PT BANK MANDIRI PERSERO Tbk. AND SUBSIDIARIES NOTES TO THE CONSOLIDATED FINANCIAL STATEMENTS As of December 31, 2015 and for the year then ended Expressed in millions of Rupiah, unless otherwise stated 204

61. RISK MANAGEMENT continued

Out of 10 Executive Committee, there are 4 committees that are directly involves in risk management, i.e RMC, IRC, ALCO and PPC, RMC is the Committee that discuss and recommends policy and procedures as well as monitoring roifk profile and managing all the Banks risks. Integrated IRC is the committee that provide recommendation on the integrated risk management policy including the application of risk management in subsidiaries. IRC is based on the application of OJK Rule No.14POJK.032014 regarding integrated risk management. IRC has members from subsidaries and discuss as well as recommends the policy and application of integrated risk management. ALCO is the committee that manages Banks asset and liability management, interest rate and liquidity and other areas that are related to the asset and liability management of the Bank. PPC is the committee that discuss and recommends the adjustment or improvement in the Banks policy and procedures. Committees under Board of Commissioners including Risk Monitoring Committee, Integrated Governance Committee and Audit Committee, which has the task and responsibility to perform review and evaluation on policy and execution of Banks risk management, as well as providing inputs and recommendation to the Board of Commissioners in their monitoring tasks. Operationally, the related Directorate with risk management is divided into 2 two big parts, that is 1 Credit Approval as part of the four-eye principles, located at the Wholesale Risk Directorate and Retail Risk Directorate and 2 Independent Risk Management that is located in the Risk Management Directorate and Risk Management Compliance Directorate. Risk Management Compliance is headed by a Director that is responsible towards the Board of Director and also a member of the Integrated Risk Management Committee, and Policy Procedure Committee. The bank has also established a Risk Management Working Unit under the Risk Management Compliance. The Risk Management Compliance Directorate is divided into 3 three groups, that is the Credit Portfolio Risk Group that is related to Credit Risk and portfolio and Risk Management integration through ERM, Market Risk Group and Operational Risk Group that is related to market risk, liquidity risk, and operational risk. The Risk Management Directorate and each strategic business unit are responsible for maintainingcoordinating 8 eight types of risk that faced by the Bank, discussing and proposing risk management policies and guidelines. All risks will be reported in quarterly risk profile report and semi-annually Bank’s soundness report in order to describe all embedded risks in the Bank’s business activities, including consolidation with subsidiaries’s risks. A. Credit Risk The Bank’s credit risk management is mainly focused to improve the balance between prudent loan expansion and maintenance in order to prevent quality deterioration downgrading to Non Performing Loan NPL category and to optimise capital utilisation to achieve optimum Return On Risk Weighted Asset RORWA. To support this objective, the Bank periodically reviews and updates its policies and procedures for credit in general, by business segment and tools risk management. These policies and procedures are intended to provide a comprehensive credit risk management guideline for identification, measurement and mitigation of credit risks in the end-to-end loan acceptance process, from market targeting, loan analysis, approval, documentation, disbursement, monitoring and settlement process for non-performingrestructuring loans. To improve the Bank’s social role and concern to the environmental risk and as an implementation of Good Corporate Governance GCG, the Bank has set up a Guideline for Technical Analysis of Environmental and Social in Lending which is used as a reference in analysing environmental risk in a credit analysis. This Guideline is in line with Bank Indonesia regulation regarding Assessing the Quality of Asset on Commercial Bank regulating that the assessment on debtor business process should also consider the debtor’s effort to maintain its environment. PT BANK MANDIRI PERSERO Tbk. AND SUBSIDIARIES NOTES TO THE CONSOLIDATED FINANCIAL STATEMENTS As of December 31, 2015 and for the year then ended Expressed in millions of Rupiah, unless otherwise stated 205

61. RISK MANAGEMENT continued

A. Credit Risk continued In principle, credit risk management is implemented to transactional and portfolio levels. At the transactional level, the Bank has implemented the four-eye principles concept, whereby each loan approval involves Business Unit and Credit Risk Management Unit which work independently to make an objective credit decision. The four-eye principles is executed by Credit Committee according to the authority limit and the loan approval process is conducted through Credit Committee Meeting mechanism. Executive Credit Officer as Credit Committee members, must be highly competent as well as having strong capacity and integrity so that the loan granting process can be conducted objectively, comprehensively and prudently. To monitor the performance of the credit authority holders in approving and maintaining loans, the Bank has developed a database for authority-holder monitoring. By using this system, the Bank can monitor the amount and quality of the loans approved by the credit authority holders, so that the performance of the Executive Credit Officer can be monitored from time to time. To mitigate credit risk, Credit Committee sets loan structure for every debtor through appropriate covenants that aligns with debtor needs and condition. This is to ensure the debtor uses the loan according to original purpose so that bank and debtors interest are fulfilled. The policies regarding to collateral in order to mitigate credit risk has been embedded in each segments Credit Procedure Standard. The collateral that can be accepted by the Bank includes Movable Assets among others cash, receivables, inventory, and marketable securities, Non- Movable Assets among others property, land, and equipment, and personalcorporate guarantee. The collateral coverage criteria for each segment is divided as follows: Segment Collateral Minimum Coverage Amount Wholesale Funded project 100 - 150 of credit limit Inventory Receivable Fixed Asset Land or land and property Other collateral accepted by the Bank Retail Fixed asset 100 - 200 of credit limit Inventory Receivable Land or land and property Other collateral accepted by the Bank Collateral coverage amount is determined by type and limit of credit facility, type and value of collateral and evaluation of debtor As credit collateral, fixed asset such as land and building are preferable than other types of collateral. The fair value of collateral is assessed by internal assessors Credit Operation Unit and an external assessors who have already been appointed by the Business Unit Credit Recovery Unit. Collateral can be exchanged as long as the new collateral fulfils marketability and collateral value adequacy criteria. If debtors failed to pay off their loan, the collateral will be liquidated as a second way out to ensure credit recovery. To identify and measure risk of each credit application processed in the transactional level, as part of implementation of prudential banking, the Bank utilises Credit Risk Tools, which among other include Credit Rating and Credit Scoring Tools, financial spread sheet, comprehensive Credit Analysis Memorandum. The Rating and Scoring systems consist of Bank Mandiri Rating System BMRS, Small Medium Enterprise Scoring System SMESS, Micro Banking Scoring System MBSS and Consumer Scoring System application, behaviour, collection and anti-attrition.