RISK MANAGEMENT SYSTEM Corporate governance system RISK MANAGEMENT SYSTEM Development Bank of Kazakhstan Risk management at the Development Bank is an integral part of the corporate culture of the Development Bank and plays an important role in the strategic decision-making. Risk management is carried out at all levels in accordance with the recommendations of Basel II agreement and the requirements of the national regulator. Development Bank’s Board of Directors approves the main policies and regulations governing the process of risk assessment and risk management in the Development Bank, and the Risk Management Committee, created under the Board of Directors, assists the Board of Directors in fulfilling its oversight responsibilities for the operation of adequate and effective risk management system in the Development Bank. The Audit Committee considers the issues regarding the internal and external audit of the Development Bank. Threemainexecutivecommitteesoperateformanagement of risks, assets and liabilities at the Development Bank: Asset and Liability Management Committee (ALCO); Credit Committee; Investment Committee. The corresponding structural departments ensure constant improvement of the risk management system, independent assessment and monitoring of risks. Internal Audit Service evaluates the adequacy and effectiveness of risk management and internal control systems, makes recommendations for improvement of the Development Bank activity.When building a corporate risk management system, the Development Bank is guided by the following principles: creation and protection of share capital value – effective risk management allows the Bank to create and protect the value of equity in order to achieve

RISK MANAGEMENT STRUCTURE Corporate governance system RISK MANAGEMENT STRUCTURE THE BOARD OF DIRECTORS AND THE COLLEGIAL BODIES OF THE BOARD OF DIRECTORS 1 Annual report 2015 MANAGEMENT BOARD AND THE COLLEGIAL BODIES OF THE MANAGEMENT BOARD 2 SUBDIVISIONS OF THE BANK’S RISK MANAGEMENT 3 4 INTERNAL AUDIT SERVICE OTHER STRUCTURAL SUBDIVISIONS OF THE BANK 5 strategic and operational objectives; inalienability in all organizational processes – risk management is an integral part of all organizational processes and is the responsibility of each structural subdivision or employee of the Development Bank; inalienability of the decision making process – risk management helps to make informed decisions and prioritize actions; Work with uncertainty – risk management is used to reduce the level of uncertainty, determine the nature of this uncertainty and to take measures to reduce the level of uncertainty; systematicity, structuredness and timeliness – a systematic, structured and timely approach to risk management contributes to improving the efficiency and generates reasonable confidence in the results; awareness- input data for the risk management process is based on the best available information sources. Members of the corporate risk management system must understand and consider the limitations and drawbacks of the quality of input data; adaptability – approaches to risk management shall match the level of risk of external and internal environment; transparency and comprehensiveness – approaches to risk management must be open, transparent and accessible to all members of the corporate risk management system. Approaches of risk management shall be meaningful and comprehensive; responsiveness and iterativeness – risk management is a continuous and iterative process, tracking changes and quickly reacting to changes;

Corporate governance system continuous improvement – risk management shall be used to improve all the processes of activity. The Development Bank is constantly improving its corporate risk management system. For the purposes of its operation, the Development Bank groups risks as follows: DEVELOPMENT BANK’S CLASSIFICATION OF RISKS RISKS “DEVELOPMENT BANK OF KAZAKHSTAN MACROECONOMIC Development Bank of Kazakhstan Annual report 2015 POLITICAL External environment Internal environment Financing Non-financing Concentration risk Operational risks Credit risk Yield curve risk Strategic risks INDUSTRY RISK Business risks Interest risk Legal risks COUNTERPARTY RISK GROUP Liquidity loss risk Currency risk Compliance risks COUNTRY RISK Equity risk Reputational risks 90 91

Corporate governance system The activities of the Development Bank are exposed to major risks related to the lending process, adverse fluctuations in exchange rates and interest rates, and others. The Development Bank is exposed to market risks from open positions in interest rate and currency, maturity mismatch of assets and liabilities, subject to risk of changes in market conditions. Market risk management at the Development Bank is carried out through periodic estimation of potential losses from adverse changes in market conditions and establishing and maintaining appropriate stop-loss limits and requirements for the rate of profit. The Collegial Body of the Development Bank, in charge of market risk management, is the Management Board and ALCO. Credit risk is the risk of financial loss occurring as a result of default by a borrower or counterparty on its obligations to the Development Bank. The Development Bank developed a set of internal regulations and established regulated credit risk management procedures, including the requirements to establish and comply with concentration limits of the loan portfolio. In order to measure the credit risk the Development Bank implemented and uses a model for calculating the internal rating of borrowers based on the methodology of Standard&Poor’s international rating agency. The Development Bank Memorandum of Credit Policy provides a multi-stage system of collegial decision- making by the authorized bodies (Credit Committee, Management Board, Board of Directors) to grant credit instruments depending on the size of the credit instrument. The Development Bank constantly monitors the status of each loan and regularly analyzes the financial condition and creditworthiness of its borrowers. Review of the credit risk is based on an analysis of the borrower’s financial statements, implementation of investment projects and export transactions, leasing transactions and other project information. Apart from individual customer analysis structural subdivisions, whose responsibilities include it, assess the loan portfolio as a whole in terms of loan concentration. On a continuing basis the Development Bank pays special attention to the analysis and control of all of its risks that could have an impact on achieving long-term strategic objectives and key performance indicators of the Action Plan, approved by the Board of Directors. A plan of measures to minimize the risks is developed and approved as part of the risk management system, both aimed at eliminating the causes of implementation risks and minimizing the consequences in case of realization of risk events. A register and matrix of risks and controls of the Development Bank business processes undergoes a mandatory review and update process on an annual basis. A risk map is developed on the basis of the risk matrix. More detailed information about the Development Bank’s risk management is reflected in the notes to the consolidated financial statements of the “Development Bank of Kazakhstan” JSC. Development Bank of Kazakhstan