally recognized human rights in all areas of operation.
ii. Suppliers should take actions to remedy adverse human rights impact.
iii. Suppliers must ensure that child and underage labour is not used, in accordance with the ILO Minimum Age Convention.
iv. Suppliers should not engage forced labour, slave labour, or any other non-voluntary labour and should treat all employees with respect and dignity, in accordance with the ILO Forced Labour Convention (No 29) and the Abolition of Forced Labour Convention (No 105).
v. Supplier standards should cover the prohibition of discrimination regarding grounds of discrimination (e.g., age, gender, and ethnic origin) and aspects of employment (e.g., recruitment, promotion, and remuneration).

Working Conditions

i. Suppliers should provide all employees with at least the minimum wage according to the national legislation.
ii. Suppliers must ensure that wages meet legally mandated minimums and industry standards, without unauthorized deductions.
iii. Suppliers must respect the right to freedom of association and collective bargaining of their employees.
iv. Suppliers must ensure that working hours are in accordance with the national legislation.
v. Suppliers should ensure that employees under the age of eighteen will not be engaged in hazardous or heavy work.

16.2.1.3. Engagement with counterparties (continued)

Health & Safety

Suppliers should comply with Health and Safety requirements, providing a healthy and safe working environment to their employees, adhering to all relevant Health & Safety laws and regulations.

16.2.2 Governance

16.2.2.1 Responsibilities of the management body for setting the risk framework

The Sustainability Committee as described under Section 16.1.2.1 has the oversight of the totality of the ESG agenda of the Group. The same governance arrangements remain in relation to the interaction with the Board as well. For Health & Safety, Information Security, Privacy and System Downtime risks different Governance arrangements apply which are described in Sections 16.2.1.1 and 16.2.1.2 above.

Commitment to Human Rights – Own Workforce

Respect for human rights is integrated into the Group's operational policies and procedures. The Group's Code of Ethics and Code of Conduct outline defined standards for behaviour, responsibilities, and ethical practices applicable to all employees. These frameworks are supported by reporting mechanisms and investigation procedures to address issues and ensure equitable treatment. BOCH engages its workforce through channels designed to promote accountability and inclusion, as detailed below, supporting a culture aligned with these principles.

The Group's approach to Human rights is based on internationally recognised frameworks, including the International Bill of Human Rights and international directives, principles and initiatives to protect human rights, such as the Core Labour Conventions of the International Labour Organisation (ILO). The Group adheres to the ILO Declaration on Fundamental Principles and Rights at Work, integrating its principles into various aspects of operations. For instance, the Group's collective agreement and relationship with the trade union address the first principle of the Declaration. Fair and inclusive hiring practices ensure compliance with the second and third principles, while health and safety measures, supported by the "Well at Work" wellbeing programme and Health & Safety Management system, reflect the fifth principle. Group's policies and practices are aligned with ILO Declaration on Fundamental Principles and Rights at Work so by monitoring adherence to such policies and practises also align with ILO. Additionally, the OECD Guidelines for Multinational Enterprises are encompassed within the Group's Code of Conduct, Code of Ethics, and Employee Handbook. These frameworks establish clear expectations for ethical behaviour and corporate responsibility. Violations are addressed through the Group's formal disciplinary process.

BOCH's existing policies and processes, including the Recruitment Policy, Code of Ethics, and Code of Conduct, already address concerns related to human trafficking, forced labour, and child labour, ensuring responsible management. However, to enhance clarity and explicitly reinforce these commitments, the Group will update its policies and processes by the end of 2025.

BOCH maintains a zero-tolerance policy toward discrimination of any kind. This includes, but is not limited to, discrimination based on race, ethnicity, colour, sex, sexual orientation, gender identity, disability, age, religion, political opinion, national origin, social background, or any other grounds. Similarly, harassment in any form—whether verbal, physical, visual, sexual, or bullying—is strictly prohibited. In addition, decisions related to recruitment, promotion, and remuneration are based solely on objective criteria such as ability, ethics, and experience. The Group through the Code of Conduct and Anti-Sexual Harassment Code of Practice set clear standards for employee behaviour and responsibilities against any form of discrimination. No human rights violations, such as forced labour or discrimination, were reported during the period.

16.2.2.1 Responsibilities of the management body for setting the risk framework (continued)

The Group promotes integrity, as a core organisational value, through the implementation of the Disciplinary code. This framework ensures timely detection and mitigation of any violations related to the Code of Conduct, Code of Ethics, Anti-Sexual Harassment Code, internal policies, employment terms, circulars and any other decisions of the Group associated with own workforce. To address significant breaches, the Group has established the Disciplinary Committee. Misconduct, breaches or violations can be reported through various channels:

Whistleblowing channel;
Planned or unplanned internal audits;
Complaints;
Other means (Direct communication to Branch Manager, Manager, Director or through Internet Banking).

• The internal Audit Division investigates the violation and submits a report to the Executive Director People & Change who oversees the process. If the investigation confirms a violation, the report is escalated to the Disciplinary Committee. For breaches relating to the Code of Conduct or Code of Ethics (or any other matter associated with HR) the matter is investigated by the relevant HR department and the relevant report is submitted as described above. A Senior Management committee decides whether the matter requires escalation to the Disciplinary Committee, which is responsible for determining appropriate disciplinary actions.

Commitment to Human Rights – Customers

At BOCH, respecting human rights of consumers and end-users is embedded in the Group's Code of Ethics, Code of Conduct, and organisational values. These commitments are integrated into the Group's strategy and business model to ensure that the interests, views, and rights of consumers and end-users are considered in the decision-making processes. BOCH's policies follow internationally recognised frameworks, including the UN Guiding Principles on Business and Human Rights, the ILO Core Labour Conventions, the Universal Declaration of Human Rights (UDHR), and the OECD Guidelines for Multinational Enterprises. BOCH has established formal policies to ensure ethical practices, consumer protection, and operational transparency. The Customer Complaints Management Policy provides a structured framework for addressing and resolving complaints. The Group Information Security Policy sets out safeguards for customer data, breaches, and GDPR compliance. These policies are supported by the Code of Ethics and Code of Conduct, embedding fairness, accountability, and respect for consumer and end-user rights into all operations. The Group has no reported cases of non-compliance with the UN Guiding Principles on Business and Human Rights, the ILO Declaration on Fundamental Principles and Rights at Work, or the OECD Guidelines for Multinational Enterprises involving consumers or end-users have been reported in its downstream value chain. Additionally, there were no reported severe human rights issues or reported incidents connected to consumers or end-users.

16.2.2.2 Integration of measures to manage social factors and risks in internal governance arrangements

The Group has dedicated resources for the handling of ESG issues as described under Section 16.1.2.2 Integration of measures to manage environmental factors and risks in internal governance arrangements.

16.2.2.3 Lines of reporting

The Group established Sustainability performance report which monitors the performance of the Bank against Social and Governance targets. For more details refer to Section 16.1.2.3 Lines of reporting.

16.2.2.4 Alignment of the remuneration policy with institution's social risk-related objectives

For the alignment of the remuneration policy with the Group's social risk refer to Section 16.1.2.4 Alignment of the remuneration policy with institution's environmental risk-related objectives.

16.2.3 Risk Management

16.2.3.1 Tools, identification, measurement, monitoring and mitigation of social risks

The United Nations Environment – Finance Initiative (UNEPFI) Impact Analysis Tool has been employed to obtain insights on both the actual and potential, positive and negative impacts of BOC PCL's portfolio towards Social sub-sub-topics as determined by ESRS. The UNEP-FI impact analysis tool is used as the basis for Double Materiality Assessment under ESRS. Social risks associated with the counterparties were assessed on a qualitative basis through expert judgement during the Double Materiality Assessment. Additional work is expected to be carried out going forward aiming to identify social risks the Group is exposed through its counterparties, the relevant transmission mechanisms to traditional risks and the implementation of limits were deemed material. The Group will undertake a comprehensive qualitative analysis of potential transmission channels with regards to governance risks by the end of the first half of 2025.

Social risks identified by the Group following the Double Materiality Assessment as mentioned in Section 16.2.1, are understood to potentially impact, as risk drivers, the main prudential risks such as credit, market, liquidity and other non-financial risks including reputational risk.

The Group through the Lending Policy which established the ESG Due Diligence procedures in loan origination process, integrates social performance of its counterparties into risk management processes. The ESG Questionnaires which are part of the ESG Due Diligence process incorporate the following social aspects assessing counterparties performance in social spectrum:

Whether that counterparties have engagement channels with employees, suppliers, communities, customers, trade unions;
Whether counterparties conduct, customer's satisfactory surveys;
Whether the counterparties assess the ESG performance of their supply chain;
Number of employees split between Male and Female;
% difference between weighted average salary between Female and Male employees;
% of employees based on their employment type (permanent etc.);
Number of work-related accidents;
Days lost due to work-related accidents;
Number of work-related accidents leading to fatalities;
Whether the counterparty provides any other benefits to its employees (Bonus, insurance etc.);
Whether the counterparty was involved in philanthropy, school or community programs;
Whether the counterparty made monetary donations for the benefit of local community.

16.2.3.2 Setting limits to social risk

Based on the Double Materiality Assessment performed the limits associated with the material social risks were disclosed in section 16.2.1.2.

16.3 Governance Risk

16.3.1 Governance

The Sustainability Committee as described under the Section 16.1.2.1 has the oversight of the ESG agenda of the Group. The same governance arrangements remain in relation to the interaction with the Board as well.

It is noted that very few companies in Cyprus are obliged to publish Sustainability reports. Under the EU NFRD very limited number of entities in Cyprus met the Directive's criteria so there was no need to publish Sustainability reports. The EU CSRD, apart from entities that are already within the scope of NFRD, will apply for large corporates for financial years starting 1 January 2025 and for listed small and medium sized entities for financial years starting 1 January 2026. Therefore, from 2026 and 2027 onwards better data availability and quality is expected to derive from the loan origination process. The Group will implement further procedures as part of customer's credit assessment associated with the role of the counterparty's top governing body in non-financial report.

16.3.2 Integration of Governance performance of counterparties in Governance arrangements

The Group through the Lending Policy which established the ESG Due Diligence procedures in loan origination process, integrates the ESG governance performance of its counterparties into its governance arrangements. For details on the Governance areas of the counterparty covered under the ESG Due Diligence process refer to section 16.3.3. In addition, following Double Materiality Assessment performed in accordance with ESRS identified that Financial Crime, Fraud, Conflict of Interest and Compliance with laws and regulations are material for the Group. The Group establishes and implements actions, procedures and policies to ensure that those risks are managed, and monitoring of such risks is part of Group's governance arrangements.

Financial Crime and Fraud

This section concerns the Group's reporting related to the work conducted to combat financial crime. This section describes financial crime, defined as money laundering, financing of terrorism, bribery and corruption and fraud.

The Group adopted a Policy relating to the Prevention of Money Laundering and Terrorism Financing. The purpose of this policy is to set the minimum standards and provide general guidance and clarity on Group's effort to prevent and suppress money laundering, terrorist financing and other illegal activities and to ensure compliance with all applicable legal and regulatory requirements. The Group is committed in the fight against money laundering and terrorism financing and institutes appropriate procedures to comply with relevant legislation, regulations, guidelines and best practices, and exercises due diligence to deter the use of its services and products by money launderers and those involved in illegal activities including the financing of terrorism. The policy is readily available for all employees in the Group's internal portal and Group's website for any affected stakeholders. The policy covers both upstream and downstream value chain.

The main objectives of the principles incorporated in this Policy are to:

Take all reasonable steps and exercise Due Diligence to deter the use of Group's systems and processes by money launderers and those involved in criminal and illegal activities including the Financing of Terrorism.
Avoid violations, since they may result in criminal, civil and regulatory sanctions and/or penalties/fines imposed.
Protect Group's reputation by protecting the Group and its employees from unfounded allegations of facilitating Money Laundering and Terrorist Financing.
Create a high standard of compliance culture among all the staff across the Group.

The Group through this policy ensures that the legal and regulatory requirements stemming from the provisions set out in the Law 188(I) 2007, the 5th edition of the Central Bank of Cyprus Directive for the prevention of Money Laundering and Terrorist financing and the 1st edition of the Central Bank of Cyprus Directive for Compliance with the Provisions of UN Security Council of the European Union, are addressed.

16.3.2 Integration of Governance performance of counterparties in Governance arrangements (continued)

In addition, the Group adopted a Sanction Policy to manage the risk of customer's sanction violation. The purpose of the Policy is to ensure Group's full compliance with sanctions or restrictive measures imposed on countries, territories, entities, or specific persons and bodies. The policy is readily available for all employees in the Group's internal portal and Group's website for all stakeholders. The Sanctions Policy outlines the legal and regulatory requirements/principles emanated from the provisions set out in (a) the Law for the Implementation of the Provisions of the United Nations (UN) Security Council Resolutions (Sanctions) and the Decisions and Regulations of the Council of the European Union (EU) Law 58(I) of 2016, and (b) the Central Bank of Cyprus Directive for Compliance with the Provisions of United Nations Security Council Resolutions and the Decisions/Regulations of the Council of the European Union. In addition to UN, EU sanctions, the Group fully adheres to sanctions imposed by the US and the UK. The policy covers both upstream and downstream value chain.

The Board bears the ultimate responsibility for the effective implementation of the above-mentioned Policies and for setting the right tone from the top. The AC makes sure that sufficient, dependable, and secure internal procedures are in place to ensure that the Group complies with the above-mentioned policies and monitors the effective implementation of those Policies through the Control Functions. The Internal Audit Division is responsible for providing independent and objective assurance to the Board, through the AC, and to management, by assessing the effectiveness of governance, risk management, and control processes related to those policies and informs the AC of any findings and relevant recommendations.

The Group also adopted a Fraud Risk Management Policy (applicable to activities in both upstream and downstream) which sets out the appropriate steps to be followed for managing Internal and External Fraud risks within the Group. The purpose of this Policy is to set out the minimum requirements and basic principles underlying the governance and management of Fraud Risks in the Group, providing guidelines on the prevention, detection, investigation, and response of actual (perpetrated) and suspected Fraud. The policy is readily available for all employees in the Group's internal portal. The Policy aims to safeguard the Group and internal or external stakeholders' interests.

The overall responsibility for approving and monitoring the Group`s strategy and policy for managing Fraud risk lies with the Board, which exercises this responsibility through the RC. The RC annually reviews the adequacy and effectiveness of the internal controls system, including areas related to Fraud Risk Management (FRM), based on data and information produced by the Internal Audit (IA) division, the observations and comments of the Group's external auditors and the competent supervisory authorities as well as the assurance provided by the CEO and make appropriate recommendations to the Board.

The key element of Group's preventing Financial crime is the Customer Due Diligence. Customer Due Diligence includes the following:

ascertaining the identity of the customer before establishing a business relationship or making a oneoff transaction;
establishing the Ultimate Beneficial Owner of legal entities taking particular care on the identification of the true owners of trusts, foundations, client accounts and other similar entities;
building a detailed Economic Profile of the Customer;
undertaking Enhanced Due Diligence for High and Significant Risk Customers and transactions;
updating the identification data of customers on a regular basis;
Detecting suspicious activities/transactions and where appropriate, reporting such activities/transactions to the local FIU.

The Group also implements specialised software packages for the continuous monitoring of the customers' accounts, to enable suspicious transactions to be recognised and to maintain procedures for the reporting of such transactions to the appropriate authorities. The Group through specific procedures and circulars established a specific process to identify and manage specific, general, sectoral sanctions imposed by the UN, EU, US and the UK and focused prohibitions on the export / import of commercial and dual-use goods, software and technology issued by the Council of the European Union, or subject to U.S. jurisdiction under the Export Administration Regulations sanctions.

16.3.2 Integration of Governance performance of counterparties in Governance arrangements (continued)

The Group established a Fraud Risk Management program with the following main components to identify, prevent, detect and respond to Fraud Risk:

Fraud risk identification and assessment: The risk of Fraud is identified, assessed and monitored in all activities through established methodologies and processes. Fraud risks are scored and suitably prioritised for action. The Group identifies inherent Fraud risk through an assessment of incentives, pressures and opportunities to commit fraud. The Group assess likelihood and potential impact of residual Fraud risk. The Group responds to reasonably likely, significant fraud risks through identification and implementation of effective controls or detection procedures for the risks identified.
Fraud prevention:
- o Process-level controls: Business lines supported by Fraud Risk Management (FRM) department, Organisation (OD) and Digital Transformation departments developed and implement appropriate anti-Fraud control procedures and mechanisms for all relevant business processes that either prevent or minimise the likelihood and/or the potential impact of Fraudulent Conduct.
- o Transaction level controls: Reviews of third-party and related-party transactions are established throughout business processes. These controls are driven by appropriate know-your-customer/client (KYC), know-your-intermediary (KYI) and know-your-staff (KYS) procedures, as well as background checks on suppliers and business partners, to indicate potential entities that bear higher risk of Fraud.
- o Awareness: Ensure that all employees receive training on Code of Conduct, Fraud trainings as well as training on any updates or changes on related processes and procedures.
Fraud detection:
- o Business process-level mechanisms: Business processes and procedures are designed so that they accommodate and integrate the systematic identification of the types of Fraud schemes that can be perpetrated in relation to the specific business process.
- o Key Fraud Indicators: Key Fraud Indicators (KFIs) are established and updated to monitor variables, which may indicate the possibility of Fraud. Breach of relevant KFIs or adverse trend indications provide early warning for high-risk Fraud areas and must trigger further assessment of the necessary controls in that area and the residual risk.
- o Other detection mechanisms: Includes IA reports, periodic reviews by external auditors or regulators or findings and reports from other expert external business partners.
- o Proactive Fraud detection procedures: Automated data analysis, continuous Monitoring techniques, and appropriate technology tools to effectively detect Fraudulent Activity
- o Internal Fraud reporting channels: Report fraud incidents to Internal Audit, Compliance or Fraud Risk Management Department or through whistleblowing channels.
- o Other external reporting channels: Complaint Management system.
Fraud investigation and response: The Internal Audit Director is responsible for receiving reports of alleged or suspected internal Fraudulent Conduct involving the Group's activities or the members of governing bodies and employees, carry out an investigation of actual or suspected Internal Fraud and report findings to the AC, as well as the CEO or any other reporting line, on a need-to-know basis.

The above-mentioned actions are ongoing and associated with both upstream and downstream activities.

There are no measurable, time-bounded and outcome oriented targets nevertheless there are indicators which monitors the effectiveness of these actions. The Group through the Risk Appetite Statement establishes certain qualitative indicators to monitor risks associated with Financial Crime, Sanctions and Fraud risks:

1. No tolerance for violating sanctions or other measures imposed by American Authorities, such as the US Department of Treasury's Office of Foreign Assets Control (OFAC), and by the UN, the EU and by the government of countries that the Group operates in, with respect to violations of AML legislation 39 or Sanction programs. In case of such deviations, immediate rectification and investigation actions shall be enacted.
1. No tolerance for deviations with regards to the opening of accounts in US Dollars for persons connected with countries subject to strict sanctions imposed by the US Department of Treasury's Office of Foreign Assets Control (OFAC).
1. No tolerance to facilitating any sort of financial crime/terrorism financing.

16.3.2 Integration of Governance performance of counterparties in Governance arrangements (continued)

The Group ensures relevant trainings are conducted to support mitigation of Financial Crime risks.

Business Conduct - Board of Directors – Training
	No of		Training – Hours
	participants	Women	Men	Total
AML ESSENTIALS & SANCTIONS
Board	5	0.5	2	2.5
Sanctions
Board	8	2.3	3.8	6.1
Prevention of ML & TF
Board	6	0.5	2.5	3
Market Abuse
Board	2	-	1	1
	Business Conduct – All Staff – Training
	No of	Training – Hours
	participants	Women	Men	Total
Antibribery, Whistleblowing, Gifts
Management	564	146.5	149	295
Individual contributors	2,428	790	491.5	1,281.5
AML
Management	518	197.3	165.5	362.8
Individual contributors	2,155	914	455	1,369.5
Fraud Risk Awareness
Management	572	145.5	151.5	297
Individual contributors	2,386	792	469.5	1,261.5

Conflict of Interest

The Group adopts a Conflict of Interest (COI) policy which sets out the framework for the prevention, identification, assessment, documentation, escalation, and effective management of COI in compliance with the legal and regulatory framework to which the Group is subject. This Policy applies to the Members of the Board, Senior Management, and all employees of the Group in every country the Group operates and to the Group's contractors, agents, and other Relevant Persons. The policy is readily available for all employees in the Group's internal portal and Group's website for all stakeholders.

The Board bears the ultimate responsibility for the effective implementation of this Policy and setting the right tone from the top. The AC makes sure that sufficient, dependable, and secure internal procedures are in place to ensure that the Group complies with the above-mentioned policies and monitors the effective implementation of those Policies through the Control Functions. The Internal Audit Division is responsible for providing independent and objective assurance to the Board, through the AC, and to management, by assessing the effectiveness of governance, risk management, and control processes related to those policies and informs the AC of any findings and relevant recommendations.

The Group implements procedures to identify the relationships, services, activities, or transactions in which COI may arise. These procedures cover relationships between the Group and customers, shareholders, Members of management body and their family members, employees, significant business parties and other related parties. In addition, these procedures cover COI between different customers of the Group. Board members and Senior Management self-assess potential conflict of interests annually. All COI identified by Compliance Division across the Group are documented in a dedicated software and relevant information is presented to the AC and EXCO quarterly.

16.3.2 Integration of Governance performance of counterparties in Governance arrangements (continued)

COI identified at Management Level and Board level are reported to the NCGC for decision-taking. The above-mentioned actions are ongoing and associated with Group's own operations.

The Group conflicts registry recorded 80 perceived conflicts of interest in 2024 (2023: 135, 2022: 212). Zero incidents of conflict of interest (2023: 0, 2022: 3) were considered as high, 9 (2023: 9, 2022: 6) were considered as medium and the remaining 71 (2023: 126, 2022: 203) were considered as low.

The Group through the Risk Appetite Statement establishes, annually, qualitative statements associated with the mitigation of Conflict of Interest risks:

The Bank has no tolerance for participation in the decision making or voting on matters by persons that have a conflict of interest.
No transactions in BOC securities are tolerated for persons classified as 'Relevant persons in possession of inside information for BOC Group', except in cases where permission is granted under the provisions of the BOC Dealing code.
The Bank has no tolerance for selecting outsourcing service providers, connected to any member of the Group's senior management or management body, the Group's external auditors or legal advisors and where this information has not been duly disclosed to the Bank.
The Bank has no tolerance to acts of bribery and corruption by any of its employees or any business partner.

Compliance with Laws and Regulations

The Group adopted a Compliance policy which sets out the business and legal environment applicable to the Group, the principles and responsibilities for compliance and how these responsibilities are allocated and carried out at group and entity level. The policy is readily available for all employees in the Group's internal portal and Group's website for all stakeholders. The policy covers operations at Group level.

16.3.2 Integration of Governance performance of counterparties in Governance arrangements (continued)

The Regulatory Compliance Department ensures that the Group adopts all regulatory, legal, and compliance requirements and is committed to the establishment of relevant controls and procedures to protect its clients and all other stakeholders. Regulatory compliance implemented, through the network of Compliance Liaisons at the various Departments, the compliance management system which automated most of the compliance processes. The system is an integrated compliance management system which provides a comprehensive set of tools for managing regulatory risks, including modules on regulatory change management with live regulatory feeds on new or amended regulations, the recording and management of identified risks through various assessment processes, the recording and management of regulatory incidents, conflicts of interest and gifts, KRIs and the monitoring and follow up of issues and actions. Additionally, Regulatory Compliance Department regularly performs compliance assurance reviews based on clear and aligned Compliance Review Methodologies aiming to cover high risk areas. The Compliance Division presents its Key Risk and Key Performance Indicators to the EXCO and the AC. Cases of significant non-compliance are identified through the three lines of defence model, whereby responsibility for compliance reviews lies primarily with management, secondly with the control functions, by assessing the severity of the instances of noncompliance. The above-mentioned actions are ongoing and associated with Group's own operations.

There are no measurable, time-bounded and outcome oriented targets nevertheless there are indicators which monitors the effectiveness of these actions. We are pleased to note that in the current year, the Group did not receive any regulatory fines in relation to breaches of compliance with laws and regulations. The Group through the Risk Appetite Statement establishes, qualitative statements associated with the Compliance Risks and has no tolerance with regards to non-compliance with regulatory, legal and compliance requirements.

16.3.3 Risk Management

At the basis of the Double Materiality Assessment under ESRS, the Group has identified Business conduct as a governance risk driver including aspects of corporate culture and management of relationships with suppliers including payment practices. Business conduct has been qualitatively assessed and is understood to potentially impact, as risk drivers, the main prudential risks such as credit, market, liquidity and other non-financial risks including reputational risk. BOC PCL will undertake a comprehensive qualitative analysis of potential transmission channels with regards to governance risks by the end of the first half of 2025.

BOC PCL implemented an ESG Due Diligence process on ESG factors within the context of its underwriting processes amending its policies and procedures in such a way that potential impact from ESG is reflected in the fundamental elements of the creditworthiness assessment i.e., in repayment capacity and collateral assessment. Through this process, counterparty governance information will be collected.

Recognition of Governance issues in the ESG Client Questionnaires

As mentioned earlier in Section 16.1.2.1, BOC PCL employs ESG client questionnaires to identify and assess ESG matters as part of its ESG Due Diligence process. BOC PCL has incorporated the following governance aspects into its ESG questionnaires which are used to assess customer's performance under various ESG matters:

Governance Area	Assessment under ESG Due Diligence Questionnaire
Ethical Considerations	Whether the counterparty adheres to code of conduct and code of ethics and whether the counterparty implements processes and/or policies associated with human right
Strategy and risk management	Whether the counterparty enhanced strategy to be aligned with ESG framework
Inclusiveness	Whether the counterparty implements processes or policies associated with equality, diversity and inclusiveness. Number of employees split between Male and Female for Board of Directors, Senior Management and all staff.
Transparency	Whether the counterparty publishes performance on sustainability matters and the relevant initiatives and standards applied on sustainability statements
Management of Conflict of Interest	Whether the counterparty has in place a code of conduct or code of ethics
Internal communication on critical concerns	Whether the counterparty implements whistleblowing processes and procedures
Privacy	Whether the counterparty implements a Data Privacy Policy
Information Security	Whether the counterparty implements an Information Security Policy
Compliance with laws and regulations	Whether the counterparty received any fines associated with legal cases

In addition, BOC PCL's Lending Policy as part of determining the creditworthiness of legal entities requires that the following are assessed:

i. Qualitative elements, such as the customer's corporate governance (for example delegation of authority checks and balances, accountability, strategy formulation, managerial skills, succession, commitment of shareholders, pricing power of the company in the marked etc.) including dividend policy, compliance with audit requirements for financial accounts and compliance with tax obligations.
ii. The borrower's exposure to ESG factors. This is a general guideline rather than a prescriptive process.

17. Remuneration Policy and Practices

The Bank of Cyprus Group Remuneration Policy is aligned with the European Banking Authority (EBA) guidelines on Sound Remuneration Policies and Practices (as amended) and captures provisions from relevant Directives and Guidance of the EU, the ECB and the CBC including, but not limited to, the CBC Directive on Internal Governance of Credit Institutions 2021, the CSE Corporate Governance Code, MiFID II, ECB Guide on climate related and environmental risks, Guidelines on the Remuneration Practices, the Gender Pay Gap and Approved higher Ratios, as well as the UK Corporate Governance Code. The Group Remuneration Policy aims to align the remuneration of directors, Executive Management, officers and staff with the business strategy, objectives and long-term interests of the Group. It is consistent with the effective management of risks and does not encourage excessive risk-taking.

17.1 Board Human Resources and Remuneration Committee (HRRC)

17.1.1 The Role of the HRRC

The HRRC is responsible for the development and periodic review of the Group Remuneration Policy which is presented to the Board for approval. In addition, the Board, through the HRRC, is ultimately responsible for monitoring the implementation of the Group Remuneration Policy.

The role of the HRRC is:

To oversee that the Group is equipped with the human capital at the right size and with the right skill mix necessary for the achievement of its strategic goals, whose reward will be based on personal performance and Group results.
To oversee that the Group is equipped with the organisational capital to be able to effect continuous improvement and elicit the right behaviour which would lead to the desired outcome.
To oversee that the Group is equipped with the information capital and the technology necessary to facilitate process improvements that will create a comparative advantage in the market and sustainability for the future.
To review, agree and recommend to the Board the overarching principles and parameters of compensation and benefits policies across the Group and exercise oversight for such issues.
To review the remuneration arrangements of the executive Directors of the Group, senior management and the Group Remuneration Policy bearing in mind the EBA Guidelines on remuneration policies and practices, the CBC Governance Directive, the UK Code, the CSE Code and any other applicable or regulatory requirements.

The HRRC, through a formal and transparent process, considers, agrees, recommends to the Board and keeps under review an overall remuneration policy for the Group (the "Group Remuneration Policy") on an annual basis which:

applies to all executive directors, senior management and other staff across the Group;
aligns remuneration with job value, individual performance and potential;
takes into account market conditions;
is aligned with the Group's long-term business strategy and objectives, its values and its long-term interests;
is in line with the regulatory framework;
is aligned with the Group's capital and liquidity availability, the interests of its shareholders, does not encourage excessive risk taking and ensures an appropriate balance between fixed and performancerelated remuneration, immediate and deferred remuneration;
jointly with NCGC reviews and recommends for approval to the Board the remuneration packages of executive members of Group Board vis-à-vis their performance;
reviews remuneration packages of senior management and other key personnel whose total annual fixed remuneration is equal to or greater than €500 thousand as follows:

17.1.1 The Role of HRRC (continued)

o All Divisional Directors that report directly to the CEO or Deputy CEO & Chief of Business or one of the EXCO members, General Managers of major subsidiaries (EuroLife, GIC) and other employees whose total annual remuneration is equal to or greater than five hundred thousand (500,000) euros : Within the Group Remuneration Policy and the recommended level and structure of remuneration for senior management, the Committee reviews and recommends to the Board for approval their remuneration packages, (including salary, pension policy or any additional provident fund, contributions, option plans and other types of compensation), as recommended by the CEO in cooperation with HR.
o Divisional Directors that report to Board Committees (Risk Management, Internal Audit, Compliance, Information Security): Within the Group Remuneration Policy and the recommended level and structure of remuneration for senior management, the HRRC reviews and recommends to the Board for approval their remuneration packages, as recommended by the respective Committee (RC and AC) in cooperation with Human Resources.
proposes to the Board for approval, the fees payable to the Chairperson and Vice Chairperson of the Board.

17.1.2 Composition and Meetings of the HRRC

The HRRC has a minimum of 3 members who are appointed by the Board on an annual basis. In 2024, the Committee comprised of 3 members, all of whom are independent. Mr Andrian Lewis, a member of the Board since 17 November 2023, became the Chair of the HRRC on 21 June 2024 following the sudden death of Mr Constantine Iordanou.

The HRRC held 9* meetings at Group level in 2024, with 8 meetings being scheduled meetings, and one being an ad hoc meeting. Ad hoc meetings take place whenever called by the chairperson of the Committee. The quorum for a meeting is assumed to be when 2 members or 50% rounded up, whichever is the highest. The HRRC keeps detailed minutes of its meetings. The HRRC has authority to obtain independent advice and information from external parties whenever this is considered necessary.

In 2024, the HRRC focused on several key priorities including, but not limited to, the implementation of variable pay plans (both short-term and long-term), the review of the Remuneration Policy and Material Risk Takers, the review of the Performance Appraisal Framework and Target Setting (OKRs), the 2024 Learning & Development Plan and the monitoring of transformational and people related initiatives.

The HRRC reviewed its terms of reference once during 2024 to ensure continuing appropriateness and full alignment with regulatory framework.

17.1.3 Relevant Stakeholders

The HRRC ensures that internal control functions (i.e. Internal Audit, Risk Management and Compliance) and the Human Resource Division (HRD) are involved in the design, review and implementation of the Group Remuneration Policy.

In developing its Group Remuneration Policy, the Group takes into account the provisions that are included in the CSE Code, the UK Code as well as the CBC Directive on Internal Governance of Credit Institutions 2021 and incorporates the requirements for Remuneration Policies included in CRD V, as well as the regulatory restrictions currently pertinent to the banking sector.

*In addition, during 2024, 5 meetings of joint HRRC/NCGC were held.

17.2 Remuneration Schemes

Remuneration schemes in BOC PCL are subject to stakeholder consultation and are largely determined by the collective agreement with the Trade Union. They are also in line with the prevailing regulations and guidance. Remuneration typically consists of fixed plus variable pay.

17.2.1 Fixed Remuneration

Fixed Remuneration refers to the staff's main form of remuneration. It comprises of salary and any applicable (including non-discretionary) position allowances and is determined by employment contracts, collective agreements (where applicable) and employment legislation.

Fixed Remuneration is based on the following criteria:
- ➢ Job Value: The focus is on the job (requirements and contribution to the Banks business results) rather than the job holder's seniority or education.
- ➢ Individual contribution and potential: The focus is on the employee's performance over time, his/her level of experience and his/her potential to undertake upgraded duties.
- ➢ Applicable legislation, regulations and collective agreement.

• Changes in fixed remuneration:

Changes in fixed remuneration can be effected in the following cases:

I. Annual Increments (Pay movement within Pay Scale):
- ➢ Granted to all employees based on tenure (annually, in January of each year).
- ➢ The amount is fixed and is linked to the employee's salary scale.
- ➢ Governed by the applicable provisions of the collective agreement.

II. Merit Pay Increases:

➢ Granted on the basis of well-defined criteria, which are defined by the Merit Pay Committee set up jointly between BOC PCL and the Trade Union for this purpose.
➢ Enables BOC PCL to make salary corrections in cases of identified internal inequities and/or differentiate strong performers.
➢ Governed by the applicable provisions of the collective agreement.

III. Promotions (Pay movement across Pay Scales):

➢ Granted to selected employees on the basis of well-defined criteria (assumption of higher duties & responsibilities, job value, performance, potential, years of service / years at position).
➢ Under normal circumstances, promotions to a higher salary scale are accompanied by the granting of an additional annual increment (of the new salary scale).
➢ Governed by the applicable provisions of the collective agreement.

IV. Other Increases (Ad hoc):

➢ In exceptional cases (e.g. as a defensive measure), BOC PCL has the discretion to grant a salary increase to specific members of staff, subject to a well-defined approval process.

17.2.2 Variable Remuneration

Variable remuneration refers to the additional discretionary remuneration paid to an individual as an incentive for increased productivity and competitiveness. It is based on the performance of the specific individual, the overall performance of the business unit the individual belongs to, the Group's consolidated financial results and the prevailing economic market conditions. Variable remuneration might include financial instruments such as cash bonus schemes, performance shares or share option plans, at the discretion of the Bank. Variable remuneration should reflect a sustainable and risk adjusted performance. For the LTIP - Section 17.2.3, the assessment of the performance is set in a multi-year framework in order to ensure that the process is based on longer-term performance and that the actual payment of performance-based components of remuneration is spread over a period which takes into account the underlying business cycle of the Group and its business risks.

Pillar 3 Disclosures 2024

17.2.2 Variable Remuneration (continued)

Variable remuneration aims to:

a) Elicit the appropriate behaviors that will produce the desired outcome, both in the short and long term;
b) Increase employee's commitment towards the achievement of the Group's long-term objectives within a given set of values;
c) Enhance employee's performance over a long-term basis, within the Bank's risk-taking framework;
d) Align employee's long-term interests with those of the Bank's shareholders;
e) Ensure that the value created is shared fairly between employees and shareholders, and
f) Retain high performers and attract talent.

Up to 100% of variable remuneration is subject to claw back and malus in accordance with criteria which include the following:

Evidence of misbehavior or serious error by the staff member (e.g. breach of Employee Code of Conduct, Code of Ethics, Employment Contract and other internal rules, especially concerning risks and compliance);
When the Bank and/or the business unit in which the staff member works subsequently suffers a significant downturn in its financial performance;
When the employee leaves the Group;
When there are significant changes in the Bank's economy, or capital base;
Manipulation of financial performance or window dressing practices, and
Hedging against a downward adjustment in compensation.

Any deviations from the Remuneration policy with regards to the maximum level of variable remuneration that can be granted are examined by HRRC and are submitted to the Board of Directors for recommendation by shareholders.

The AGM resolution that was approved by the shareholders in May 2024, gave the Bank the flexibility to increase the ratio of variable to fixed remuneration to up to a maximum of 100% for Material Risk Takers.

In case the Group benefits from government intervention, then all restrictions that derive from the relevant legislation will apply.

There were severance payments awarded during 2024 and 2023(full amount paid). These relate to the Voluntary Separation Scheme (not performance related) that was in place during 2024 and 2023.

The Group did not benefit from any derogation laid down in Article 94 (3) of Directive 2013/36/EU.

17.2.3 Short-Term and Long-Term Incentive Plans (e.g. Performance Shares or Share Option Plans)

Long‑Term Incentive Plan

At the Annual General Meeting of the shareholders of the Company which took place on 20 May 2022, a special resolution was approved for the establishment and implementation of the share based Long-Term Incentive Plan (the 'LTIP') of Bank of Cyprus Holdings Public Limited Company.

Share Awards Notifications have been given to eligible participants under LTIP during 2022, 2023 and 2024 as described below.

The LTIP is an equity-settled share-based compensation plan for executive directors and senior management of the Group. The LTIP provides for an award in the form of ordinary shares of the Company based on certain non-market performance and service vesting conditions. Performance is measured over a three-year period. The performance conditions are set by HRRC each year and may be differentiated at the HRRC's discretion to reflect the Group's strategic targets and employee's personal performance. Performance is assessed against an evaluation scorecard consistent with the Group's Medium Term Strategic Targets containing both financial and non-financial objectives and including targets in the areas of: (i) Profitability; (ii) Asset quality;

17.2.3 Short-Term and Long-Term Incentive Plans (e.g. Performance Shares or Share Option Plans) (continued)

(iii) Capital adequacy; (iv) Risk control & compliance; and (v) Environmental, Social and Governance ('ESG') targets and (vi) Customer Experience (targets in the area of Customer Experience have been introduced for non-control functions from 2024).

As per the applicable regulatory framework, up to 100% of the award will be subject to malus and claw back provisions. Under certain circumstances the HRRC has the discretion to determine whether the award will lapse and/or the extent to which the award will be vested.

In March 2024, the Board of Directors via the HRRC, approved the granting of awards for the 3-year performance period 2024-2026, as per the terms of the approved LTIP and the relevant authority provided from the Shareholders at the 2022 AGM. The design parameters, eligibility and target award levels are the same as those for the 2022 awards. The Key Performance Indicators, and relevant weights are largely the same as those of the 2022 awards, with the exception of an additional indicator on customer experience. Targets/thresholds have also been updated for this performance period (as per the Group's strategic plan).

The maximum number of shares that may be issued pursuant to the LTIP until the tenth anniversary of the relevant resolution shall not exceed 5% of the issued ordinary share capital of the Company, as at the date of the resolution (being 22,309,996 ordinary shares of €0.10 each), as adjusted for any issuance or cancellation of shares subsequently to the date of the resolution (excluding any issuances of shares pursuant to the LTIP).

Following the recommendation of the HRRC, the Board of Directors, having examined the performance of the Bank during the period 2022-2024 against the targets set at the beginning of the period, and further to a risk assessment with respect to the liquidity and capital position of the Group, approved the granting of the awards for the said performance period as shown below. The achievement against the targets set was assessed to be at 95%.

The shares granted will vest according to the deferral cycle described below and are subject to malus and claw back conditions as per the applicable regulatory framework and the plan rules.

2025	2026	2027	2028	2029	2030
40%	12%	12%	12%	12%	12%

Short‑Term Incentive Plan

Short-term incentive award refers to a Short-Term Incentive Plan (the 'STIP') first introduced by the Group in 2023. This is an annual incentive which involves variable remuneration in the form of cash, or a combination of cash and shares, to selected employees, and is driven by both delivery of the Group's Strategy, as well as individual performance, in the relevant year. Executive Management are also eligible to be considered for the short-term incentive award.

STIP awards may be granted either in cash or a combination of cash and shares, and may be deferred, in line with applicable regulatory requirements and other remuneration restrictions, provided the Group achieves its pre-defined financial targets.

The performance of the Group and each eligible employee will be evaluated after the end of each respective performance period.

17.2.4 Non-Monetary Incentives

The BOC PCL has in place a Team Incentive scheme which is incentivising employees of the front line (Consumer and SME, Corporate Banking, International Business, Insurance Business) based on predefined KPIs. The awards given are all non-monetary and take the form of Hotel Accommodations or Weekend Trips for the whole team, so as to promote also the team bonding and team collaboration.

17.2.5 Control Functions Pay

Remuneration of staff engaged in control functions (Internal Audit, Risk Management, Compliance and Information Security) must be weighed in favour of fixed remuneration so as to reflect the nature of their responsibilities. Staff engaged in control functions is compensated in accordance with the achievement of the objectives linked to their functions, independent of the performance of the business areas they control.

17.2.6 Pension Fund obligation risk

Pension obligation risk is the risk caused by BOC PCL contractual or other liabilities to or with respect to a pension scheme. It also covers payments BOC PCL may make because of a moral or other obligation. BOC PCL has immaterial exposure to pension schemes and therefore there is no additional capital requirement for pension risk.

17.3 Design and Structure of Remuneration

17.3.1 Non-Executive Directors

The remuneration of non-executive directors is not linked to the profitability of the Group. The remuneration of non-executive directors is related to the responsibilities and time devoted for Board meetings and decisionmaking for the governance of the Group, and for their participation in the committees of the Board and the boards of Group subsidiary companies. The shareholders' AGM held on 20 May 2022 approved an increase in the annual remuneration of the Chairperson of the Board and the remuneration of the Non-Executive members. The annual remuneration of the Board has remained at the same levels for both years 2023 and 2024.

Non-Executive Directors are not eligible for variable remuneration or participation to a share option scheme.

17.3.2 Executive Directors

Remuneration Policy

The HRRC, jointly with the NCGC, is responsible to review and recommend for approval to the Board the remuneration packages of Executive Directors vis-à-vis their performance. In line with the UK Code the following factors are also considered: clarity, simplicity, risk, predictability and proportionality and finally alignment to culture. Both the CEO and the Executive Director Finance are employees of BOC PCL.

Contracts of Employment

The remuneration (salary and bonus) of executive directors is set out in their employment contracts which can have a maximum duration of five years, unless any of the executive directors is an appointed member of the senior management team, in which case the terms of employment are based on the provisions of the collective agreement in place, except for the CEO.

The Group at present does not grant guaranteed variable remuneration or discretionary pension payments.

17.3.2 Executive Directors (continued)

Service Termination Agreements

The employment contract of Mr. Panicos Nicolaou, CEO, includes a clause for termination, by service of six months' notice to that effect by the executive director on grounds of change of control.

The terms of employment of Ms. Eliza Livadiotou, Executive Director Finance and executive member of the Board, are mainly based on the provisions of the collective agreement in place, which provide for notice or compensation by the BOC PCL based on years of service and for a four-month prior written notice by the executive director, in the event of a voluntary resignation.

Bonus

An amendment to the Director's Remuneration Policy was approved at the 2024 AGM to extend the STIP to include the granting of share awards, subject to the terms and condition of the Short-Term Incentive Plan and any regulatory restrictions. The Revised Remuneration Policy also clarifies that the variable remuneration of Executive Directors is capped at the ratio set out in the Group-wide Remuneration Policy in accordance with the applicable regulatory framework (maximum 100% ratio variable to fixed remuneration approved by the shareholders in May 2024).

The STIP award may be granted either in cash or a combination of cash and shares, and is subject to deferral, in case total variable pay for an individual exceeds a certain threshold, in line with applicable regulatory requirements and other remuneration restrictions and may be partially deferred and released over a period of 5 years. A retention period of 12 months will be applicable to each tranche of vested shares.

For the performance year 2024 a Short-Term Incentive Plan was set up and communicated to employees, in which Executive Directors are eligible to participate, subject to the achievement of certain financial criteria and performance conditions. The assessment for the Executive Directors has been completed and amounts to be granted for the performance year 2024 have been approved by the relevant Board Committees and the Board in February 2025 and are scheduled to be released in 2025.

Retirement Benefit Schemes

The CEO participates in a defined contribution plan largely on the same terms as other employees.

The Executive Director Finance participates in a defined contribution plan on the same basis as other employees.

Share Options

No share options were granted to the executive directors during 2024 or 2023.

Long-term incentive plan

Share Award Notifications have been awarded under a long-term incentive plan to the executive directors during 2022, 2023 and 2024 as described in Section 17.2.3.

Other Benefits

Other benefits provided to the executive directors include other benefits provided to staff (e.g. company car or car allowance, medical fund contributions and life insurance).

17.4 Fees and Emoluments of Members of the Board of Directors and Other Identified Staff

			a	b	c	d
2024		MB Supervisory function	MB Management function	Other senior management	Other identified staff*
		€ 000	€ 000	€ 000	€ 000
1		Number of identified staff	7	2	19	49
2		Total fixed remuneration	942	1,253	3,516	4,554
3		Of which: cash-based	942	1,133	3,058	4,095
EU-4a		Of which: shares or equivalent ownership interests	-	-	-	-
5	Fixed remuneration	Of which: share-linked instruments or equivalent non cash instruments	-	-	-	-
EU-5x		Of which: other instruments	-	-	-	-
7		Of which: other forms**	-	120	458	459
9		Number of identified staff	-	2	19	42
10		Total variable remuneration***	-	1,252	2,761	975
11		Of which: cash-based	-	72	600	975
12		Of which: deferred	-	43	342	-
EU-13a		Of which: shares or equivalent ownership interests	-	1,180	2,161	-
EU-14a		Of which: deferred	-	708	1,296	-
EU-13b	Variable remuneration	Of which: share-linked instruments or equivalent non cash instruments	-	-	-	-
EU-14b		Of which: deferred	-	-	-	-
EU-14x		Of which: other instruments	-	-	-	-
EU-14y		Of which: deferred	-	-	-	-
15		Of which: other forms	-	-	-	-
16		Of which: deferred	-	-	-	-
17 Total remuneration		942	2,505	6,277	5,529

EU REM1 - Remuneration awarded for the financial year

* List of identified staff approved in April 2024

** Amounts above are exclusive of employer's contribution to social security and related funds

*** Variable amounts shown above include (i) severance payments (€400 thousand) which were awarded in 2024 and are not performance related, paid in cash and without deferral and (ii) STIP amounts which are scheduled to be released to the STIP award granted in 2025 in respect of the performance year 2024. STIP amounts for Other Identified Staff will be finalised once the relevant assessments are completed and any applicable approvals have been obtained (iii) LTIP awards that are scheduled to be granted in 2025 in respect of the performance period 2022-2024. Both LTIP and STIP expected to vest in 2025 and the amounts to be deferred in the following years according to the deferral cycle described in section 17.2.3.

17.4 Fees and Emoluments of Members of the Board of Directors and Other Identified Staff (continued)

EU REM1 - Remuneration awarded for the financial year

			a	b	c	d
		2023	MB Supervisory function	MB Management function	Other senior management	Other identified staff*
			€ 000	€ 000	€ 000	€ 000
1		Number of identified staff	10	2	20	23
2		Total fixed remuneration	1,077	1,155	3,321	2,237
3		Of which: cash-based	1,077	1,043	2,890	2,029
EU-4a		Of which: shares or equivalent ownership interests	-	-	-	-
5	Fixed remuneration	Of which: share-linked instruments or equivalent non cash instruments	-	-	-	-
EU-5x		Of which: other instruments	-	-	-	-
7		Of which: other forms**	-	112	431	208
9		Number of identified staff	-	2	19	23
10		Total variable remuneration***	-	400	800	230
11		Of which: cash-based	-	200	750	230
12		Of which: deferred	-	120	30	-
EU-13a		Of which: shares or equivalent ownership interests	-	200	50	-
EU-14a		Of which: deferred	-	120	30	-
EU-13b	Variable remuneration*	Of which: share-linked instruments or equivalent non cash instruments	-	-	-	-
EU-14b		Of which: deferred	-	-	-	-
EU-14x		Of which: other instruments	-	-	-	-
EU-14y		Of which: deferred	-	-	-	-
15		Of which: other forms	-	-	-	-
16	Of which: deferred		-	-	-	-
17 Total remuneration			1,077	1,555	4,121	2,467

* List of identified staff approved in March 2023

** Amounts above are exclusive of employer's contribution to social security and related funds

*** Variable amounts shown above include (i) severance payments (€200 thousand) which were awarded in 2023 and are not performance related, paid in cash and without deferral and (ii) STIP amounts which are scheduled to be released to the STIP award granted in 2024 in respect of the performance year 2023. STIP amounts for Other Identified Staff will be finalised once the relevant assessments are completed and any applicable approvals have been obtained.

No share awards have vested during 2023, as the awards are subject to a three-year performance period (2022-2024 & 2023-2025) (with all performance conditions being non-market performance conditions) and will be reported in the year of vesting.

17.4 Fees and Emoluments of Members of the Board of Directors and Other Identified Staff (continued)

The ''Other senior management'' emoluments include the remuneration of the members of the senior management namely:

All Divisional Directors that report to the CEO, Deputy CEO & Chief of Business or an Executive Director (EXCO)-incl. Chief Legal Officer & Company Secretary
General Managers of major subsidiaries (EuroLife Ltd and GIC) and
Divisional Directors that report to Board Committees.

Other identified staff does not form part of other senior management.

EU REM2 - Special payments to staff whose professional activities have a material impact on institutions' risk profile (identified staff)

		a	b	c	d
2024		MB Supervisory function	MB Management function	Other senior management	Other identified staff
		€ 000	€ 000	€ 000	€ 000
	Guaranteed variable remuneration awards
1	Guaranteed variable remuneration awards - Number of identified staff	-	-	-	-
2	Guaranteed variable remuneration awards -Total amount	-	-	-	-
3	Of which guaranteed variable remuneration awards paid during the financial year, that are not taken into account in the bonus cap	-	-	-	-
	Severance payments awarded in previous periods, that have been paid out during the financial year
4	Severance payments awarded in previous periods, that have been paid out during the financial year - Number of identified staff	-	-	-	-
5	Severance payments awarded in previous periods, that have been paid out during the financial year - Total amount	-	-	-	-
	Severance payments awarded during the financial year
6	Severance payments awarded during the financial year - Number of identified staff	-	-	-	2
7	Severance payments awarded during the financial year - Total amount	-	-	-	400
8	Of which paid during the financial year	-	-	-	400
9	Of which deferred	-	-	-	-
10	Of which severance payments paid during the financial year, that are not taken into account in the bonus cap	-	-	-	400
11	Of which highest payment that has been awarded to a single person	-	-	-	200

17.4 Fees and Emoluments of Members of the Board of Directors and Other Identified Staff (continued)

EU REM2 - Special payments to staff whose professional activities have a material impact on institutions' risk profile (identified staff)

		a	b	c	d
	2023	MB Supervisory	MB Management	Other senior management	Other identified
		function	function		staff
		€ 000	€ 000	€ 000	€ 000
	Guaranteed variable remuneration awards
1	Guaranteed variable remuneration awards - Number of identified staff	-	-	-	-
2	Guaranteed variable remuneration awards -Total amount	-	-	-	-
3	Of which guaranteed variable remuneration awards paid during the financial year, that are not taken into account in the bonus cap	-	-	-	-
	Severance payments awarded in previous periods, that have been paid out during the financial year
4	Severance payments awarded in previous periods, that have been paid out during the financial year - Number of identified staff	-	-	-	-
5	Severance payments awarded in previous periods, that have been paid out during the financial year - Total amount	-	-	-	-
	Severance payments awarded during the financial year
6	Severance payments awarded during the financial year - Number of identified staff	-	-	1	-
7	Severance payments awarded during the financial year - Total amount1	-	-	200	-
8	Of which paid during the financial year	-	-	200	-
9	Of which deferred	-	-	-	-
10	Of which severance payments paid during the financial year, that are not taken into account in the bonus cap	-	-	200	-
11	Of which highest payment that has been awarded to a single person	-	-	200	-

No guaranteed variable remuneration was granted, and no severance payments awarded in previous periods have been paid out during 2024 and 2023. There were severance payments awarded during the financial year 2024 and 2023 (full amount paid), that relate to the Voluntary Exit Plan (not performance related).

There was no outstanding deferred remuneration as at 31 December 2024 and 2023.

17.4 Fees and Emoluments of Members of the Board of Directors and Other Identified Staff (continued)

Template EU REM4 - Remuneration of 1 million EUR or more per year

One identified staff had total emoluments above €1.5 million for the year 2024 and €1.0 million for the year 2023.

		a
2024	EUR	Identified staff that are high earners as set out in Article 450(i) CRR
1	1,000,000 to below 1,500,000	-
2	1,500,000 to below 2,000,000	1
3	2,000,000 to below 2,500,000	-
4	2,500,000 to below 3,000,000	-
5	3,000,000 to below 3,500,000	-
6	3,500,000 to below 4,000,000	-
7	4,000,000 to below 4,500,000	-
8	4,500,000 to below 5,000,000	-
9	5,000,000 to below 6,000,000	-
10	6,000,000 to below 7,000,000	-
11	7,000,000 to below 8,000,000	-

		a
2023	EUR	Identified staff that are high earners as set out in Article 450(i) CRR
1	1,000,000 to below 1,500,000	1
2	1,500,000 to below 2,000,000	-
3	2,000,000 to below 2,500,000	-
4	2,500,000 to below 3,000,000	-
5	3,000,000 to below 3,500,000	-
6	3,500,000 to below 4,000,000	-
7	4,000,000 to below 4,500,000	-
8	4,500,000 to below 5,000,000	-
9	5,000,000 to below 6,000,000	-
10	6,000,000 to below 7,000,000	-
11	7,000,000 to below 8,000,000	-

17.4 Fees and Emoluments of Members of the Board of Directors and Other Identified Staff (continued)

17.4	Fees and Emoluments of Members of the Board of Directors and Other Identified Staff (continued)
EU REM5 - Information on remuneration of staff whose professional activities have a material impact on institutions' risk profile (identified staff)
		a	b	c	d	e	f	g	h	i	j
2024		Ma na ge me	nt body re mune	ra tion	Busine ss a re a s
		MB Supe rvisory func tion	MB Ma na ge me nt func tion	Tota l MB	Inve stme nt ba nking	Re ta il ba nking	Asse t ma na ge me nt	Corpora te func tions	Inde pe nde nt inte rna l c ontrol func tions	All othe r	Tota l
1	1 Tota l numbe r of ide ntifie d sta ff										7 7
2	O f which: m embers o f the MB	7	2	9
3	O f which: other senior m anagem ent				1	3	1	7	4	3
4	O f which: other identified sta ff				2	11	-	10	17	9
5	Tota l re mune ra tion of ide ntifie d ff 2,3 sta (€ 000)	942	2,505	3,447	545	2,434	330	3,862	3,016	1,619
6	O f which: variable remuneration (€ 000)	-	1,252	1,252	144	783	147	1,429	855	378
7	O f which: fixed remuneration (€ 000)	942	1,253	2,195	401	1,651	183	2,433	2,161	1,241

List of identified staff approved in April 2024.
Amounts above are exclusive of employer's contribution to social security and related funds.
Variable amounts shown above include (i) severance payments (€400 thousand) which were awarded in 2024 and are not performance related, paid in cash and without deferral and (ii) STIP amounts which are scheduled to be released to the STIP award granted in 2025 in respect of the performance year 2024. STIP amounts for Other Identified Staff will be finalised once the relevant assessments are completed and any applicable approvals have been obtained and iii) LTIP awards that are scheduled to be granted in 2025 in respect of the performance period 2022-2024. Both LTIP and STIP include amounts expected to vest in 2025 and amounts to be deferred in the following years according to the deferral cycle described in section 17.2.3.

17.4 Fees and Emoluments of Members of the Board of Directors and Other Identified Staff (continued)

17.4	Fees and Emoluments of Members of the Board of Directors and Other Identified Staff (continued)
EU REM5 - Information on remuneration of staff whose professional activities have a material impact on institutions' risk profile (identified staff)
		a	b	c	d	e	f	g	h	i	j
		Ma na ge me	nt body re mune	ra tion	Busine ss a re a s
2023		MB Supe rvisory func tion	MB Ma na ge me nt func tion	Tota l MB	Inve stme nt ba nking	Re ta il ba nking	Asse t ma na ge me nt	Corpora te func tions	Inde pe nde nt inte rna l c ontrol func tions	All othe r	Tota l
1	1 Tota l numbe r of ide ntifie d sta ff										5 5
2	O f which: m embers o f the MB	10	2	12
3	O f which: other senior m anagem ent				1	3	1	7	4	4
4	O f which: other identified sta ff				2	-	-	8	6	7
5	Tota l re mune ra tion of ide ntifie d ff 2,3 sta (€ 000)	1,077	1,555	2,632	411	566	203	2,514	1,383	1,511
6	O f which: variable remuneration (€ 000)	-	400	400	46	77	26	373	187	321
7	O f which: fixed remuneration (€ 000)	1,077	1,155	2,232	365	489	177	2,141	1,196	1,190

List of identified staff approved in March 2023.
Amounts above are exclusive of employer's contribution to social security and related funds.
Variable amounts shown above include (i) severance payments (€200 thousand) which were awarded in 2023 and are not performance related, paid in cash and without deferral and (ii) STIP amounts which were granted in 2024 in respect of the performance year 2023. STIP amounts for Other Identified Staff will be finalised once the relevant assessments are completed and any applicable approvals have been obtained.

17.4 Fees and Emoluments of Members of the Board of Directors and Other Identified Staff (continued)

The fees of the non-executive directors include fees as members of the Board of the Company and its subsidiaries, as well as of committees of the Board. They include the fees and benefits for the period that they serve as members of the Board. There is no other remuneration other than what is disclosed in this note.

Information regarding the remuneration of Members of the Board of Directors

2024	Remuneration for services *	Remuneration for participation in the Board of Directors and its Committees*	Total remuneration for services	Remuneration and benefits from other Group companies	Assessment of the value of benefits that are considered to form remuneration**	Annual contribution to retirement benefits	Total Fixed Remuneration	Remuneration in the form of Shared-based payment (LTIP)***	Remuneration in the form of profit and/or bonus distribution - (STIP)***	Total Variable remuneration	Total Remuneration
	€ 000	€ 000	€ 000	€ 000	€ 000	€ 000	€ 000	€ 000	€ 000	€ 000	€ 000
Executive Directors
Panicos Nicolaou (Chief Executive Officer)	808	-	808	-	11	73	892	891	-	891	1,783
Eliza Livadiotou (Executive Director Finance)	325	-	325	-	7	29	361	289	72	361	722
Non-Executive Directors
Efstratios-Georgios Arapoglou	-	261	261	-	-	-	261	-	-	-	261
Lyn Grobler	-	165	165	-	-	-	165	-	-	-	165
Monique Hemerijck	-	152	152	-	-	-	152	-	-	-	152
Adrian John Lewis	-	159	159	-	-	-	159	-	-	-	159
Constantine Iordanou (passed away on 16 June 2024)	-	81	81	-	-	-	81	-	-	-	81
Christian Philipp Hansmeyer (appointment was approved by the ECB on 29 April 2024 and at the AGM on 17 May 2024)	-	62	62	-	-	-	62	-	-	-	62
William Stuart Birrell (appointment was approved by the ECB on 29 April 2024 and at the AGM on 17 May 2024)	-	62	62	-	-	-	62	-	-	-	62
	1,133	942	2,075	-	18	102	2,195	1,180	72	1,252	3,447

* Exclusive of employer's contributions to social security and related funds

** Benefits include taxable amount for Benefit in kind – car, medical

*** Refers to amounts that were awarded for the reporting period in respect of the performance period 2024 for the STIP and of the performance period 2022 – 2024 for the LTIP (2022 LTIP cycle awarded) and include both amounts expected to vest in 2025 and amounts to be deferred in following years.

17.4 Fees and Emoluments of Members of the Board of Directors and Other Identified Staff (continued)

Information regarding the remuneration of Members of the Board of Directors

2023	Remuneration for services *	Remuneration for participation in the Board of Directors and its Committees*	Total remuneration for services	Remuneration and benefits from other Group companies	Assessment of the value of benefits that are considered to form remuneration**	Annual contribution to retirement benefits	Total Fixed Remuneration	Remuneration in the form of Shared-based payment (LTIP)***	Remuneration in the form of Bonus payment (STIP)****	Total Variable remuneration	Total Remuneration
	€ 000	€ 000	€ 000	€ 000	€ 000	€ 000	€ 000	€ 000	€ 000	€ 000	€ 000
Executive Directors
Panicos Nicolaou (Chief Executive Officer)	750	-	750	-	11	68	829	-	300	300	1,129
Eliza Livadiotou (Executive Director Finance)	293	-	293	-	7	26	326	-	100	100	426
Non-Executive Directors
Efstratios-Georgios Arapoglou	-	250	250	-	-	-	250	-	-	-	250
Arne Berggren (resigned on 31 March 2023)	-	30	30	-	-	-	30	-	-	-	30
Lyn Grobler	-	155	155	-	-	-	155	-	-	-	155
Ioannis Zographakis (resigned on 31 December 2023)	-	113	113	-	-	-	113	-	-	-	113
Paula Hadjisotiriou (resigned on 31 December 2023)	-	141	141	-	-	-	141	-	-	-	141
Maria Philippou (resigned on 13 October 2023)	-	77	77	-	-	-	77	-	-	-	77
Nicolaos Sofianos (resigned on 11 December 2023)	-	117	117	-	-	-	117	-	-	-	117
Constantine Iordanou	-	148	148	-	-	-	148	-	-	-	148
Monique Hemerijck (appointed on 10 August 2023, following ECB approval)	-	38	38	-	-	-	38	-	-	-	38
Adrian John Lewis (appointed on 17 November 2023, following ECB approval)	-	8	8	-	-	-	8	-	-	-	8
	1,043	1,077	2,120	-	18	94	2,232	-	400	400	2,632

* Exclusive of employer's contributions to social security and related funds

** Benefits include taxable amount for Benefit in kind – car

*** Refers to amounts under LTIP cycles for which the performance period ended during the reporting period. No LTIP cycles had a performance period ended in 2023, therefore, no amounts are reported.

**** The STIP amounts shown above are the full amounts scheduled to be released to the STIP award approved in 2024 in respect of the performance year 2023 and includes both amounts expected to vest in 2024 and amounts to be deferred in following years. Subject to the approval of a revised remuneration policy at the 2024 AGM, the STIP award will be partially deferred and released over a period of 5 years.

17.5 Additional Information

Every year, the HRRC proposes to the Board, the Annual Remuneration Policy Report which forms part of the Annual Corporate Governance Report of the Group. The Remuneration Policy Report is submitted to the shareholders' AGM for approval.

18. Leverage

The leverage ratio is calculated by dividing the Tier 1 capital with total leverage exposure measure. It is expressed as a percentage and it is reported on a transitional basis.

To avoid excessive leverage the Group's Leverage Ratio (RPI) is monitored on a quarterly basis. Its level is measured against a defined early warning and an in-breach threshold. The early warning threshold is high enough to allow adequate time to evaluate the position and trend. In the case of an in-breach threshold violation, the violation is escalated to the Executive Committee and subsequently to Board's Risk Committee if needed and a discussion can take place about whether any of the recovery plan provisions need to be considered/executed.

As at 31 December 2024, the leverage ratio of the Group was 8.75% (31 December 2023: 7.65%). This ratio is well above the regulatory 3% threshold under the CRR II that came into force on 28 June 2021. The increase in the leverage ratio is due to the decrease of total exposure measure as a result of the main drivers described in Section 11 and due to the increase of Tier 1 capital as a result of the key drivers described in Section 14.

Sections 18.1 to 18.3 below provide analyses on the leverage ratio components.

18.1 Summary Reconciliation of Accounting Assets and Leverage Ratio Exposures

The table presents the regulatory adjustments applied to the total assets as per published financial statements to arrive at the total leverage measure used in the calculation of the leverage ratio in line with Part 7 of the CRR.

EU LR1 - LRSum: Summary reconciliation of accounting assets and leverage ratio exposures

		a	b
		31 December 2024	31 December 2023
		€ million	€ million
1	Total assets as per published financial statements	26,484	26,629
2	Adjustment for entities which are consolidated for accounting purposes but are outside the scope of prudential consolidation	(1,011)	(869)
3	(Adjustment for securitised exposures that meet the operational requirements for the recognition of risk transference)	-	-
4	(Adjustment for temporary exemption of exposures to central banks (if applicable))	-	-
5	(Adjustment for fiduciary assets recognised on the balance sheet pursuant to the applicable accounting framework but excluded from the total exposure measure in accordance with point (i) of Article 429a(1) CRR)	-	-
6	Adjustment for regular-way purchases and sales of financial assets subject to trade date accounting	-	-
7	Adjustment for eligible cash pooling transactions	-	-
8	Adjustments for derivative financial instruments	10	4
9	Adjustment for securities financing transactions (SFTs)	2	3
10	Adjustment for off-balance sheet items (ie conversion to credit equivalent amounts of off-balance sheet exposures)	839	794
11	(Adjustment for prudent valuation adjustments and specific and general provisions which have reduced Tier 1 capital)	-	-
EU-11a	(Adjustment for exposures excluded from the total exposure measure in accordance with point (c ) of Article 429a(1) CRR)	-	-
EU-11b	(Adjustment for exposures excluded from the total exposure measure in accordance with point (j) of Article 429a(1) CRR)	-	-
12	Other adjustments	(104)	(172)
13	Total exposure measure	26,220	26,389

18.2 Leverage Ratio Common Disclosure

The table provides information on the components of the leverage exposure measure, Tier 1 Capital and minimum leverage ratios.

EU LR2 - LRCom: Leverage ratio common disclosure

		CRR leverage ratio exposures
		a	b
		31 December 2024	31 December 2023
	On-balance sheet exposures (excluding derivatives and SFTs)	€ million	€ million
1	On-balance sheet items (excluding derivatives, SFTs, but including collateral)	24,312	25,179
2	Gross-up for derivatives collateral provided where deducted from the balance sheet assets pursuant to the applicable accounting framework	-	-
3	(Deductions of receivables assets for cash variation margin provided in derivatives transactions)	-	-
4	(Adjustment for securities received under securities financing transactions that are recognised as an asset)	-	-
5	(General credit risk adjustments to on-balance sheet items)	-	-
6	(Asset amounts deducted in determining Tier 1 capital)	(48)	(46)
7	Total on-balance sheet exposures (excluding derivatives and SFTs)	24,264	25,133
	Derivative exposures
8	Replacement cost associated with SA-CCR derivatives transactions (ie net of eligible cash variation margin)	72	31
EU-8a	Derogation for derivatives: replacement costs contribution under the simplified standardised approach	-	-
9	Add-on amounts for potential future exposure associated with SA CCR derivatives transactions	33	24
EU-9a	Derogation for derivatives: Potential future exposure contribution under the simplified standardised approach	-	-
EU-9b	Exposure determined under Original Exposure Method	-	-
10	(Exempted CCP leg of client-cleared trade exposures) (SA-CCR)	-	-
EU-10a	(Exempted CCP leg of client-cleared trade exposures) (simplified standardised approach)	-	-
EU-10b	(Exempted CCP leg of client-cleared trade exposures) (original Exposure Method)	-	-
11	Adjusted effective notional amount of written credit derivatives	-	-
12	(Adjusted effective notional offsets and add-on deductions for written credit derivatives)	-	-
13	Total derivatives exposures	105	55

18.2 Leverage Ratio Common Disclosure (continued)

EU LR2 - LRCom: Leverage ratio common disclosure

		CRR leverage ratio exposures
		a	b
		31 December 2024	31 December 2023
	Securities financing transaction (SFT) exposures	€ million	€ million
14	Gross SFT assets (with no recognition of netting), after adjustment for sales accounting transactions	1,010	403
15	(Netted amounts of cash payables and cash receivables of gross SFT assets)	-	-
16	Counterparty credit risk exposure for SFT assets	3	3
EU-16a	Derogation for SFTs: Counterparty credit risk exposure in accordance with Articles 429e(5) and 222 CRR	-	-
17	Agent transaction exposures	-	-
EU-17a	(Exempted CCP leg of client-cleared SFT exposure)	-	-
18	Total securities financing transaction exposures	1,013	406
	Other off-balance sheet exposures
19	Off-balance sheet exposures at gross notional amount	2,758	2,689
20	(Adjustments for conversion to credit equivalent amounts)	(1,919)	(1,895)
21	(General provisions deducted in determining Tier 1 capital and specific provisions associated with off-balance sheet exposures)	-	-
22	Off-balance sheet exposures	839	794

Pillar 3 Disclosures 2024

18.2 Leverage Ratio Common Disclosure (continued)

EU LR2 - LRCom: Leverage ratio common disclosure

		CRR leverage ratio exposures
		a	b
		31 December 2024	31 December 2023
	Excluded exposures	€ million	€ million
EU-22a	(Exposures excluded from the total exposure measure in accordance with point (c ) of Article 429a(1) CRR)	-	-
EU-22b	(Exposures exempted in accordance with point (j) of Article 429a (1) CRR (on and off balance sheet))	-	-
EU-22c	(Excluded exposures of public development banks (or units) - Public sector investments)	-	-
EU-22d	(Excluded exposures of public development banks (or units) - Promotional loans): - Promotional loans granted by a public development credit institution - Promotional loans granted by an entity directly set up by the central government, regional governments or local authorities of a Member State - Promotional loans granted by an entity set up by the central government, regional governments or local authorities of a Member State through an intermediate credit institution)	-	-
EU-22e	( Excluded passing-through promotional loan exposures by non-public development banks (or units)): - Promotional loans granted by a public development credit institution - Promotional loans granted by an entity directly set up by the central government, regional governments or local authorities of a Member State - Promotional loans granted by an entity set up by the central government, regional governments or local authorities of a Member State through an intermediate credit institution)	-	-
EU-22f	(Excluded guaranteed parts of exposures arising from export credits )	-	-
EU-22g	(Excluded excess collateral deposited at triparty agents )	-	-
EU-22h	(Excluded CSD related services of CSD/institutions in accordance with point (o) of Article 429a(1) CRR)	-	-
EU-22i	(Excluded CSD related services of designated institutions in accordance with point (p) of Article 429a(1) CRR)	-	-
EU-22j	(Reduction of the exposure value of pre-financing or intermediate loans )	-	-
EU-22k	(Total exempted exposures)	-	-
	Capital and total exposure measure
23	Tier 1 capital	2,295	2,018
24	Total exposure measure	26,220	26,389

18.2 Leverage Ratio Common Disclosure (continued)

EU LR2 - LRCom: Leverage ratio common disclosure

		CRR leverage ratio exposures
		a	b
		31 December 2024	31 December 2023
	Leverage ratio	€ million	€ million
25	Leverage ratio	8.75%	7.65%
EU-25	Leverage ratio excluding the impact of the exemption of public sector investments and promotional loans) (%)	8.75%	7.65%
25a	Leverage ratio (excluding the impact of any applicable temporary exemption of central bank reserves)	8.75%	7.65%
26	Regulatory minimum leverage ratio requirement (%)	3.00%	3.00%
EU-26a	Additional own funds requirements to address the risk of excessive leverage (%)	0.00%	0.00%
EU-26b	of which: to be made up of CET1 capital (percentage points)	0.00%	0.00%
27	Leverage ratio buffer requirement (%)	0.00%	0.00%
EU-27a	Overall leverage ratio requirement (%)	3.00%	3.00%
	Choice on transitional arrangements and relevant exposures
EU-27b	Choice on transitional arrangements for the definition of the capital measure	Transitional	Transitional
	Disclosure of mean values
28	Mean value of gross SFT assets, after adjustment for sale accounting transactions and netted of amounts of associated cash payables and cash receivables	1,011	306
29	Quarter-end value of gross SFT assets, after adjustment for sale accounting transactions and netted of amounts of associated cash payables and cash receivables	1,010	403
30	Total exposure measure (including the impact of any applicable temporary exemption of central bank reserves) incorporating mean values from row 28 of gross SFT assets (after adjustment for sale accounting transactions and netted of amounts of associated cash payables and cash receivables)	26,221	26,291
30a	Total exposure measure (excluding the impact of any applicable temporary exemption of central bank reserves) incorporating mean values from row 28 of gross SFT assets (after adjustment for sale accounting transactions and netted of amounts of associated cash payables and cash receivables)	26,221	26,291
31	Leverage ratio (including the impact of any applicable temporary exemption of central bank reserves) incorporating mean values from row 28 of gross SFT assets (after adjustment for sale accounting transactions and netted of amounts of associated cash payables and cash receivables)	8.75%	7.68%
31a	Leverage ratio (excluding the impact of any applicable temporary exemption of central bank reserves) incorporating mean values from row 28 of gross SFT assets (after adjustment for sale accounting transactions and netted of amounts of associated cash payables and cash receivables)	8.75%	7.68%

Rows 6 and 23 are reported on a transitional basis.

The leverage ratio has increased due to decrease in total exposure measure driven by the factors described in Section 11 and due to the increase in Tier 1 capital driven by factors described in Section 5.1.

18.3 Split-Up of on-Balance Sheet Exposures (excluding derivatives and SFTs)

The table analyses the on-balance sheet exposures which form part of the leverage exposure measure by Credit Risk exposure classes under the Standardised Approach in calculating RWA.

EU LR3 - LRSpl: Split-up of on balance sheet exposures (excluding derivatives, SFTs and exempted exposures)

		a	b
		CRR
			Leverage ratio exposures
		31 December 2024	31 December 2023
		€ million	€ million
EU-1	Total on-balance sheet exposures (excluding derivatives, SFTs, and exempted exposures), of which:	24,312	25,179
EU-2	Trading book exposures	-	-
EU-3	Banking book exposures, of which:	24,312	25,179
EU-4	Covered bonds	432	287
EU-5	Exposures treated as sovereigns	10,865	12,339
EU-6	Exposures to regional governments, MDB, international organisations and PSE not treated as sovereigns	17	20
EU-7	Institutions	1,208	928
EU-8	Secured by mortgages of immovable properties	3,978	3,852
EU-9	Retail exposures	1,753	1,673
EU-10	Corporates	3,824	3,584
EU-11	Exposures in default	121	197
EU-12	Other exposures (eg equity, securitisations, and other non credit obligation assets)	2,114	2,299

There is a decrease in banking book exposures for which Section 11 provides information on movements between the various exposures' classes.

19. Liquidity Requirements

Minimum Regulatory Liquidity Requirements

EU limit requirement

The Group LCR is calculated monthly by MLR and sent to CBC/ECB 15 days after the month end.

During 2024, a decrease in HQLAs was observed, mainly due to the repayment of the TLTRO of €2 billion, netted by the increase in deposits of c.€1,182 million and the issuance of €300 million Green Senior Preferred Notes.

The Group LCR was as follows as at 31 December 2024 and 2023:

Group LCR	2024 %	2023 %
31 December	309	359
Average Ratio1	324	330
Highest ratio	375	359
Lowest ratio	304	302

[1] Average ratio represents the average of the end of month ratios for the whole year.

The LCR of the Group amounted to 309% as at 31 December 2024 (31 December 2023: 359%).

The LCR is designed to promote short-term resilience of a Bank's liquidity risk profile by ensuring that it has sufficient high-quality liquid resources to survive an acute stress scenario lasting for 30 days.

The table below shows a quantitative analysis of LCR which complements Article 435(1) (f) of Regulation No 575/2013.

As per Article 30 (1), (2) and (3) of Commission Delegated Regulation (EU) 2015/61, potential outflows due to derivative and financing transactions are calculated based on:

a) Credit deterioration of the bank's credit quality. During the actual acute stress period experienced in 2013, additional independent amounts had to be placed by the Bank (reflecting the increased credit risk of the bank as perceived by counterparties). The potential outflow takes into account the percentage increase of independent amounts experienced in 2013 as well as the current outstanding derivatives in terms of notional, the type of derivative and the currency pair in the case of FX swaps.
b) Adverse market movements affecting the mark to market.

The potential negative impact on the mark to market of derivatives and the underlying collateral of repos is calculated in the case of adverse market movements. The methodology followed is based on the Historical Look Back Approach for market valuation changes as per Commission Delegated Regulation (EU) 2017/208.

With regards to the currency mismatch, it is noted that for US Dollars, the ratio presents a gap when comparing the buffer with its net outflows. The Bank maintains large amounts of customer deposits in USD (included in LCR outflows). The proceeds received are invested in either USD MM placements (which form part of the LCR inflows and not the liquidity buffer) or are converted to Euro through the use of short-term FX Swaps which are very liquid instruments. Some amounts are invested in USD liquid assets in the form of bonds. Thus, although a gap exists, the Bank is in a position to cover any USD requirements either through the cash invested in USD MM placements or by terminating or not renewing the EUR/USD FX Swaps.

The Group also monitors its position against NSFR. The NSFR has been developed to promote a sustainable maturity structure of assets and liabilities. At 31 December 2024 the Group's NSFR stood at 162% (compared to 159% at 31 December 2023).

19. Liquidity Requirements (continued)

EU LIQ1 - Quantitative information of LCR

Scope of consolidation: C o nso lidated		a	b	c	d	e	f	g	h
		T	o tal unweighted value (average)				T o tal weighted value (average)
							31 December 2024 30 September 2024 30 June 2024 31 March 2024 31 December 2024 30 September 2024 30 June 2024 31 March 2024
Quarter ending on:		€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n	€ millio n
Number of data points used in the calculation of averages		12	12	12	12	12	12	12	12
H IGH -QUA LIT Y LIQUID A SSET S
1	Total high-quality liquid assets (HQLA)					11,485	11,670	11,764	11,767
CASH - OUTFLOWS
2	Retail deposits and deposits from small business customers, of which:	12,966	12,889	12,871	12,867	630	621	620	622
3	Stable deposits	6,812	6,780	6,771	6,763	341	339	339	338
4	Less stable deposits	2,336	2,289	2,288	2,314	289	282	281	284
5	Unsecured wholesale funding	5,645	5,532	5,474	5,428	2,826	2,776	2,752	2,732
6	Operational deposits (all counterparties) and deposits in networks of cooperative banks	-	-	-		- -	-	-
7	Non-operational deposits (all counterparties)	5,638	5,527	5,468	5,425	2,820	2,771	2,747	2,729
8	Unsecured debt	7		6 6		3 7		6 6	3
9	Secured wholesale funding					-	-	-
10	Additional requirements	397	395	400	403	156	146	139	137
11	Outflows related to derivative exposures and other collateral requirements	100	102	104	107	100	102	104	107
12	Outflows related to loss of funding on debt products	-	-	-		- -	-	-
13	Credit and liquidity facilities	298	293	296	296	57	44	35	30
14	Other contractual funding obligations	190	181	167	162	190	181	167	162
15	Other contingent funding obligations	2,427	2,390	2,375	2,379	210	208	209	210
16	TOTAL CASH OUTFLOWS					4,012	3,932	3,886	3,863
CASH - INFLOWS
17	Secured lending (e.g. reverse repos)	-	-	-		- -	-	-
18	Inflows from fully performing exposures	317	320	334	319	229	234	249	237
19	Other cash inflows	956	950	947	911	229	225	222	188
EU-19a	(Difference between total weighted inflows and total weighted outflows arising from transactions in third countries where there are transfer restrictions or which are denominated in non-convertible currencies)					-	-	-
EU-19b	(Excess inflows from a related specialised credit institution)					-	-	-
20	TOTAL CASH INFLOWS	1,273	1,270	1,281	1,230	458	459	470	424
EU-20a	Fully exempt inflows	-	-	-		- -	-	-
EU-20b	Inflows Subject to 90% Cap	-	-	-		- -	-	-
EU-20c	Inflows Subject to 75% Cap	1,273	1,270	1,281	1,230	458	459	470	424
T O T A L A D JU ST E D V A LU E
21	LIQUIDITY BUFFER					11,485	11,670	11,764	11,767
22	TOTAL NET CASH OUTFLOWS					3,554	3,473	3,416	3,439
	LCR (%)					324%	337%	345%	343%

19. Liquidity Requirements (continued)

	31 December 2024		Unweighted value by residual maturity
				maturity < 6 months 6 months to < 1yr	≥ 1yr	Weighted value
		€ million	€ million	€ million	€ million	€ million
	Available stable funding (ASF) Items
1	Capital items and instruments	2,295	-	-	307	2,603
2	Own funds	2,295	-	-	307	2,603
3	Other capital instruments		-	-	-	-
4	Retail deposits		11,774	890	697	12,553
5	Stable deposits		8,477	677	515	9,211
6	Less stable deposits		3,298	213	182	3,342
7	Wholesale funding:		6,640	138	1,013	3,727
8	Operational deposits		-	-	-	-
9	Other wholesale funding		6,640	138	1,013	3,727
10	Interdependent liabilities		-	-	-	-
11	Other liabilities:	24	425	-	1,012	1,012
12	NSFR derivative liabilities	24
13	All other liabilities and capital instruments not included in the above categories		425	-	1,012	1,012
14	Total available stable funding (ASF)					19,894

19. Liquidity Requirements (continued)

31 December 2024		Unweighted value by residual maturity				Weighted value
		No		maturity < 6 months 6 months to < 1yr	≥ 1yr
		€ million	€ million	€ million	€ million	€ million
	Required stable funding (RSF) Items
15	Total high-quality liquid assets (HQLA)					144
	EU-15a Assets encumbered for a residual maturity of one year or more in a cover pool		-	-	-	-
16	Deposits held at other financial institutions for operational purposes		50	-	-	25
17	Performing loans and securities:		1,391	492	9,512	9,492
18	Performing securities financing transactions with financial customers collateralised by Level 1 HQLA subject to 0% haircut		-	-	933	933
19	Performing securities financing transactions with financial customer collateralised by other assets and loans and advances to financial institutions		729	13	339	418
20	Performing loans to non- financial corporate clients, loans to retail and small business customers, and loans to sovereigns, and PSEs, of which:		447	330	4,775	4,564
21	With a risk weight of less than or equal to 35% under the Basel II Standardised Approach for credit risk		-	-	-	-
22	Performing residential mortgages, of which:		155	93	2,986	3,090
23	With a risk weight of less than or equal to 35% under the Basel II Standardised Approach for credit risk		143	85	2,775	2,878
24	Other loans and securities that are not in default and do not qualify as HQLA, including exchange traded equities and trade finance on-balance sheet products		60	55	480	487
25	Interdependent assets		-	-	-	-
26	Other assets:		1,056	4	1,859	2,465
27	Physical traded commodities		-	-	-	-
28	Assets posted as initial margin for derivative contracts and contributions to default funds of CCPs		-	-	-	-
29	NSFR derivative assets		68	-	-	68
30	NSFR derivative liabilities before deduction of variation margin posted		1	-	-	-
31	All other assets not included in the above categories		987	4	1,859	2,397
32	Off-balance sheet items		1,908	201	618	132
33	Total RSF					12,258
34	Net Stable Funding Ratio (%)					162%

19. Liquidity Requirements (continued)

			Unweighted value by residual maturity
31 December 2023		No		maturity < 6 months 6 months to < 1yr	≥ 1yr	Weighted value
		€ million	€ million	€ million	€ million	€ million
	Available stable funding (ASF) Items
1	Capital items and instruments	1,927	-	-	300	2,227
2	Own funds	1,927	-	-	300	2,227
3	Other capital instruments		-	-	-	-
4	Retail deposits		11,143	975	837	12,194
5	Stable deposits		8,251	753	652	9,205
6	Less stable deposits		2,892	223	185	2,989
7	Wholesale funding:		7,964	116	1,017	3,369
8	Operational deposits		-	-	-	-
9	Other wholesale funding		7,964	116	1,017	3,369
10	Interdependent liabilities		-	-	-	-
11	Other liabilities:	38	364	-	740	740
12	NSFR derivative liabilities	38
13	All other liabilities and capital instruments not included in the above categories		364	-	740	740
14 Total available stable funding (ASF)						18,530

19. Liquidity Requirements (continued)

31 December 2023		Unweighted value by residual maturity				Weighted value
		No		maturity < 6 months 6 months to < 1yr	≥ 1yr
		€ million	€ million	€ million	€ million	€ million
	Required stable funding (RSF) Items
15	Total high-quality liquid assets (HQLA)					135
	EU-15a Assets encumbered for a residual maturity of one year or more in a cover pool		-	-	-	-
16	Deposits held at other financial institutions for operational purposes		50	-	-	25
17	Performing loans and securities:		959	434	8,623	8,526
18	Performing securities financing transactions with financial customers collateralised by Level 1 HQLA subject to 0% haircut		-	-	403	403
19	Performing securities financing transactions with financial customer collateralised by other assets and loans and advances to financial institutions		294	33	194	240
20	Performing loans to non- financial corporate clients, loans to retail and small business customers, and loans to sovereigns, and PSEs, of which:		439	257	4,555	4,328
21	With a risk weight of less than or equal to 35% under the Basel II Standardised Approach for credit risk		-	-	-	-
22	Performing residential mortgages, of which:		145	90	2,931	2,924
23	With a risk weight of less than or equal to 35% under the Basel II Standardised Approach for credit risk		134	82	2,687	2,781
24	Other loans and securities that are not in default and do not qualify as HQLA, including exchange traded equities and trade finance on-balance sheet products		81	55	539	534
25	Interdependent assets		-	-	-	-
26	Other assets:		1,715	12	2,142	2,872
27	Physical traded commodities		-	-	-	-
28	Assets posted as initial margin for derivative contracts and contributions to default funds of CCPs		-	-	-	-
29	NSFR derivative assets		79	-	-	79
30	NSFR derivative liabilities before deduction of variation margin posted		14	-	-	1
31	All other assets not included in the above categories		1,082	12	2,142	2,793
32	Off-balance sheet items		1,880	165	630	134
33	Total RSF					11,692
34	Net Stable Funding Ratio (%)					158%

19. Liquidity Requirements (continued)

As at 31 December 2024 and 2023, the Group is in compliance with its regulatory liquidity requirements with respect to the LCR and NSFR.

The Group's Liquidity Risk Policy and limit structure are designed to avoid reaching a crisis point. However, in case a liquidity or a funding crisis arises, the Bank will address it, as analysed in the Liquidity Contingency Plan. A number of internal and regulatory ratios are in place to monitor liquidity.

Current State of Funding and Funding sources

As at 31 December 2024, the Group had available liquids of c. €14.8 billion compared to c.€13 billion at the end of 2023. The increase is primarily due to the increase in customer deposits by c.€1,182 million and the issuance of Green Senior Preferred Notes of €300 million.

As presented in the chart below, as at 31 December 2024 the Group's liabilities as per the Consolidated Balance Sheet in published financial statements were mainly composed of customer deposits amounting to 87% (2023: 80%).

Dec 2024

Dec 2023

19. Liquidity Requirements (continued)

The credit ratings of the Republic of Cyprus by S&P, Moody's and Fitch are at investment grade level as at 31 December 2024. Given this, the Cyprus Government Bonds remain eligible collateral for Euro system monetary operations.

The ECB pool as at 31 December 2024 contained the ACCs and the retained issue of the Bank's covered bond.

Impediments for the prompt transfer of funds between the parent entity and its subsidiaries Following the deleveraging of the Bank and the disposal of all its foreign units, the Group's main operations comprise the BOC banking unit. The rest of the other local units (the insurance companies, JCC and CISCO) are immaterial in size and they manage their liquidity independently.

20. Credit Risk Mitigation Techniques

20.1 Information on Credit Risk Mitigation Techniques

The Group has implemented various methods in order to achieve effective mitigation of credit risk. Some of the most important methods implemented are listed below:

Identifying the activities / sectors of the economy where the Bank is not willing to finance or may finance under strict conditions.
Setting of sanctioning limits for all line/Department Managers and the various Sanctioning/ Approving Authorities of the Bank (including the Credit Committee 3). Automation of the credit scoring process/ sanctioning limit decision, reduces significantly the risk of a credit application being approved by an incorrect approving authority.
Setting of thresholds relating to Loan to Value (LTV) Ratios as well as guidelines for taking collaterals especially mortgages on residential and commercial properties.
Issuing circulars and guidelines concerning the granting of credit which are in line with the regulatory directives.

20.2 Disclosure of the use of credit risk mitigation techniques

On- and off-balance sheet netting

In most jurisdictions in which the Group operates, credit risk exposures can be reduced by applying netting and set-off. Netting is applied on derivative exposures and set-off on customer advances on-balance sheet exposures.

ISDA agreements allow for netting of credit risk exposure to a counterparty resulting from derivative transactions against obligations to the counterparty in the event of default and therefore produce a lower net credit exposure. These agreements may also reduce settlement exposure (e.g. for FX transactions) by allowing payments on the same day in the same currency to be set-off against one another. The Bank has signed variation margin agreements in line with EMIR margining requirements and to this effect the netted positions are calculated on a daily basis and the threshold is set at 0%. Furthermore, CSA which forms part of ISDA, the collateral is passed between the parties in order to mitigate the market contingent counterparty risk inherent in their open positions.

Set-off is being applied through the application of the credit mitigation technique of the CRR "On-Balance sheet netting" under Article 195. It is applied to reciprocal same currency cash balances between the institution and the counterparty, reflecting the right of set-off and it is treated as cash collateral for RWAs purposes. Set off is only applied where all minimum requirements described in Article 205 of the CRR are met and only when the institution has the legal right to set off the credit balances of a customer against their debit balances in the absence of legal pledge of cash collateral. The credit balances used for on-balance sheet netting are of account types "Fixed Deposit" and "Notice Accounts" which are flagged by the system requesting the appropriate senior approval before the release of funds to the customer from these accounts.

On-balance sheet netting is only applied in the calculation of RWAs by way of decreasing the exposure amount to be risk weighted. It recognises the balances of deposit accounts which have been flagged as eligible and for which withdrawal is only allowed after internal approval as at the reference date.

Guarantees and credit derivatives used as credit protection for the purposes of reducing capital requirements The main type of guarantees counterparties recognised as credit risk mitigants in calculating RWA and capital requirements are:

Pillar 3 Disclosures 2024

20.2 Disclosure of the use of credit risk mitigation techniques (continued)

a. Government: Guarantees issued by sovereigns are usually governed by the respective law of the country that issues the guarantee and they should be signed by an authorised representative of the government issuing the guarantee.
b. Bank: They include guarantees issued by local and foreign banks. Bank guarantees are accepted in line with the various Group limits set by the MLR and which are based on each bank's credit worthiness.
c. Qualifying Multilateral Development Banks: Explicit guarantees through government/EU support programs for products that satisfy strict minimum requirements under the support programs.

The Group does not have any credit derivatives.

EU CR3 – CRM techniques overview: Disclosure of the use of credit risk mitigation techniques

31 December 2024	Exposures unsecured – carrying amount	Exposures secured - carrying amount	Of which secured by collateral	Of which secured by financial guarantees	Of which secured by credit derivatives
	€ million	€ million	€ million	€ million	€ million
Total loans and advances to customers1	9,597	9,848	9,769	79	-
Total debt securities	4,192	-	-	-	-
Total exposures	13,789	9,848	9,769	79	-
Of which non-performing exposures	3	104	103	1	-
Of whic h defaulted	3	104

¹Amounts disclosed exclude loans and advances to customers classified as held for sale

31 December 2023	Exposures unsecured – carrying amount	Exposures secured - carrying amount	Of which secured by collateral	Of which secured by financial guarantees	Of which secured by credit derivatives
	€ million	€ million	€ million	€ million	€ million
Total loans and advances to customers	10,939	9,183	9,130	53	-
Total debt securities	3,545	-	-	-	-
Total exposures	14,484	9,183	9,130	53	-
Of which non-performing exposures	9	235	234	1	-
Of whic h defaulted	9	235

The increase in the investment portfolio as at 31 December 2024 is consistent with the strategy of the Group to grow the fixed income portfolio.

Pillar 3 Disclosures 2024

20.3 Main Types of Collateral Accepted

The purpose of collateral is to secure the Bank's claims towards a customer when granting a credit facility and it acts as a credit risk mitigant in the case of customer default.

The Group sets the following criteria for accepting collaterals:

a. They should be sufficient to cover the proposed facility throughout its duration.
b. They should provide capital efficiency and minimum risk.
c. They should be easy to realise in the case of customer default in the current regulatory framework and market availability.

As a principle, the financed asset should be obtained as collateral. The use of alternative property as collateral is acceptable if the following apply: (a) there is a reason for not obtaining the financed property as collateral is recorded and justified in the application (b) an official valuation is performed for both properties and (c) the title deeds of both properties are submitted. When the collateral is in the name of a third party, the personal/corporate guarantee of the third party is usually obtained. When collateral is obtained, the type, size and duration/maturity of the collateral should be taken into consideration in relation to the facility. Collaterals cover facilities as per agreement with the customer and Bank approval.

Collaterals are classified into two categories:

a. Own (belonging to the borrower).
b. Third Party (belonging to third party, not being the borrower).

Collaterals which may be accepted by the Bank to secure credit facilities include, among others, mortgages on immovable property, cash, government, bank, corporate and personal guarantees, assignments of sales contracts, fixed and floating charges on assets, assignment of life/general insurance policies, assignment of receivables and pledge on marketable securities.

20.3.1 Collateral Valuation Policy

It is essential that collaterals offered to the Bank as security are valued at the point of credit origination and also monitored at regular intervals. This ensures that the value of the collateral is still adequate to cover the facilities granted by the Bank and that they can be taken into account for capital adequacy purposes.

20.3.1.1 Mortgages on immovable property (Legal Charge on Property)

Mortgaged property is valued by approved independent valuers based on the standards, policies and procedures set by the Bank's Premises & Valuations Department.

Valuation Values & Other Information

The valuation report presents the following values:

a. Market Value (MV) of the property is based on the assumption that there is a willing buyer / seller within a logical time period and that an arm's length transaction after a logical marketing period can take place, and where the parties involved had each acted knowledgeably, prudently and without compulsion.
b. Forced Sale Value (FSV) of a property is calculated at a percentage lower than the market value to estimate the sale price that would be expected on a quick disposal (if required), i.e. the value expected to be reached through a forced sale.
c. Insurance values: the report includes both the insurance replacement value ("new for old") and insurance current value of the property to be used as guidelines for insurance purposes by the Bank (properties should be adequately and properly insured as per the Bank's guidelines).

Pillar 3 Disclosures 2024

20.3.1.1 Mortgages (Legal Charge on Property) (continued)

d. Environmental, health and safety issues: any serious issues such as physical risks are provided in the valuation report. These should be taken into account, and relevant action taken as per the provisions of the Environmental and Social Policy and related circulars.
e. Any other issues that need to be brought to the attention of the Bank e.g., issues that affect the marketability of the property and an additional haircut may be adopted on the values provided.

Immovable property collateral should be valued, adhering to European and international standards, which include the European Valuation Standards (Blue Book) and the Royal Institute of Chartered Surveyors (RICS) standards (Red Book).

External Valuers/Monitoring & Control of Valuations

The selection of an external valuer is based on specific criteria and is the exclusive responsibility of the Premises and Valuations Department, without customer or any other Bank unit / department involvement or intervention. External valuers must be independent of the credit evaluation, approval and granting process. They must not have any conflict of interest regarding the result of the valuation or any interest in the property.

External valuers should not come into contact with customers regarding the valuation, unless this is absolutely necessary in order to complete the valuation (e.g. for buildings where an internal inspection is required or to collect any documents/information relevant to the valuation).

Valuation Frequency/Monitoring

The number and frequency of valuations is described in detail in the Bank's Valuation Policy and is aligned with the regulatory framework and relevant guidelines. This takes into account factors such as the lending amount, the property value, Loan-to-Value thresholds and date of last available valuation.

For the purpose of monitoring and indexing property values the relevant Property price indices (P.P.I's) issued by the Central Bank are used. Residential properties (including land) are monitored against the residential P.P.I. while commercial properties (including land) against the commercial P.P.I. The monitoring rules of the Bank are aligned with the CRR requirements on the monitoring of immovable property collateral.

APPENDIX I – Biographies of the directors including experience and knowledge

Below bibliography information presents the names and brief biographical details including each director's background, external directorships, and whether these are executive or non-executive, experience and independent status and also presents information on the Non-Executive Directors (NEDs) who suddenly passed in June 2024.

Efstratios-Georgios (Takis) Arapoglou

Group Chairman Independent Non-Executive member

Appointed: June 2019

Committee Membership:

Chair of the of the Nominations & Corporate Governance Committee
Member of the Human Resources and Remuneration Committee

Skills, experience, contribution:

Experienced professional with proven track record in International Capital Markets, Corporate, Commercial & Investment Banking, based in Southeast Europe, the UK and the Middle East.
Managing, restructuring and advising public listed Financial Institutions and corporations, primarily in Southeast Europe and Middle East.
Profoundly focused on proactive culture and corporate governance.

His other senior-level experience includes prior appointment as Managing Director and Global Head of Banks and Securities Industry for Citigroup, Chair of the Board of Directors and CEO of the National Bank of Greece, and CEO of Commercial Banking at EFG-Hermes Holding SAE.

Academic and Professional Qualifications:

BA in Mathematics and Physics, University of Athens, BSc in Naval Architecture and Ocean Engineering, University of Glasgow, MSc in Finance and Management, University of Brunel, London.

External Appointments:

Chair of the Board, Tsakos Energy Navigation (TEN) Ltd
Non- Executive Director, EFG Hermes Holding SAE
Non-Executive Director, Bank al Falah, Pakistan
Non-Executive Director, Benaki Endowment Fund Ltd (non-profit organization)

APPENDIX I – Biographies of the directors including experience and knowledge (continued)

Lyn Grobler

Group Vice-Chair Independent Non-Executive Director

Appointed: February 2017

Committee Membership:

Chair of the Technology Committee
Member of the Nominations & Corporate Governance Committee
Member of the Audit Committee

Skills, experience, contribution:

Proven track record in technology and IT roles.
Extensive experience in digital transformation.
Managed large-scale global technology projects and strategies within banking and trading sectors, in both London and South Africa.

Since 2016 and throughout 2024, Ms Grobler held the position of Group Chief Information Officer at Howden Group Holdings (formerly Hyperion Insurance Group). Her previous senior level experience includes over 16 years with BP p.l.c. in senior leadership roles, including the appointment as Vice-President and Chief Information Officer Corporate Functions, where she led the transformation of both the organization and the digital landscape.

Academic and Professional Qualifications:

National Diploma in Electronic Data Processing, Cape Peninsula University, South Africa, Higher National Diploma in Computer Systems, Durban University, South Africa

External Appointments:

Chair of the Board, Howden Group Services
Non-Executive Director, Titan Cement International SA

APPENDIX I – Biographies of the directors including experience and knowledge (continued)

Adrian Lewis

Senior Independent Director Independent Non-Executive Director

Appointed: November 2023

Committee Membership:

Chair of the Audit Committee
Chair of the Human Resources and Remuneration Committee
Member of the Technology Committee

Skills, experience, contribution:

Extensive background in equity capital markets and investment banking.
Understanding and experience in advising innovative fintechs and other early-stage companies, based in London.

Mr Lewis is currently a managing director of the boutique advisory firm, Namier Capital, supporting and advising innovative startups and early-stage companies. He has previously worked for over 20 years mainly within equity capital markets at UBS Investment Bank, and from 2013 to 2020, he was the EMEA Head of ECM at HSBC.

Academic and Professional Qualifications:

M.A. Hons in Mathematics and Philosophy, University of Oxford, UK

External Appointments:

• Non-Executive Director, Bumblebee Power Limited

APPENDIX I – Biographies of the directors including experience and knowledge (continued)

Monique Eugenie Hemerijck

Independent Non-Executive Director

Appointed: August 2023

Committee Membership:

Chair of the Risk Committee
Member of the Audit Committee
Member of the Technology Committee

Skills, experience, contribution:

Highly experienced in financial and risk management within the Banking and Insurance sectors.
Detailed knowledge of risk management, finance, corporate governance and strategy, balance sheet & capital management and financial/risk reporting & disclosures.
Extensive experience in risk management, in the Netherlands and Portugal.

Ms. Hemerijck has deep risk management expertise spanning over 30 years of work. During a period of 10 years, she held the role of Chief Risk Officer and been a member of the Executive Board of several banking entities within NN Group and ING Group. Prior to that she worked for the Dutch Central Bank, positioned in several departments like Econometric Research, Monetary Policy, Asset Management and Supervision of International Conglomerates.

Academic and Professional Qualifications:

MA in Economics, Tilburg University, the Netherlands

Certificate for CFOs, Advanced International Corporate Finance Program, INSEAD Corporate Governance program - Executive Education, Nyenrode Business University. Post Graduate Diploma for Capital Markets Specialist, De Nederlandsche Bank, KPMG, AIF & INSEAD.

External Appointments:

• Non-Executive Director, Caixa Geral De Depositos

APPENDIX I – Biographies of the directors including experience and knowledge (continued)

Christian Philipp Hansmeyer

Independent Non-Executive Director

Appointed: May 2024

Committee Membership:

Member of the Nominations & Corporate Governance Committee
Member of the Risk Committee

Skills, experience, contribution:

Highly experienced in sustainable financing/investing, ESG, impact investment.
Development and implementation of sustainable investing strategies, including integrating ESG and impact into investing processes and impact tracking, measurement and reporting.
Multi-sector investment origination and execution of growth, capital and control opportunities, with a focus on technology and healthcare opportunities.

Mr Hansmeyer has been the Managing Director, Head of Risk, Legal and Strategy of Greater Pacific Capital LLP, based in London, since 2018. Currently, he is also the Head of Research at F4G Foundation, a non-profit institution. He has previously held the positions of Principal for Greater Pacific Capital Co. Ltd in Shanghai and of Vice President and Associate for Greater Pacific Capital LLP. He has also previously served as an Analyst in investment banking with Goldman Sachs International.

Academic and Professional Qualifications:

MBA, Harvard Business School, USA First State Examination in Law, University of Augsburg, Germany,

External Appointments:

• Non-Executive Director, Revogenex Ltd

APPENDIX I – Biographies of the directors including experience and knowledge (continued)

William Stuart Birrell

Independent Non-Executive Director

Appointed: May 2024

Committee Membership:

Member of the Human Resources and Remunerations Committee
Member of the Risk Committee

Skills, experience, contribution:

Experienced professional with a demonstrated history in the sector of technology, aviation, FMCG, automotive, and sports.
History of successfully merging, separating and transforming leading UK and international businesses.
Strategy and innovation are at the core, having challenged and led established businesses to create new digital b2b and b2c channels and to embed innovation as a structured, disciplined mindset focused on realizing strategic benefits and new revenues.

Mr. Birrell has been the Chief Data & Information Officer and is a Member of the Executive Board of EasyJet Airline Ltd since 2020 up to 31 December 2024. He has previously served as the Chief Information Officer and as an Executive Director for Heathrow Airport Ltd, as well as the Chief Information Officer of Gatwick Airport Ltd and McLaren Technology Group Ltd. Mr. Birrell has also honorably acted as an advisor to the Board for the Parliament Restoration and Renewal Delivery Authority of the UK Government.

Academic and Professional Qualifications:

MBA, Warwick University (2005),

BSc (Hons), Electrical and Electronic Engineering, Heriot Watt University (1986), Member of Institution of Engineering and Technology (MIET), Chartered Engineer (CEng).

External Appointments:

• Member of the Executive Board, EasyJet Airline Ltd

APPENDIX I – Biographies of the directors including experience and knowledge (continued)

Panicos Nicolaou

Executive Director

Appointed: September 2019

Skills, experience, contribution:

Experienced professional with significant experience in Corporate Banking and Credit Risk.
Deep understanding of the business and the areas in which the Group operates.
Committed to fostering a culture of integrity, accountability, and excellence within the Group.

Mr. Nicolaou acts as the Group's CEO and Executive Member of the Board. Previously he held the position of Director of the Corporate Banking Division at the Bank from June 2016 to August 2019 and Manager in the Restructuring and Recoveries Division from April 2014 to June 2016. Joining the Bank in 2001, he has occupied various roles, primarily within the Corporate Banking and Credit Risk Departments.

Academic and Professional Qualifications:

Degree in Mechanical Engineering, National Technical University of Athens (Metsovio Polytechnic), Greece BSc in Financial Services/ACIB, School of Management, UMIST, UK MSc in Mechanical & Industrial Engineering, University of Illinois at Urbana-Champaign, USA

External Appointments:

Member, Association of Cyprus Banks*
Member, Employers' Association of Cyprus Banks*
Member of the Executive Committee, Cyprus Employers & Industrials Federation (OEB)*
* Entities which do not pursue commercial objectives. Mr. Nicolaou's membership stems from his capacity as the Bank's CEO.

APPENDIX I – Biographies of the directors including experience and knowledge (continued)

Eliza Livadiotou

Executive Director

Appointed: October 2021

Skills, experience, contribution:

Extensive experience in audit, finance and banking.
Deep understanding of Finance, Treasury, Strategy and Corporate Finance, Investor Relations, ESG, Real Estate Management, Restructuring & Recoveries, Regulatory Affairs, Procurement and Economic Research.
Significant financial leadership.

Mrs. Livadiotou is the Group's Executive Director Finance and an Executive Member of the Board. Before embarking on her career in the banking sector, Mrs. Livadiotou was employed with the audit firm Arthur Andersen in Cambridge, UK. She joined the Bank in 1999 and has held multiple roles, including Assistant to the Group Chief General Manager, Chief Financial Officer (CFO), and has overseen both the Finance and Treasury Divisions.

Academic and Professional Qualifications:

MA in Economics, University of Cambridge, UK Qualified Chartered Accountant

External Appointments:

Board Member, Board of Trustees of Bank of Cyprus Oncology Centre
Chair of the Board, The Girl Guides Association of Cyprus (non-profit institution)*
Board Member, Institute of Certified Public Accountants of Cyprus*

* Entity which does not pursue commercial objectives.

APPENDIX I – Biographies of the directors including experience and knowledge (continued)

Constantine Iordanou (Deceased)

Appointed: November 2021

Senior Independent Director (until 16.06.2024)

Committee Membership (until 16.06.2024):

Chair of the Audit Committee
Chair of the Human Resources and Remuneration Committee
Chair of the Technology Committee

Skills, experience, contribution

Highly experienced in the insurance business.
Benefited from oversight experience in a number of external directorships.

Mr Iordanou was the Chairman and CEO of Arch Capital Group Limited ('Arch'), since August 2003 and Director since January 2002 (retired in September 2019). Before joining Arch as one of its founders in 2002, Mr. Iordanou served in various capacities for Zurich Financial Services ('Zurich') and its affiliates, including as Senior Executive Vice President of group operations and business development of Zurich Financial Services, President of Zurich-American Specialties Division, Chief Operating Officer and CEO of Zurich American, as well as CEO of Zurich North America. Before joining Zurich in March 1992, he was President of the commercial casualty division of the Berkshire Hathaway Group and Senior Vice President of the American Home Insurance Company, a member of the American International Group.

Academic and Professional Qualifications

Aerospace Engineering degree from New York University.

External Appointment (up until June 2024):

• Vantage Group Holdings Ltd (Non-Executive Director)

APPENDIX II – Basis of Consolidation of Group entities for regulatory purposes

The subsidiary companies and branches, their activities and their consolidation method as at 31 December 2024 are presented in the table below:

EU LI3 – Outline of the differences in the scope of consolidation – entity by entity

			Method of regulatory consolidation
Name of the entity	Method of accounting consolidation	Full consolidation	Proportional consolidation	Neither consolidated nor deducted	Deducted	Description of the entity
Bank of Cyprus Holdings Public Limited Company	Full consolidation	x	-	-	-	Holding company
Bank of Cyprus Public Company Ltd	Full consolidation	x	-	-	-	Commercial bank
Auction Yard Ltd	Full consolidation	x	-	-	-	Auction company
Bank of Cyprus Public Company Ltd (branch of BOC PCL)	Full consolidation	x	-	-	-	Administration of guarantees and holding of real estate properties
BOC Asset Management Romania S.A.	Full consolidation	x	-	-	-	In run-down
JCC Payment Systems Ltd	Full consolidation	x	-	-	-	Development of inter-banking systems, acquiring and processing of card transactions, other payment services and other activities
LCP Holdings and Investments Public Ltd	Full consolidation	x	-	-	-	Investments in securities and participations in companies and schemes that are active in various business sectors and projects
MC Investment Assets Management LLC	Full consolidation	x	-	-	-	Problem asset management company - In run-down
The Cyprus Investment and Securities Corporation Ltd (CISCO)	Full consolidation	x	-	-	-	Investment banking, brokerage, discretionary asset management and investment advice services

	Method of accounting consolidation		Method of regulatory consolidation
Name of the entity		Full consolidation	Proportional consolidation	Neither consolidated nor deducted	Deducted	Description of the entity
S.Z. Eliades Leisure Ltd	Full consolidation	x	-	-	-	Land development and operation of a golf resort
Fortuna Astrum Ltd	Full consolidation	x	-	-	-	Problem asset management company - In run-down
EuroLife Ltd	Full consolidation	-	-	x	-	Life insurance
General Insurance of Cyprus Ltd	Full consolidation	-	-	x	-	Non-life insurance
Kermia Ltd	Full consolidation	x	-	-	-	Property trading and development
Kermia Properties & Investments Ltd	Full consolidation	x	-	-	-	Property trading and development
BOC Secretarial Company Ltd	Full consolidation	-	-	x	-	Secretarial services
Jobelis Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Kernland Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Melsolia Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Spacous Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Solomaco Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Linaland Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Unital Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property

	Method of accounting consolidation		Method of regulatory consolidation
Name of the entity		Full consolidation	Proportional consolidation	Neither consolidated nor deducted	Deducted	Description of the entity
Astromeria Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Neraland Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Wingstreet Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Nolory Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Lisbo Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Mantinec Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Venicous Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Provezaco Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Hillbay Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Senadaco Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Mostero Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Forenaco Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Hovita Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Helal Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Lorman Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property

Name of the entity	Method of	Method of regulatory consolidation
	accounting consolidation	Full consolidation	Proportional consolidation	Neither consolidated nor deducted	Deducted	Description of the entity
Barosca Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Fogland Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Tebasco Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Blodar Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Cobhan Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Cranmer Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Domita Estates Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Emovera Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Joberco Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Labancor Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Laiki Lefkothea Center Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Memdes Estates Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Nalmosa Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Valecross Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Altco Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property

Name of the entity	Method of		Method of regulatory consolidation
	accounting consolidation	Full consolidation	Proportional consolidation	Neither consolidated nor deducted	Deducted	Description of the entity
Olivero Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Jaselo Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Elosa Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Flona Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Pendalo Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Toreva Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Frontyard Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Resoma Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Venetolio Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Bonsova Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Weinar Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Balasec Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Eracor Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Thermano Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Nouralia Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property

Name of the entity	Method of		Method of regulatory consolidation
	accounting consolidation	Full consolidation	Proportional consolidation	Neither consolidated nor deducted	Deducted	Description of the entity
Mazima Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Diafor Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Rulemon Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Maledico Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Resocot Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Soblano Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Talamon Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Rosalica Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Zandexo Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Paramina Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Tasabo Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Coeval Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Kartama Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Zemialand Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property

Name of the entity	Method of		Method of regulatory consolidation
	accounting consolidation	Full consolidation	Proportional consolidation	Neither consolidated nor deducted	Deducted	Description of the entity
Secretsky Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Riveland Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Finevo Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Dominion Industries Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Ledra Estate Ltd	Full consolidation	-	-	x	-	Ownership and management of immovable property
Les Coraux Estates Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Natakon Company Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Oceania Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Odolo Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Tolmeco Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Pelika Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Molemo Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Samilo Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Otherland Properties Dorobanti SRL	Full consolidation	x	-	-	-	Ownership and management of immovable property

	Method of accounting consolidation		Method of regulatory consolidation
Name of the entity		Full consolidation	Proportional consolidation	Neither consolidated nor deducted	Deducted	Description of the entity
Amary Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Monata Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Alezia Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Aparno Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Enelo Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Lomenia Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Midelox Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Montira Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Orilema Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Philiki Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Carilo Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Olisto Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Holstone Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Gelimo Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property
Larizemo Properties Ltd	Full consolidation	x	-	-	-	Ownership and management of immovable property

			Method of regulatory consolidation
Name of the entity	Method of accounting consolidation	Full consolidation	Proportional consolidation	Neither consolidated nor deducted	Deducted	Description of the entity
BOC Terra AIF V.C.I.C. Plc	Full consolidation	x	-	-	-	Real Estate Alternative Investment Fund, currently inactive
Jinius Ltd	Full consolidation	x	-	-	-	Digital Economy Platform
Gosman Properties Ltd	Full consolidation	x	-	-	-	Holding of shares and other investments and provision of services
Stamoland Properties Ltd	Full consolidation	x	-	-	-	Holding of shares and other investments and provision of services
Unoplan Properties Ltd	Full consolidation	x	-	-	-	Holding of shares and other investments and provision of services
Petrassimo Properties Ltd	Full consolidation	x	-	-	-	Holding of shares and other investments and provision of services
Rifelo Properties Ltd	Full consolidation	x	-	-	-	Reserved to accept property
Ellagio Properties Ltd	Full consolidation	x	-	-	-	Reserved to accept property
Bavara Properties Ltd	Full consolidation	x	-	-	-	Reserved to accept property
Wolfenia Properties Ltd	Full consolidation	x	-	-	-	Reserved to accept property
Ortizelo Properties Ltd	Full consolidation	x	-	-	-	Reserved to accept property
Leziga Properties Ltd	Full consolidation	x	-	-	-	Reserved to accept property
Dadela Properties Ltd	Full consolidation	x	-	-	-	Reserved to accept property

		Method of regulatory consolidation
Name of the entity	Method of accounting consolidation	Full consolidation	Proportional consolidation	Neither consolidated nor deducted	Deducted	Description of the entity
Fernia Properties Ltd	Full consolidation	x	-	-	-	Reserved to accept property
Nikaba Properties Ltd	Full consolidation	x	-	-	-	Intermediate holding company
Battersee Properties Ltd	Full consolidation	x	-	-	-	Intermediate holding company
Bonayia Properties Ltd	Full consolidation	x	-	-	-	Intermediate holding company
Hydrobius Ltd	Full consolidation	x	-	-	-	Intermediate holding company
Imoreth Properties Ltd	Full consolidation	x	-	-	-	Intermediate holding company
Inroda Properties Ltd	Full consolidation	x	-	-	-	Intermediate holding company
Janoland Properties Ltd	Full consolidation	x	-	-	-	Intermediate holding company
Otherland Properties Ltd	Full consolidation	x	-	-	-	Intermediate holding company
Zunimar Properties Ltd	Full consolidation	x	-	-	-	Intermediate holding company
Allioma Properties Ltd	Full consolidation	x	-	-	-	Intermediate holding company
Paneuropean Ltd	Full consolidation	x	-	-	-	Inactive
Laiki Bank (Nominees) Ltd	Full consolidation	-	-	x	-	Inactive
Nelcon Transport Co. Ltd	Full consolidation	-	-	x	-	Inactive
Kyprou Commercial SA	Full consolidation	x	-	-	-	Inactive

Name of the entity Method of accounting consolidation Method of regulatory consolidation Description of the entity Full consolidation Proportional consolidation Neither consolidated nor deducted Deducted Kyprou Properties SA Full consolidation - - x - Inactive Kyprou Asfalistiki (branch of General Insurance of Cyprus Ltd) Full consolidation - - ^x - Inactive Kyprou Zois (branch of EuroLife Ltd) Full consolidation - - x - Inactive Canosa Properties Ltd Full consolidation x - - - Inactive Homirova Properties Ltd Full consolidation x - - - Inactive Settle Cyprus Ltd Full consolidation x - - Inactive Finerose Properties Ltd Full consolidation x - - Inactive Landanafield Properties Ltd Full consolidation x - - - In the process of dissolution/ in the process of being struck off Thryan Properties Ltd Full consolidation x - - - In the process of dissolution/ in the process of being struck off Bramwell Properties Ltd Full consolidation x - - - In the process of dissolution/ in the process of being struck off Fantasio Properties Ltd Full consolidation x - - - In the process of dissolution/ in the process of being struck off Demoro Properties Ltd Full consolidation x - - - In the process of dissolution/ in the process of being struck off

	Method of	Method of regulatory consolidation
Name of the entity	accounting consolidation	Full consolidation	Proportional consolidation	Neither consolidated nor deducted	Deducted	Description of the entity
Battersee Real Estate SRL	Full consolidation	x	-	-	-	In the process of dissolution/ in the process of being struck off
Birkdale Properties Ltd	Full consolidation	x	-	-	-	In the process of dissolution/ in the process of being struck off
Obafemi Holdings Ltd	Full consolidation	x	-	-	-	In the process of dissolution/ in the process of being struck off
Green Hills Properties SRL	Full consolidation	x	-	-	-	In the process of dissolution/ in the process of being struck off
Imoreth Properties SRL	Full consolidation	x	-	-	-	In the process of dissolution/ in the process of being struck off
Inroda Properties SRL	Full consolidation	x	-	-	-	In the process of dissolution/ in the process of being struck off
Zunimar Properties SRL	Full consolidation	x	-	-	-	In the process of dissolution/ in the process of being struck off
Allioma Properties SRL	Full consolidation	x	-	-	-	In the process of dissolution/ in the process of being struck off
Nikaba Properties SRL	Full consolidation	x	-	-	-	In the process of dissolution/ in the process of being struck off

APPENDIX III – Main features of regulatory own funds instruments and eligible liabilities instruments

Main features of the ordinary shares of the Group

		2024/2023
1	Issuer	Bank of Cyprus Holdings
		Public Limited Company
2	Unique identifier	IE00BD5B1Y92
2a	Public or private placement	Public
3	Governing law(s) of the instrument	Irish Law
3a	Contractual recognition of write down and conversion powers of resolution authorities	N/A
	Regulatory treatment
	Current treatment taking into account, where applicable, transitional CRR
4	rules	Common Equity Tier 1
5	Post-transitional CRR rules	Common Equity Tier 1
6	Eligible at solo/(sub-)consolidated/ solo&(sub-)consolidated	Consolidated
7	Instrument type	Ordinary Shares
8	Amount recognised in regulatory capital	2024: €44 million 2023: €45 million
9	Nominal amount of instrument	2024: €44 million
		2023: €45 million
9(a)	Issue price	Various
9(b)	Redemption price	N/A
10	Accounting classification	Shareholders' Equity
11	Original date of issuance	Various
12	Perpetual or dated	Perpetual
13	Original maturity date	No maturity
14	Issuer call subject to prior supervisory approval	N/A
15	Optional call date, contingent call dates and redemption amount	N/A
16	Subsequent call dates, if applicable	N/A
	Coupons/dividends	€ 0
17	Fixed or floating dividend/coupon	Floating
18	Coupon rate and any related index	N/A
19	Existence of a dividend stopper	Yes
	20(a) Fully discretionary, partially discretionary or mandatory (in terms of timing)	Fully discretionary
	20(b) Fully discretionary, partially discretionary or mandatory (in terms of amount)	Fully discretionary
21	Existence of step up or other incentive to redeem	N/A
22	Non-cumulative or cumulative	Non-cumulative
23	Convertible or non-convertible	Non-convertible
24	If convertible, conversion trigger(s)	N/A
25	If convertible, fully or partially	N/A
26	If convertible, conversion rate	N/A
27	If convertible, mandatory or optional conversion	N/A
28	If convertible, instrument type convertible into	N/A
29	If convertible, issuer of instrument it converts into	N/A
30	Write-down features	N/A
31	If write-down, write-down trigger(s)	N/A
32	If write-down, full or partial	N/A
33	If write-down, permanent or temporary	N/A
34	I f t empo ra ry w rit e - dow n , w rit e - up me c ha nism	N/A
34a	Type of subordination (only for eligible liabilities)	N/A
34b	Ranking of the instrument in normal insolvency proceedings	As per the Annex on Insolvency ranking (SRB) this is ranking CY1
35	Position in subordination hierarchy in liquidation	N/A
36	Non-compliant transitioned features	N/A
37	If yes, non-compliant features	N/A

37a	Link to the full term and conditions of the instrument (signposting)	N/A

APPENDIX III – Main features of regulatory own funds instruments and eligible liabilities instruments (continued)

Main features 2023 Reset Perpetual Additional Tier 1 Capital Securities

		2024/2023
1	Issuer	Bank of Cyprus Holdings Public Limited Company
2	Unique identifier	XS2638438510
2a	Public or private placement	Public
3	Governing law(s) of the instrument	English law, except for the subordination and set off provisions which will be governed by the laws of Ireland
3a	Contractual recognition of write down and conversion powers of resolution authorities	Yes
	Regulatory treatment
4	Transitional CRR rules	Additional Tier 1 Capital Securities
5	Post-transitional CRR rules	Additional Tier 1 Capital Securities
6	Eligible at individual/(sub-) consolidation/individual and (sub-) consolidated	Consolidated Level
7	Instrument type	Additional Tier 1 Capital Securities
8	Amount recognised in regulatory capital	2024: €220 million 2023: €220 million
9	Nominal amount of instrument	€220 million
9(a)	Issue price	100%
9(b)	Redemption price	100%
10	Accounting classification	Other equity instruments
11	Original date of issuance	21 June 2023
12	Perpetual or dated	Perpetual
13	Original maturity date	N/A
14	Issuer call subject to prior supervisory approval	Yes
15	Optional call date, contingent call dates and redemption amount	Any day from and including 21 June 2028 t o and including 21 December 2028 (the First Reset Date)
16	Subsequent call dates, if applicable	Each Interest Payment Date thereafter

APPENDIX III – Main features of regulatory own funds instruments and eligible liabilities instruments (continued)

Main features of 2023 Reset Perpetual Additional Tier 1 Capital Securities
----------------------------------------------------------------------------	--	--

		2024/2023
	Coupons/dividends
17	Fixed or floating dividend/coupon	Fixed
18	Coupon rate and any related index	(i) 11.875% semi-annually up to call date o f 21 December 2028
		(ii) After call date, the interest rate is the 5- year Mid-Swap rate plus a margin of 9.126%
19	Existence of a dividend stopper	N/A
20(a)	Fully discretionary, partially discretionary or mandatory (in terms of timing)	Fully discretionary
20(b)	Fully discretionary, partially discretionary or mandatory (in terms of amount)	Fully discretionary
21	Existence of step up or other incentive to redeem	N/A
22	Non-cumulative or cumulative	Non-cumulative
23	Convertible or non-convertible	Non-convertible
24	If convertible, conversion trigger(s)	N/A
25	If convertible, fully or partially	N/A
26	If convertible, conversion rate	N/A
27	If convertible, mandatory or optional conversion	N/A
28	If convertible, instrument type convertible into	N/A
29	If convertible, issuer of instrument it converts into	N/A
30	Write-down features	Yes
31	If write-down, write-down trigger(s)	Group CET1 Ratio less than 5.125%
32	If write-down, full or partial	Partial
33	If write-down, permanent or temporary	Temporary
34	If temporary write-down, write-up mechanism	Yes
34a	Type of subordination (only for eligible liabilities)	n/a
34b	Ranking of the instrument in normal insolvency proceedings	A s per the Annex o n Insolvency ranking (SRB) this is ranking CY2
35	Position in subordination hierarchy in liquidation	Unsecured and subordinated and a t all times rank (1) senior to Junior Liabilities, (2) paru passu with all other AT1 Capital Liabilities and (3) junior to present and future obligations in respect o f the Senior C reditors (to AT1 Capital)
36	Non-compliant transitioned features	N/A
37	If yes, non-compliant features	N/A
37a	Link to the full term and conditions of the instrument (signposting)	https://www.luxse.com/security/XS26384 38510/381755

APPENDIX III – Main features of regulatory own funds instruments and eligible liabilities instruments (continued)

Main features of the Subordinated Tier 2 Capital Note – April 2021

		2024/2023
1	Issuer	Bank of Cyprus Holdings Public Limited Company
2	Unique identifier	XS2333239692
2a	Public or private placement	Public
3	Governing law(s) of the instrument	English law, except for the status of the Notes and acknowledgement of statutory loss absorption powers which will be governed by the laws of Ireland
3a	Contractual recognition of write down and conversion powers of resolution authorities	Yes
	Regulatory treatment
4	Transitional CRR rules	Tier 2 Capital Notes
5	Post-transitional CRR rules	Tier 2 Capital Notes
6	Eligible at individual/(sub-) consolidation/individual and (sub-) consolidated	Consolidated
7	Instrument type	Tier 2 Capital Notes
8	Amount recognised in regulatory capital	2024: €307 million 2023: €300 million
9	Nominal amount of instrument	€300 million
9(a)	Issue price	100%
9(b)	Redemption price	100%
10	Accounting classification	Liability – amortised cost
11	Original date of issuance	23 April 2021
12	Perpetual or dated	Dated
13	Original maturity date	23 October 2031
14	Issuer call subject to prior supervisory approval	Yes
15	Optional call date, contingent call dates and redemption amount	23/04/2026
16	Subsequent call dates, if applicable	Any date from 23/04/26 to and including 23/10/26

APPENDIX III – Main features of regulatory own funds instruments and eligible liabilities instruments (continued)

Main features of the Subordinated Tier 2 Capital Note – April 2021

		2024/2023
	Coupons/dividends
17	Fixed or floating dividend/coupon	Fixed
18	Coupon rate and any related index	(i) 6.625% per annum up to call date of 23/10/26
		(ii) After call date, the interest rate is the 5-year Mid-Swap rate plus a margin of 6.902%
19	Existence of a dividend stopper	N/A
	20(a) Fully discretionary, partially discretionary or mandatory (in terms of timing)	Mandatory
	20(b) Fully discretionary, partially discretionary or mandatory (in terms of amount)	Mandatory
21	Existence of step up or other incentive to redeem	N/A
22	Non-cumulative or cumulative	Cumulative
23	Convertible or non-convertible	Non-convertible
24	If convertible, conversion trigger(s)	N/A
25	If convertible, fully or partially	N/A
26	If convertible, conversion rate	N/A
27	If convertible, mandatory or optional conversion	N/A
28	If convertible, instrument type convertible into	N/A
29	If convertible, issuer of instrument it converts into	N/A
30	Write-down features	N/A
31	If write-down, write-down trigger(s)	N/A
32	If write-down, full or partial	N/A
33	If write-down, permanent or temporary	N/A
34	If temporary write-down, write-up mechanism	N/A
34a	Type of subordination (only for eligible liabilities)	N/A
34b	Ranking of the instrument in normal insolvency proceedings	As per the Annex on Insolvency ranking (SRB) this is ranking CY3
35	Position in subordination hierarchy in liquidation	Direct, unsecured and subordinated obligations of BOCH and shall at all times rank pari passu and without any preference among themselves, ranking (on a winding-up of BOCH):(A) senior t o Junior Liabilities (to Tier 2 Capital); (B) pari passu and without any preference among themselves; (C) pari passu with all other Tier 2 Capital Liabilities; and (D) junior t o present and future obligations of BOCH in respect of Senior Creditors of BOCH (to Tier 2 Capital).
36	Non-compliant transitioned features	N/A
37	If yes, non-compliant features	N/A
37a	Link to the full term and conditions of the instrument (signposting)	https://www.bourse.lu/security/XS233323969 2/335184

APPENDIX III – Main features of regulatory own funds instruments and eligible liabilities instruments (continued)

Main features of the Senior Preferred Notes – June 2021

		2024/2023
1	Issuer	Bank of Cyprus Public Company Limited
2	Unique identifier	XS2355059168
2a	Public or private placement	Public
3	Governing law(s) of the instrument	English law, save for the status of the Notes and acknowledgement of statutory loss absorption powers which will be governed by the laws of the Republic of Cyprus
3a	Contractual recognition of write down and conversion powers of resolution authorities	Yes
	Regulatory treatment
4	Transitional CRR rules	Eligible Liabilities
5	Post-transitional CRR rules	Eligible Liabilities
6	Eligible at individual/(sub-) consolidation/individual and (sub-) consolidated	BOC Group & BOC PCL
7	Instrument type	Senior Preferred
8	Amount recognised in eligible liabilities	2024: €300 million 2023: €300 million
9	Nominal amount of instrument	€300 million
9(a)	Issue price	100%
9(b)	Redemption price	100%
10	Accounting classification	Liability – amortised cost
11	Original date of issuance	24 June 2021
12	Perpetual or dated	Dated
13	Original maturity date	24 June 2027
14	Issuer call subject to prior supervisory approval	YES
15	Optional call date, contingent call dates and redemption amount	24 June 2026
16	Subsequent call dates, if applicable	N/A

APPENDIX III – Main features of regulatory own funds instruments and eligible liabilities instruments (continued)

Main features of the Senior Preferred Notes – June 2021

		2024/2023
	Coupons/dividends
17	Fixed or floating dividend/coupon	Fixed
		(i) 2.50% annually up t o call date of 24 June 2026
18	Coupon rate and any related index	(ii) After call date, the interest rate is the 5- year Mid-Swap rate plus a margin of 2.785%
19	Existence of a dividend stopper	n/a
20(a)	Fully discretionary, partially discretionary or mandatory (in terms of timing)	Mandatory
20(b)	Fully discretionary, partially discretionary or mandatory (in terms of amount)	Mandatory
21	Existence of step up or other incentive to redeem	N/A
22	Non-cumulative or cumulative	Cumulative
23	Convertible or non-convertible	Non-convertible
24	If convertible, conversion trigger(s)	N/A
25	If convertible, fully or partially	N/A
26	If convertible, conversion rate	N/A
27	If convertible, mandatory or optional conversion	N/A
28	If convertible, instrument type convertible into	N/A
29	If convertible, issuer of instrument it converts into	N/A
30	Write-down features	N/A
31	If write-down, write-down trigger(s)	N/A
32	If write-down, full or partial	N/A
33	If write-down, permanent or temporary	N/A
34	If temporary write-down, write-up mechanism	N/A
34a	Type of subordination (only for eligible liabilities)	Exemption from subordination
34b	Ranking of the instrument in normal insolvency proceedings	As per the Annex on Insolvency ranking (SRB) this is ranking CY6
35	Position in subordination hierarchy in liquidation	Direct, unconditional, unsubordinated and unsecured obligations of the Issuer in accordance with Condition 3(a)
36	Non-compliant transitioned features	N/A
37	If yes, non-compliant features	N/A
37a	Link to the full term and conditions of the instrument (signposting)	https://www.bourse.lu/security/XS2355 059168/338796

APPENDIX III – Main features of regulatory own funds instruments and eligible liabilities instruments (continued)

Main features of the Senior Preferred Notes – July 2023

		2024/2023
1	Issuer	Bank of Cyprus Public Company Limited
2	Unique identifier	XS2648493570
2a	Public or private placement	Public
3	Governing law(s) of the instrument	English law, save for the status of the Notes and acknowledgement of statutory loss absorption powers which will be governed by the laws of the Republic of Cyprus
3a	Contractual recognition of write down and conversion powers of resolution authorities	Yes
	Regulatory treatment
4	Transitional CRR rules	Eligible Liabilities
5	Post-transitional CRR rules	Eligible Liabilities
6	Eligible at individual/(sub-) consolidation/individual and (sub-) consolidated	BOC Group & BOC PCL
7	Instrument type	Senior Preferred
8	Amount recognised in eligible liabilities	2024: €350 million 2023: €350 million
9	Nominal amount of instrument	€350 million
9(a)	Issue price	100%
9(b)	Redemption price	100%
10	Accounting classification	Liability – amortised cost
11	Original date of issuance	25 July 2023
12	Perpetual or dated	Dated
13	Original maturity date	25 July 2028
14	Issuer call subject to prior supervisory approval	Yes
15	Optional call date, contingent call dates and redemption amount	25 July 2027
16	Subsequent call dates, if applicable	N/A

APPENDIX III – Main features of regulatory own funds instruments and eligible liabilities instruments (continued)

Main features of the Senior Preferred Notes – July 2023

	2024/2023
	Coupons/dividends
17	Fixed or floating dividend/coupon	Fixed
18		(i) 7.375% annually in arrear up to but excluding optional call date o f 25 July 2027
	Coupon rate and any related index	(ii) After call date, the interest rate is the 5-year Mid-Swap rate plus a margin of 4.095%
19	Existence of a dividend stopper	n/a
20(a)	Fully discretionary, partially discretionary or mandatory (in terms of timing)	Mandatory
20(b)	Fully discretionary, partially discretionary or mandatory (in terms of amount)	Mandatory
21	Existence of step up or other incentive to redeem	N/A
22	Non-cumulative or cumulative	Cumulative
23	Convertible or non-convertible	Non-convertible
24	If convertible, conversion trigger(s)	N/A
25	If convertible, fully or partially	N/A
26	If convertible, conversion rate	N/A
27	If convertible, mandatory or optional conversion	N/A
28	If convertible, instrument type convertible into	N/A
29	If convertible, issuer of instrument it converts into	N/A
30	Write-down features	N/A
31	If write-down, write-down trigger(s)	N/A
32	If write-down, full or partial	N/A
33	If write-down, permanent or temporary	N/A
34	If temporary write-down, write-up mechanism	N/A
34a	Type of subordination (only for eligible liabilities)	Exemption from subordination
34b	Ranking of the instrument in normal insolvency proceedings	A s per the Annex o n Insolvency ranking (SRB) this is ranking CY6
35	Position in subordination hierarchy in liquidation	Direct, unconditional, unsubordinated and unsecured obligations o f the Issuer in accordance with Condition 3(a)
36	Non-compliant transitioned features	N/A
37	If yes, non-compliant features	N/A
37a	Link to the full term and conditions of the instrument (signposting)	https://www.luxse.com/security/XS2 648493570/384481

APPENDIX III – Main features of regulatory own funds instruments and eligible liabilities instruments (continued)

Main features of the Green Senior Preferred Notes – May 2024

		2024
1	Issuer	Bank of Cyprus Public Company Limited
2	Unique identifier	XS2801451571
2a	Public or private placement	Public
3	Governing law(s) of the instrument	English law, save for the status of the Notes and acknowledgement of statutory loss absorption powers which will be governed by the laws of the Republic of Cyprus
3a	Contractual recognition of write down and conversion powers of resolution authorities	Yes
	Regulatory treatment
4	Transitional CRR rules	Eligible Liabilities
5	Post-transitional CRR rules	Eligible Liabilities
6	Eligible at individual/(sub-) consolidation/individual and (sub-) consolidated	BOC Group & BOC PCL
7	Instrument type	Senior Preferred
8	Amount recognised in eligible liabilities	2024: €300 million 2023: -
9	Nominal amount of instrument	€300 million
9(a)	Issue price	100%
9(b)	Redemption price	100%
10	Accounting classification	Liability – amortised cost
11	Original date of issuance	02 May 2024
12	Perpetual or dated	Dated
13	Original maturity date	02 May 2029
14	Issuer call subject to prior supervisory approval	Yes
15	Optional call date, contingent call dates and redemption amount	02 May 2028
16	Subsequent call dates, if applicable	N/A

APPENDIX III – Main features of regulatory own funds instruments and eligible liabilities instruments (continued)

Main features of the Green Senior Preferred Notes – May 2024

		2024
	Coupons/dividends
17	Fixed or floating dividend/coupon	Fixed
18	Coupon rate and any related index	(i) 5% annually in arrear up t o but excluding optional call date of 2 May 2028 (ii) After call date, the interest rate is the 3- month EURIBOR plus a margin of 1.971%

19	Existence of a dividend stopper	n/a
20(a)	Fully discretionary, partially discretionary or mandatory (in terms of timing)	Mandatory
20(b)	Fully discretionary, partially discretionary or mandatory (in terms of amount)	Mandatory
21	Existence of step up or other incentive to redeem	N/A
22	Non-cumulative or cumulative	Cumulative
23	Convertible or non-convertible	Non-convertible
24	If convertible, conversion trigger(s)	N/A
25	If convertible, fully or partially	N/A
26	If convertible, conversion rate	N/A
27	If convertible, mandatory or optional conversion	N/A
28	If convertible, instrument type convertible into	N/A
29	If convertible, issuer of instrument it converts into	N/A
30	Write-down features N/A
31	If write-down, write-down trigger(s)	N/A
32	If write-down, full or partial	N/A
33	If write-down, permanent or temporary	N/A
34	If temporary write-down, write-up mechanism	N/A
34a	Type of subordination (only for eligible liabilities)	Exemption from subordination
34b	Ranking of the instrument in normal insolvency proceedings	As per the Annex on Insolvency ranking (SRB) this is ranking CY6
35	Position in subordination hierarchy in liquidation	Direct, unconditional, unsubordinated and unsecured obligations of the Issuer in accordance with Condition 3(a)
36	Non-compliant transitioned features	N/A
37	If yes, non-compliant features	N/A
37a	Link to the full term and conditions of the instrument (signposting)	https://www.luxse.com/security/XS2801 451571/401903

Appendix IV- Result of the materiality analysis of the legal entities as at 31 December 2024

Legal entity	Qualitative criterion	% RWAs	% Total income	% Total Assets	Materiality
Bank of Cyprus Public Company Ltd (Cyprus) Core Business Line		93.95	93.02	93.88	YES
CISCO	Not a critical function, significant business activity or a service/support function	0.12	0.29	0.08	NO
GIC	Not a critical function, significant business activity or a service/support function	-	1.32	0.36	NO
EuroLife Ltd	Not a critical function, significant business activity or a service/support function	-	2.45	3.53	NO
Kermia, Kermia Properties and Investments and its subsidiaries (mainly special purpose vehicles (SPVs))	Not a critical function, significant business activity or a service/support function	0.92	(0.30)	0.34	NO
JCC Payment Ltd	Not a critical function, but a critical shared service provider which supports the execution of a critical function (payments)	1.11	3.17	0.41	YES
Jinius Ltd	Not a critical function, significant business activity or a service/support function	-	(0.03)	0.02	NO
S.Z. Eliades Leisure Ltd	Not a critical function, significant business activity or a service/support function	0.4	(0.04)	0.12	NO
Bank of Cyprus Public Company Ltd (Greek branch)	Not a critical function, significant business activity or a service/support function	0.28	(0.04)	0.13	NO
MC Investments and Asset Management LLC	Not a critical function, significant business activity or a service/support function	(0.06)	-	-	NO
Other various small subsidiaries (mainly Special Purpose Vehicles (SPVs))	Not a critical function, significant business activity or a service/support function	3.28	0.16	1.13	NO

Appendix V - Specific References to CRR Articles

CRR ref.	High-level summary	Compliance reference
General Provisions
6	General Principles	Section 4
13	Application of disclosure requirements on a consolidated basis	Section 4
	Scope of disclosure requirements
431 (1)	Requirement to publish Pillar III disclosures.	Section 2.2
431 (2)	Disclosure of operational risk information.	Section 3.2.4
431 (3)	Institution must have a policy covering frequency of disclosures. Their verification, comprehensiveness and overall appropriateness.	The Group has a dedicated Pillar III policy
431 (4)	All quantitative disclosures shall be accompanied by qualitative narrative	All qualitative narrative is contained within the Report
431 (5)	Explanation of ratings decisions to SMEs upon request.	Not applicable to the Group
	Non-material, proprietary or confidential information
432	Non-material, proprietary or confidential information – EBA Guidelines on materiality, proprietary, confidentiality and on disclosure frequency	The Group discloses all minimum requirements set by CRR and no information has been omitted based on materiality, proprietary or confidential
	Frequency of disclosure
433	Disclosures must be published once a year at a minimum, in conjunction with the date of publication of the financial statements and more frequently if necessary.	Section 2.2
Means of disclosures
434 (1)	To include disclosures in one appropriate medium or provide clear cross references to other media.	All applicable disclosures are contained within the Report
434 (2)	Equivalent disclosures made under other requirements (i.e., accounting) can be used to satisfy Pillar III if appropriate.	Cross-references to accounting and other disclosures are indicated in the Report
	Risk management objectives and policies
435 (1) (a)	Strategies and processes to manage risks for each separate category of risk.
435 (1) (b)	Information on the risk governance structure for each type of risk
435 (1) (c)	Disclosure on the scope and nature of risk disclosure and/or measurement systems.	Sections 3.1 and 3.2
435 (1) (d)	The policies for hedging and mitigating risk, and the strategies and processes for monitoring the continuing effectiveness of hedges and mitigants.
435 (1) (e)	Declaration approved by the Board on adequacy of risk management arrangements.	Sections 2.2 Pillar III Regulatory Framework, Attestation section Section 3.1.3 Effectiveness of the Risk Management Framework
435 (1) (f)	Concise risk statement approved by the Board.	Section 1 Executive Summary, Risk Profile section
435 (2)	Information, once a year at a minimum, on governance arrangements.	Section 3.3
435 (2) (a)	Number of directorships held by members of the Board.	Section 3.3.2
435 (2) (b)	Recruitment policy of Board members, their experience and expertise.	Section 3.3.1
435 (2) (c)	Policy on diversity of Board members, its objectives and results against targets.	Section 3.3.3
435 (2) (d)	Disclosure of whether a dedicated risk committee is in place, and number of meetings in the year.	Section 3.3.4
435 (2) (e)	Description of information flow on risk to Board.	Section 3.3.5
Scope of application
436 (a)	Name of institution.	Section 2.1
436 (b)	Difference on the basis of consolidation for accounting and prudential purposes, naming entities that are:	Section 4.1, and Appendix II

CRR ref.	High-level summary	Compliance reference
436 (c)	Breakdown of assets and liabilities of the consolidated financial statements prepared in accordance with the requirements on regulatory consolidation	Section 4.1.1
436 (d)	A reconciliation identifying the main sources of differences between the carrying value amounts in the financial statements under the regulatory scope of consolidation	Section 4.1.2
436 (e)	Exposures from the trading book and the non-trading book that are adjusted in accordance with Article 34 and Article 105, a breakdown of the amounts of the constituent elements of an institution's prudent valuation adjustment	Not applicable to the Group
436 (f)	Impediments to transfer of funds between parent and subsidiaries.	Section 19
436 (g)	Capital shortfalls in any subsidiaries outside of scope of consolidation and their names (if any).	Section 2.2
436 (h)	Use of articles on derogations from (a) prudential requirements or (b) liquidity requirements for individual subsidiaries / entities.	Not applicable to the Group
Own funds
437 (1)	Requirements regarding capital resources table.	Sections 4.1, 5.1 to 5.3
437 (1) (a)	A full reconciliation of Common Equity Tier 1 items, Additional Tier 1 items, Tier 2 items and the filters and deductions applied to own funds	Sections 4.1 and 5.1
437 (1) (b)	A description of the main features of the Common Equity Tier 1 and Additional Tier 1 instruments and Tier 2 instruments issued by the institution	Appendix III
437 (1) (c)	The full terms and conditions of all Common Equity Tier 1, Additional Tier 1 and Tier 2 instruments;	Section 5.3
437 (1) (d)	A separate disclosure of the nature and amounts of the following: (i) each prudential filter applied pursuant to Articles 32 to 35; (ii) items deducted pursuant to Articles 36, 56 and 66; (iii) items not deducted pursuant to Articles 47, 48, 56, 66 and 79;	Section 5.1
437 (1) (e)	Description of all restrictions applied to the calculation of own funds in accordance with this Regulation and the instruments, prudential filters and deductions to which those restrictions apply	Sections 5.1 to 5.3
437 (1) (f)	Comprehensive explanation of the basis on which capital ratios are calculated where those capital ratios are calculated by using elements of own funds determined on a basis other than the basis laid down in this Regulation.	Not applicable to the Group
437 (a)	Disclosure of own funds and eligible liabilities	Not applicable to the Group
Capital requirements
438 (a)	Summary of institution's approach to assessing adequacy of capital levels.	Section 6.1
438 (b)	The amount of the additional own funds requirements based on the supervisory review process	Sections 14 and 3.1.16
438 (c)	Result of ICAAP on demand from competent authority.	Section 3.1.16
438 (d)	The total risk-weighted exposure amount and the corresponding total own funds requirement determined in accordance with Article 92, to be broken down by the different risk categories.	Section 6.1
438 (e)	The on- and off-balance-sheet exposures, the risk-weighted exposure amounts and associated expected losses for each category of specialised lending	Not applicable to the Group
438 (f)	The exposure value and the risk-weighted exposure amount of own funds instruments held in any insurance undertaking, reinsurance undertaking or insurance holding company that the institutions do not deduct from their own funds	Section 6.2
438 (g)	The supplementary own funds requirement and the capital adequacy ratio of the financial conglomerate	Not applicable for the Group
438 (h)	The variations in the risk-weighted exposure amounts of the current disclosure period compared to the immediately preceding disclosure period that result from the use of internal models, including an outline of the key drivers explaining those variations.	Not applicable to the Group
	Exposure to Counterparty Credit Risk (CCR)
439 (a)	Description of methodology to assign internal capital and credit limits for counterparty credit exposures.	Section 7

CRR ref.	High-level summary	Compliance reference
439 (b)	Discussion of policies for securing collateral and establishing credit reserves.	Section 7
439 (c)	Discussion of policies as regards wrong-way risk exposures.	Section 7
439 (d)	Disclosure of collateral to be provided (outflows) in the event of a ratings downgrade.	Section 7
439 (e)	The amount of segregated and unsegregated collateral received and posted per type of collateral,	Section 7
439 (f)	For derivative transactions, the exposure values before and after the effect of the credit risk mitigation as determined under the methods set out in Sections 3 to 6 of Chapter 6 of Title II of Part Three, whichever method is applicable, and the associated risk exposure amounts broken down by applicable method.	Section 7
439 (g)	For securities financing transactions, the exposure values before and after the effect of the credit risk mitigation.	Section 7
439 (h)	The exposure values after credit risk mitigation effects and the associated risk exposures for credit valuation adjustment capital charge.	Section 7
439 (i)	The exposure value to central counterparties and the associated risk exposures.	Section 7
439 (j)	The notional amounts and fair value of credit derivative transactions; credit derivative transactions shall be broken down by product type; within each product type, credit derivative transactions shall be broken down further by credit protection bought and credit protection sold	Not applicable to the Group
439 (k)	The estimate of alpha where applicable	Section 7
439 (l)	Separately, the disclosures included in point (e) of Article 444 and point (g) of Article 452;	Section 7
439 (m)	For institutions using the methods set out in Sections 4 to 5 of Chapter 6 of Title II Part Three, the size of their on- and off-balance-sheet derivative business as calculated in accordance with Article 273a (1) or (2), as applicable.	Section 7
440 (1) (a)	Geographical distributions of credit exposures	Section 8
440 (1) (b)	Amount of the institution specific countercyclical buffer	Section 8
440 (2)	EBA issue the Regulatory Technical Standards on Countercyclical Capital Buffer	Section 8
	Indicators of global systemic importance
441	Indicators of global systemic importance	Not applicable to the Group

	Credit risk adjustments
442 (a)	Definitions for accounting purposes of 'past due' and 'impaired'.	Section 9.1
442 (b)	Approaches for calculating credit risk adjustments.	Section 9.3
442 (c)	Information on the amount and quality of performing, non-performing and forborne exposures for loans, debt securities and off-balance-sheet exposures, including their related accumulated impairment, provisions and negative fair value changes due to credit risk and amounts of collateral and financial guarantees received	Sections 9.2 and 9.4
442 (d)	An ageing analysis of accounting past due exposures;	Section 9.2
442 (e)	Distribution of exposures by geographical area and industry	Section 9.2
442 (f)	Any changes in the gross amount of defaulted on- and off-balance-sheet exposures, including, as a minimum, information on the opening and closing balances of those exposures, the gross amount of any of those exposures reverted to non-defaulted status or subject to a write-off;	Section 9.2
442 (g)	The breakdown of loans and debt securities by residual maturity	Section 9.1.1
Unencumbered assets
443	Disclosures on unencumbered assets.	Section 10
Use of ECAIs
444 (a)	Names of the nominated ECAIs used in the calculation of Standardised Approach RWAs, and reasons for any changes.	Section 11
444 (b)	Exposure classes associated with each ECAI.	Section 11
444 (c)	Description of the process used to transfer the issuer and issue credit assessments onto items in the Banking book.	Section 11
444 (d)	Mapping of external rating to credit quality steps.	Section 11

CRR ref.	High-level summary	Compliance reference
444 (e)	Exposure values pre-credit risk mitigation and post-credit risk mitigation, by credit quality step.	Section 11
Market risk
445	Institutions calculating their own funds requirements in accordance with points (b) and (c) of Article 92(3) shall disclose those requirements separately for each risk referred to in those points.	Section 12
Operational risk
446	Disclosure of the scope of approaches used to calculate operational risk, discussion of advanced methodology and external factors considered.	Section 13
Key Metrics
447	Disclosure of Key Metrics	Section 14
	Exposure to interest rate risk on positions in the Trading book
448 (1) (a)	The changes in the economic value of equity calculated under the six supervisory shock scenarios	Section 15.2
448 (1) (b)	The changes in the net interest income calculated under the two supervisory shock scenarios	Section 15.2
448 (1) (c)	Description of key modelling and parametric assumptions	Not applicable to the Group
448 (1) (d)	An explanation of the significance of the risk measures	Section 15.1
448 (1) (e)	The description of how institutions define, measure, mitigate and control the interest rate risk of their non- trading book activities for the purposes of the competent authorities' review.	Sections 15.1 and 15.2
448 (1) (f)	The description of the overall risk management and mitigation strategies for those risks	Section 15.1
448 (1) (g)	Average and longest repricing maturity assigned to non-maturity deposits	Section 15.1
448 (2)	By way of derogation from paragraph 1 of this Article, the requirements set out in points (c) and (e)(i) to (e) (iv) of paragraph 1 of this Article shall not apply to institutions that use the standardised methodology or the simplified standardised methodology referred to in Article 84(1) of Directive 2013/36/EU	Not applicable to the Group
	Exposure to securitisation positions
449	Exposure to securitisation positions	Not applicable to the Group
449a	Disclosure of environmental, social and governance risks (ESG risks)	Section 16
	Remuneration disclosures
450	Remuneration policy.	Section 17
Leverage
451 (1) (a)	Leverage ratio and how the institution applies Article 499(2) and (3)	Section 18
451 (1) (b)	Analysis of total exposure measure, including reconciliation to financial statements, and derecognised fiduciary items.	Section 18
451 (1) (c)	Where applicable, the amount of exposures calculated in accordance with Articles 429(8) and 429a (1) and the adjusted leverage ratio calculated in accordance with Article 429a (7)	Section 18.2
451 (1) (d)	Description of the risk management process to mitigate excessive leverage.	Section 18
451 (1) (e)	Factors that had an impact on the leverage ratio during the year	Section 18
451 (2)	Public development credit institutions as defined in Article 429a (2) shall disclose the leverage ratio without the adjustment to the total exposure measure determined in accordance with point (d) of the first subparagraph of Article 429a (1).	The Group follows the implementation standards. Section 18.2
451 (3)	In addition to points (a) and (b) of paragraph 1 of this Article, large institutions shall disclose the leverage ratio and the breakdown of the total exposure measure referred to in Article 429(4) based on averages calculated in accordance with the implementing act referred to in Article 430(7).	Section 18.2
451 (a) (1)	Institutions that are subject to Part Six shall disclose information on their liquidity coverage ratio, net stable funding ratio and liquidity risk management in accordance with this Article	Section 19
451 (a) (2)	Disclose liquidity coverage ratio as calculated in accordance with the delegated act referred to in Article 460(1)	Section 19
451 (a) (3)	Disclose stable funding ratio as calculated in accordance with Title IV of Part Six	Section 19

CRR ref.	High-level summary	Compliance reference
451 (a) (4)	Disclose the arrangements, systems, processes and strategies put in place to identify, measure, manage and monitor their liquidity risk in accordance with Article 86 of Directive 2013/36/EU	Sections 19 and 3.2.3
	Use of the IRB Approach to credit risk
452	Use of the IRB Approach to credit risk	Not applicable to the Group
	Use of credit risk mitigation techniques
453 (a)	Policies and processes, and an indication of the extent to which the Bank makes use of on-balance sheet and off-balance sheet netting.	Section 20.1
453 (b)	Policies and processes for collateral valuation and management.	Section 20.3
453 (c)	Description of types of collateral used by the Bank.	Section 20.3
453 (d)	Types of guarantor and credit derivative counterparty, and their creditworthiness.	Section 20.3
453 (e)	Information about market or credit risk concentrations within the credit mitigation taken.	Sections 3.2.1.4 and 11
453 (f)	For exposures under either the Standardised or the Foundation IRB approach, disclosure of the exposure covered by eligible financial collateral and other eligible collateral	Section 20.3
453 (g)	The corresponding conversion factor and the credit risk mitigation associated with the exposure and the incidence of credit risk mitigation techniques with and without substitution effect.	Section 11
453 (h)	For institutions calculating risk-weighted exposure amounts under the Standardised Approach, the on- and off-balance-sheet exposure value by exposure class before and after the application of conversion factors and any associated credit risk mitigation	Section 11
453 (i)	For institutions calculating risk-weighted exposure amounts under the Standardised Approach, the risk- weighted exposure amount and the ratio between that risk-weighted exposure amount and the exposure value after applying the corresponding conversion factor and the credit risk mitigation associated with the exposure; the disclosure set out in this point shall be made separately for each exposure class	Section 11
453 (j)	For institutions calculating risk-weighted exposure amounts under the IRB Approach, the risk-weighted exposure amount before and after recognition of the credit risk mitigation impact of credit derivatives; where institutions have received permission to use own LGDs and conversion factors for the calculation of risk- weighted exposure amounts, they shall make the disclosure set out in this point separately for the exposure classes subject to that permission	Not applicable to the Group
	Use of the Advanced Measurement Approaches to operational risk
454	Description of the use of insurance or other risk transfer mechanisms for the purpose of mitigating operational risk.	Not applicable to the Group
	Use of Internal Market Risk Models
455	Use of Internal Market Risk Models	Not applicable to the Group

Pillar 3 Disclosures 2024

Appendix VI- List of EBA templates disclosed and mapping to Pillar 3 report

	Compliance Reference	Section
EU LI1	Differences between accounting and regulatory scopes of consolidation and the mapping of financial statement categories with regulatory risk categories	Section 4.1.1
EU LI2	Main sources of differences between regulatory exposure amounts and carrying values in Financial Statements	Section 4.1.2
EU LI3	Outline of the differences in the scopes of consolidation (entity by entity)	Appendix II
EU OV1	Overview of RWAs	Section 6.1
EU INS1	Non-deducted participations in insurance undertakings	Section 6.2
EU INS2	Financial conglomerates information on own funds and capital adequacy ratio	Not applicable
EU OR1	Operational risk own funds requirements and risk-weighted exposure amounts	Section 13
EU PV1	Prudent valuation adjustments (PVA)	Not applicable
EU CC1	Composition of regulatory own funds	Section 5.1
EU CC2	Reconciliation of regulatory own funds to balance sheet in the audited financial statements	Section 4.1
EU KM1	Overview of risk weighted exposure amounts	Section 14
EU KM2	Key metrics - MREL and, where applicable, G-SII requirement for own funds and eligible liabilities	Section 5.4
EU TLAC1	Composition - MREL and, where applicable, G-SII Requirement for own funds and eligible liabilities	Section 5.4
EU iLAC	Internal loss absorbing capacity: internal MREL and, where applicable, requirement for own funds and eligible liabilities for non-EU G-SIIs	Not applicable
EU TLAC2a	Creditor ranking - Entity that is not a resolution entity	Not applicable
EU TLAC2b	Creditor ranking - Entity that is not a resolution entity	Not applicable
EU TLAC3a	Creditor ranking - resolution entity	Not applicable
EU TLAC3b	Creditor ranking - resolution entity	Section 5.4
EU CCyB1	Geographical distribution of credit exposures relevant for the calculation of the countercyclical buffer	Section 8
EU CCyB2	Amount of institution-specific countercyclical capital buffer	Section 8
EU CR1-A	Maturity of exposures	Section 9.1.1
EU CR3	CRM techniques overview: Disclosure of the use of credit risk mitigation techniques	Section 20.2
EU CR4	Standardised Approach – Credit risk exposure and CRM effects	Section 11
EU CR5	Standardised Approach	Section 11
EU CR6	IRB approach – Credit risk exposures by exposure class and PD range	Not applicable
EU CR6-A	Scope of the use of IRB and SA approaches	Not applicable
EU CR7	IRB approach – Effect on the RWEAs of credit derivatives used as CRM techniques	Not applicable
EU CR7-A	IRB approach – Disclosure of the extent of the use of CRM techniques	Not applicable
EU CR8	RWEA flow statements of credit risk exposures under the IRB approach	Not applicable
EU CR9	IRB approach – Back-testing of PD per exposure class (fixed PD scale)	Not applicable
EU CR9.1	IRB approach – Back-testing of PD per exposure class (only for PD estimates according to point (f) of Article 180(1) CRR)	Not applicable
EU CR10	Specialised lending and equity exposures under the simple risk weighted approach	Not applicable
EU CCR1	Analysis of CCR exposure by approach	Section 7
EU CCR2	Transactions subject to own funds requirements for CVA risk	Section 7
EU CCR3	Standardised Approach – CCR exposures by regulatory portfolio and risk	Section 7
EU CCR4	IRB approach – CCR exposures by exposure class and PD scale	Not applicable
EU CCR5	Composition of collateral for exposures to CCR	Section 7
EU CCR6	Credit derivatives exposures	Not applicable
EU CCR7	RWEA flow statements of CCR exposures under the IMM	Not applicable
EU CCR8	Exposures to central counterparties	Section 7
EU MR1	Market risk under the Standardised Approach	Not applicable
EU MR2-A	Market risk under the internal Model Approach (IMA)	Not applicable
EU MR2-B	RWA flow statements of market risk exposures under the IMA	Not applicable
EU MR3	IMA values for trading portfolios	Not applicable

	Compliance Reference	Section
EU MR4	Comparison of VaR estimates with gains/losses	Not applicable
IFRS 9-EL	Comparison of institutions' own funds and capital and leverage ratios with the application of transitional arrangements for IFRS 9 or analogous ECLs and with and without the application of the temporary treatment in accordance with Article 468 CRR.	Section 6.3
EU CQ1	Credit quality of forborne exposures	Section 9.4
EU CQ2	Quality of forbearance	Section 9.4
EU CQ3	Credit quality of performing and non-performing exposures by past due days	Section 9.2
EU CR1	Performing and non-performing exposures and related provisions	Section 9.2
EU CQ4	Quality of non-performing exposures by geography	Section 9.2
EU CQ5	Credit quality of loans and advances by industry	Section 9.2
EU CQ6	Collateral valuation – loans and advances	Section 9.2
EU CR2	Changes in the stock of non-performing loans and advances	Section 9.2
EU CR2a	Changes in the stock of non-performing loans and advances and related net accumulated recoveries	Section 9.2
EU CQ7	Collateral obtained by taking possession and execution processes	Section 9.2
EU CQ8	Collateral obtained by taking possession and execution processes – vintage breakdown	Section 9.2
EU AE1	Encumbered and unencumbered assets	Section 10.1
EU AE2	Collateral received and own debt securities issued	Section 10.2
EU AE3	Sources of encumbrance	Section 10.3
EU REM1	Remuneration awarded for the financial year	Section 17.4
EU REM2	Special payments to staff whose professional activities have a material impact on institutions' risk profile (identified staff)	Section 17.4
EU REM3	Deferred remuneration	Not Applicable
EU REM4	Remuneration of 1 million EUR or more per year	Section 17.4
EU REM5	Information on remuneration of staff whose professional activities have a material impact on institutions' risk profile (identified staff)	Section 17.4
EU LR1	Summary reconciliation of accounting assets and leverage ratio exposures	Section 18.1
EU LR2	Leverage ratio common disclosure	Section 18.2
EU LR3	Split-up of on balance sheet exposures (excluding derivatives and SFTs)	Section 18.3
EU LIQ1	Quantitative information of LCR	Section 19
EU LIQ2	Net Stable Funding Ratio	Section 19
EU SEC1	Securitisation exposures in the non-trading book	Not Applicable
EU SEC2	Securitisation exposures in the trading book	Not Applicable
EU SEC3	Securitisation exposures in the non-trading book and associated regulatory capital requirements - institution acting as originator or as sponsor	Not applicable
EU SEC4	Securitisation exposures in the non-trading book and associated regulatory capital requirements - institution acting as investor	Not Applicable
EU SEC5	Exposures securitised by the institution - Exposures in default and specific credit risk adjustments	Not Applicable
EU IRRBB1	Interest rate risks of non-trading book activities	Section 15.2
ESG Template 1	Banking book- Climate Change transition risk: Credit quality of exposures by sector, emissions and residual maturity	Section 16.1
ESG Template 2	Banking book - Climate change transition risk: Loans collateralised by immovable property - Energy efficiency of the collateral	Section 16.1
ESG Template 3	Banking book: Climate change transition risk: Alignment metrics	Section 16.1
ESG Template 4	Banking book - Climate change transition risk: Exposures to top 20 carbon intensive firms	Not Applicable
ESG Template 5	Banking book - Climate change physical risk: Exposures subject to physical risk	Section 16.1
ESG Template 6	Summary of GAR KPIs	Section 16.1
ESG Template 7	Mitigating actions: Assets for the calculation of GAR	Section 16.1
ESG Template 8	GAR (%)	Section 16.1
ESG Template 9.1	Mitigating actions: Assets for the calculation of BTAR	Not mandatory – not disclosed
ESG Template 9.2	BTAR % (stock)	Not mandatory – not disclosed

	Compliance Reference	Section
ESG Template 9.3	Summary table - BTAR % (btar)	Not mandatory – not disclosed
ESG Template 10	Other climate change mitigating actions that are not covered in the EU Taxonomy	Section 16.1

GLOSSARY

A
AC	Board Audit Committee
ACCs	Additional Credit Claims
ADC	Asset Disposal Committee
AGM	Annual General Meeting
ALCO	Asset and Liability Committee
AML/CTF	Anti-Money Laundering and Combating Terrorism Financing
ASF	Available stable funding
AT1	Additional Tier 1
ATHEX	Athens Stock Exchange
AVA	Additional Valuation Adjustments
B
B2DS	Below 2 Degree Scenario
Bank, BOC PCL	Bank of Cyprus Public Company Limited
BCMS	Business Continuity Management System
BCP	Business Continuity Plan
BDC	Business Development Committee
BES	Business Environment Scan
Board	Board of Directors
BRC	Board Risk Committee
BRRD	Bank Recovery and Resolution Directive
C
C&E	Climate and Environmental
CAP	Customer Acceptance Policy
CBC	Central Bank of Cyprus
CBR	Combined Buffer Requirement
CCB	Capital Conservation Buffer
CCF	Credit Conversion Factor
CCR	Counterparty Credit Risk
CcyB	Countercyclical Capital Buffer
CEO	Chief Executive Officer
CET1	Common Equity Tier 1
CIF	Cyprus Investment Firm
CIO	Chief Information Officer
CISCO	The Cyprus Investment and Securities Corporation Ltd
CIUs	Collective Investment Undertakings
CMC-LCP	Crisis Management committee for Liquidity Contingency Plan
Code	Corporate Governance Code
Company	Bank of Cyprus Holdings Public Limited Company
COVID-19	Coronavirus Disease 2019
CPPD	Commissioner for the Protection of Personal Data
CRD	Capital Requirements Directive (Directive 2013/36/EU of the European Parliament)
CRAM	Capital Repayment At Maturity
CRM	Credit Risk Mitigation
CRMD	Credit Risk Management Department
CRE	Commercial Real Estate
CRO	Chief Risk Officer
CRP	Credit Risk Policy
CRR	Capital Requirements Regulation (Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013)
CSA	Credit Support Annex
CSCR	Corporate & SME Credit Risk

CSE	Cyprus Stock Exchange
CSIRT	Computer Security Incident Response Team
CSRBB	Credit Spread Risk in the Banking Book
CSRD	Corporate Sustainability Reporting Directive
CST	Climate Stress Testing
CVA	Credit Valuation Adjustment
CvaR	Conditional Value at Risk
CySEC	Cyprus Securities and Exchange Commission
D
DA&P	Data Analysis and Provisions department
DEP	Digital Economy Platform
DMA	Double Materiality Assessment
DPD	Days Past Due
DPIA	Data Protection Impact Assessment
DPO	Data Protection Officer

DR	Disaster Recovery
DRC	Disaster Recovery Committee
DRP	Disaster Recovery Plan
DTA	Deferred Tax Asset
E
EAD	Exposure at default
EBA	European Banking Authority
EBRD	European Bank for Reconstruction and Development
ECAIs	External Credit Assessment Institutions
ECB	European Central Bank
ECL	Expected Credit Losses
EMIR	European Markets Infrastructure Regulation
EMTN	Euro Medium Term Note
EPC	Energy Performance Certificates
ESG	Environmental, Social and Governance
ESMA	European Securities and Markets Authority
ESRS	European Sustainability Reporting Standards
EU	European Union
EV	Economic Value
EVE	Economic Value of Equity
EXCO	Executive Committee
F
FCA	Financial Conduct Authority
FSV	Forced Sale Value
FVOCI	Fair value through other comprehensive income
FVPL	Fair Value through Profit or Loss
FX	Foreign Exchange
G
GAR GDPR	Green Asset Ratio General Data Protection Regulation
GHG	Greenhouse Gas
GIC	General Insurance of Cyprus
GLP	Green Loan Principles
GMRAs	Global Master Repurchase Agreements
GRI	Global Reporting Initiative
Group	Bank of Cyprus Holdings Public Limited Company
H
H&S	Health & Safety
HQLA	High Quality Liquid Assets
HRD	Human Resources Division

HRRC	Human Resources & Remuneration Committee
HSMS	Health and Safety Management System
I
IA	Internal Audit Division
ICAAP	Internal Capital Adequacy Assessment Process
ICMA	International Capital Market Association
ICT	Infrastructure and Communications Security
IEA	International Energy Agency
IFD	Investment Firm Directive
IFR	Investment Firm Regulation
IFRS	International Financial Reporting Standards
IFs	Investment Firms
ILAAP	Internal Liquidity Adequacy Assessment Process
IPCC	Intergovernmental Panel on Climate Change
IR&ESG	Investor Relations and ESG Department
IRB	Internal Rating Based
IRRBB	Interest rate risk in the banking book
ISDA	International Swaps and Derivatives Association, Inc.
ISMS	Information Security Management System
IT	Information Technology
ITS	Implementing Technical Standards
K
KPIs	Key Performance Indicators
KRIs	Key Risk Indicators
L
LAS	Liquidity Adequacy Statement
LCP	Liquidity Contingency Plan
LCR	Liquidity Coverage Ratio
LGD	Loss given default
LMA	Loan Market Association
LRE	Leverage Ratio Exposure
LSD	Legal Services Department
LTIP	Long-term incentive plan
LTV	Loan to Value
M
MA	Materiality Assessment
MDB	Multilateral Development Banks
MiFID	Markets in Financial Instruments Directive
MM	Money Market
ML/TF	Money Laundering and Terrorism Financing
MLR	Market & Liquidity Risk Department
MREL	Minimum Requirement for Own Funds and Eligible Liabilities
MTF	Multilateral Trading Facility
MTM	Mark-to-Market
N
NCGC	Nominations and Corporate Governance Committee
NEDs	Non-executive directors
NFC	Non-Financial Corporation
NFRD	Non-Financial Reporting Directive
NGFS	Network for Greening the Financial System
NII	Net Interest Income
NMDs	Non-Maturing Deposits
NPEs	Non-Performing Exposures
NPLs	Non-Performing Loans
NSFR	Net Stable Funding Ratio

O

OCI	Other Comprehensive Income
ORM	Operational Risk Management
ORSA	Own Risk and Solvency Assessment
O-SIIs	Other Systemically Important Institutions
OTC	Over-The-Counter
P
P.P.I	Property price indices
P2G	Pillar II Guidance
P2R	Pillar II Requirement
PCAF	Partnership for Carbon Accounting Financials
PD	Probability of Default
PEP	Politically Exposed Person
PiT	Point-in-time
POCI	Purchased or originated financial assets
PRB	Principles of Responsible Banking
PSE	Public Sector Entities
Q
QCCP	Qualifying Central Counterparty
R
RAF	Risk Appetite Framework
RAS	Risk Appetite Statement
RC	Board Risk Committee
RCA	Risk and Control Assessment
RCMS	Risk Compliance Management System
RCSA	Risk Control Self-Assessment
REMU	Real Estate Management Unit
RICS	Royal Institute of Chartered Surveyors
RIMA	Risks Identification & Materiality Assessment
RMD	Risk Management Division
RMF	Risk Management Framework
RoPA	Record of Processing Activities
ROTE	Return on Tangible Equity
RP	Recovery Plan
RPI	Leverage Ratio
RRF	Recovery and Resilience Facility
RSF	Required stable funding

RWAs	Risk Weighted Assets
S
SA-CCR	Standardised Approach for Counterparty Credit Risk
SBE	Shadow Banking Entity
SREP	Supervisory Review and Evaluation Process
SBTi	Science based targets Initiative
SC	Sustainability Committee
SDG	Sustainable development goal
SFDR	Sustainable Finance Disclosure Regulation
SFF	Sustainable Finance Framework
SFTs	Securities Financing Transactions
SIRP	Security Incident Response Plan
SMEs	Small Medium Enterprises
SOC	Security Incident Response Team
SRB	Single Resolution Board
SSM	Single Supervisory Mechanism
STIP	Short-term incentive plan
T
T1	Tier 1
T2	Tier 2

TC	Total Capital
TCFD	Task Force on Climate-related Financial Disclosures
TIPS	Outward Instant Payments
TLTRO	Targeted Longer-Term Refinancing Operations
TPRM	Third-Party Risk Management
U
UNEPFI	United Nations Environment – Finance Initiative
Underlying basis	The underlying basis is computed by adjusting the results as per the statutory basis for the reclassification of certain items.
V
VaR	Value at Risk

AI Terminal

Bank of Cyprus Holdings PLC

2451_rns_2025-04-07_bc69fa8e-951c-4ddb-89a8-ee34d2d61601.pdf

Pillar 3 Disclosures 2024

Forward-Looking Statements

1. Executive Summary

Strategy and Outlook

Pillar 3 Disclosures 2024

1. Executive Summary (continued)

1. Executive Summary (continued)

1. Executive Summary (continued)

Risk Profile

2. Introduction

2.1 Corporate Information

2.2 Pillar III Regulatory Framework

Regulatory framework overview

Pillar 3 Disclosures 2024

2.2 Pillar III Regulatory Framework (continued)

Future Regulatory Developments

2.2 Pillar III Regulatory Framework (continued)

Capital requirements

Minimum Capital Requirements

2.2 Pillar III Regulatory Framework (continued)

2.2 Pillar III Regulatory Framework (continued)

Pillar 3 Disclosures 2024

2.2 Pillar III Regulatory Framework (continued)

Comparative information

Disclosure policy

Basis and preparation

Frequency, media and location

2.2 Pillar III Regulatory Framework (continued)

Verification

Attestation

3. Risk Management Objectives and Policies

3.1 Strategies and Processes to Manage Risks

3.1.1 Principal Risks

Pillar 3 Disclosures 2024

Pillar 3 Disclosures 2024

Pillar 3 Disclosures 2024

3.1.1 Principal Risks (continued)

3.1.2 Risk Management Framework

Pillar 3 Disclosures 2024

3.1.3 Effectiveness of the Risk Management Framework

3.1.4 Risk Governance

Pillar 3 Disclosures 2024

3.1.5 Accountability and Authority

Board and Management Committees

Senior Management

Chief Executive Officer (CEO)

Pillar 3 Disclosures 2024

3.1.5 Accountability and Authority (continued)

Chief Risk Officer (CRO)

3.1.6 Risk Identification

3.1.7 Three Lines of Defence

3.1.7 Three Lines of Defence (continued)

First Line of Defence

Second Line of Defence

Third Line of Defence

3.1.7 Three Lines of Defence (continued)

Risk Management Division (RMD) relation with control functions

3.1.8 Risk Management Division (RMD)

3.1.9 Risk Culture

3.1.10 Risk Appetite Framework (RAF)

Pillar 3 Disclosures 2024

3.1.10 Risk Appetite Framework (RAF) (continued)

Risk Appetite Statement (RAS)

Risk Appetite and Financial Plan Interaction

3.1.11 Risk Taxonomy

3.1.12 Risk Management Policies

3.1.13 Risk Measurement and reporting

Pillar 3 Disclosures 2024

3.1.14 Recovery Plan

3.1.15 Stress Testing

Other business and specific risk type stress tests

3.1.15 Stress Testing (continued)

2025 EU-wide stress test ("EBA Stress Test")

3.1.16 ICAAP, Pillar II and SREP

3.1.16.1 ICAAP

3.1.16.2 Pillar II and SREP

3.1.16.2 Pillar II and SREP (continued)