Regulatory Disclosures

Credit risk in lending is the risk of financial loss resulting from the failure of a borrower to fully honour their financial or contractual obligations, such as failure to repay principal and interest on their loan.  The Company manages this risk through the diligent application of prudent lending limits and practices which reflect the Company’s risk neutral appetite, with focus on building a high quality credit portfolio over loan growth.  As part of managing that risk, the Company maintains a diversified book of lending, with portfolio diversity geographically, in industry and borrowers.  

The Company employs a risk measurement process for its loan portfolio. Credit risk rating matrixes are established for each lending product to assess and quantify credit risk in an accurate and consistent manner.  Areas of credit risk assessment are proactively updated to reflect macroeconomics, emerging risks such as climate change and environmental risks, real estate values, and appropriate stress testing to identify potential impacts to the credit risk profile. 

The assessment of individual loans and mortgage credit risk is managed as a dynamic process throughout the life of the credit. The Company assigns a numeric risk rating to each loan, mortgage, and line of credit by performing a thorough risk analysis at the time of loan origination, renewal, and annual review. 

Credit risk is measured by reviewing exposure to borrowers, whether individuals (consumer loans), First Nations, or commercial entities, and by reviewing qualitative and quantitative factors that impact the loan portfolio.  A Residential Mortgage Underwriting Policy has been established within the Board of Directors - Credit Policy to manage credit risks in this portion of the loan portfolio.  The Company has developed a framework that promotes proactive management of credit risks through multiple lines of monthly reporting that assess the effectiveness of current processes and controls.

Loan exposures are managed and monitored through facility limits for individual borrowers and a credit review process. These reviews ensure that the borrower complies with internal policy and underwriting standards.  The Company relies on collateral security, typically in the form of a fixed and floating charge over the assets of its borrowers.  Credit risk is also managed through regular analysis of the ability of customers to meet interest and capital repayment obligations and by changing lending limits where appropriate.  

Each Regional Office is responsible for the day-to-day management of their respective loan portfolios and is considered a first line of defense in managing credit risk.  The second line of defense is the Corporate Credit department along with Senior Management who review the portfolio risk on at least a monthly basis, providing direction where required in account management. Senior Management, including the Chief Executive Officer and Vice-President, Credit, are responsible for the oversight and implementation of credit risk policies and for monitoring compliance. 

The Board of Directors delegates to the Loans Committee full power as it relates to all credit related matters.  The Loans Committee has ultimate oversight responsibility for understanding the nature and level of credit risk of the Company, ensuring Senior Management has implemented a risk management program commensurate with the Company’s risk appetite, policies, procedures, and controls. 

The Loans Committee is responsible for establishing credit approval authorities of the Chief Executive Officer, establish exposure limits and review lending practices of the Company as recommended by Senior Management.  The Loans Committee meets at least quarterly and reports to the Directors of the Company on all matters reviewed by the Committee.

Annual self-assessments and attestations as to credit risk management and compliance points of reliance, including disclosure of any gaps be it internal, Board policies, or regulatory are fully disclosed including plans to satisfy any gaps.  The Chief Risk Officer, Chief Compliance Officer, and Chief Executive Officer, along with the full Board, are updated and any outstanding items are monitored through quarterly Committee (Loans, Audit, Risk) reports.

As a final line of defense, Internal Audit oversees an ongoing review of assigned loan risk assessments and provide an objective review of credit’s compliance with the Company’s credit risk management practices and processes, reporting their findings to both Senior Management and the Board of Directors Audit Committee.

Market risk is the impact on earnings resulting from changes in financial market variables, such as interest rates and foreign exchange rates. Market risk arises when making loans, taking deposits and making investments. The company does not undertake trading activities and therefore, does not have risks related to activities such as market making, arbitrage or proprietary trading. The Company does not hold or trade in foreign currencies and, consequently, is not exposed to foreign exchange risk. The Company’s material market risk is confined to interest rates.

Interest rate risk arises from changes in interest rates that affect the securities and net interest income.  Exposure to this risk directly impacts the Company’s income from its securities and loan and deposit portfolios.  The Company’s objective is to earn an acceptable return on these portfolios, without taking unreasonable risk, while meeting customer needs.

The Company’s risk position is measured based on rates charged to customers. Senior management manages day-to-day interest rate risk within approved policies and reports to management’s Asset/Liability Committee (ALCO) to ensure policy compliance.  Management provides reports on these matters to the Board of Directors.  Tools to measure this risk include gap analysis, which shows the sensitivity between interest sensitive assets and interest sensitive liabilities, duration analysis and income sensitivity analysis.

Senior management is responsible for managing the Company’s interest rate risk, monitoring approved limits and compliance with policies.  The Company manages interest rate risk by developing and implementing asset and liability management policies. The policies are approved by the Board of Directors and monitored by the ALCO.  The Company’s goal is to achieve satisfactory and consistent profits, liquidity and safety. The Company makes use of financial modeling based on possible scenarios and matching analysis to measure and manage its market risk.  At least annually, the Board of Directors reviews the Company’s investment and interest rate risk policies.

Liquidity risk is the risk that the Company will not have sufficient cash to meet its obligations as they come due.  This risk arises from fluctuations in cash flows from lending, deposit taking, investing and other activities.  Effective liquidity management ensures that adequate cash is available to honour all cash outflow obligations while limiting the opportunity cost of holding short-term assets.  Maintenance of a prudent liquidity base also provides flexibility to fund loan growth and react to other market opportunities.

The Company makes use of an Operational Risk Management (ORM) Framework in its management of operational risk. This framework provides a consistent and systematic method of establishing the context for and identifying, analyzing, evaluating, treating, monitoring, and communicating high priority operational risks in a way that allows the Company to make decisions and respond to risks and opportunities as they arise. The ORM Framework structure and content are based on the Enterprise Risk Management (ERM) Framework and are managed in accordance with the ERM Framework strategy and policy.

The Company uses a seven-stage process for managing and controlling operational risks. The seven stages are as follows:         

1. Communicate and consult - a consultative approach to risk management.
2. Establish the context - establishing the context enables PHT to focus its risk management efforts to suit the environment in which it operates.
3. Identify Risks - occurs on an on-going basis and identifies current and future expected risks.
4. Analyze Risks - assess the impact and likelihood both positive and negative consequences of a risk event. Allows for prioritization of risks in a way that focuses on the most significant risks.
5. Evaluate Risks - prioritizes risks for treatment. Here we use a risk matrix, a risk register, and set a risk appetite.
6. Treat Risks - implement treatment options to respond to risks. Seeks to minimize potential downside and maximize potential upside of opportunities.
7. Monitor and Review - continuously evaluate the effectiveness and relevance of PHT's ORM program.

The Company assesses the impact and likelihood of a possible risk event. The probability of a risk occurrence is assessed by estimating the frequency of the risk occurring using a scoring system form 1-5 depending on its likelihood, 1 being rare, 2 being unlikely, 3 possible, 4 likely, 5 almost certain.  The risk impact is measured by also using a 5-point system ranging from insignificant through minor, moderate, major and catastrophic. Each level of impact is associated with categories of risk that include Strategic, Financial, Operational, People, and Reputational.  For example, a catastrophic financial loss would be one that would be almost impossible to recover from and has been deemed to be greater than $10 million.

The ORM Framework was approved by the Board through its Risk Committee in May of 2023.  As such the Company is in the process of implementing it on an organization wide basis.  The Board and Senior management will receive regular updates to the current situation and any questions arising starting in Q4 of 2023.

The process of risk mitigation, or as referred to in the Peace Hills ORM Framework, the risk treatments, seeks to identify, assess, and implement treatment options to respond to risks.  Risk treatment not only seeks to minimize potential downside, but also maximize the potential upside of opportunities.  Once risks have been evaluated using the Risk Matrix, PHT will determine treatment options for each risk identified. Risks will be categorized into one of the following three groups:

1. Untreatable risks - risks with no economic possibility of mitigation;
2. Allowable risks - risks that can be economically mitigated, but that the Company feels are inherent in their business, and are therefore accepted;
3. Treatable risks - risks that can be mitigated economically, where efforts to do so are either in place, or need for such mitigation efforts is or should be recognized.

The Company uses policies, processes, education, and insurance as treatments for risk events.  The Company, in treating risks, makes use of a rating system from low through medium, high, and very high.

• Low - the risk is acceptable.
• Medium - the risk is accepted if adequate controls and other internal measures are in place. Risk control measures may be implemented to further mitigate the risk if a strong effectiveness case exists.
• High - The risk should be mitigated unless the risk reduction cost significantly outweighs the risk reduction benefit. Otherwise, the risk should be avoided or shared. (e.g. insurance).
• Very high - Risk treatment actions must be taken regardless of cost. If the risk cannot be effectively mitigated to an acceptable level, it must be avoided or transferred.