Risk Management

2025 was a year marked by heightened complexity and rapid shifts across global markets. Persistent macroeconomic uncertainty, coupled with escalating geopolitical tensions, continued to weigh on sentiments globally. US-China frictions, widening trade disputes and the introduction of US-imposed Liberation Day Tariffs, followed by retaliatory measures from major economies, elevated the uncertainties of the global macroeconomic outlook and amplified market volatility.

These conditions reinforced the importance of proactive risk management and organisational agility in navigating an increasingly fragmented environment. Against this backdrop, we remained focused on strengthening our risk management framework to support sustainable and quality growth.

Building a Resilient Portfolio

Global inflation remained elevated in several economies, even as slowing growth and rising unemployment pushed many central banks towards calibrated rate cuts, to balance stimulating growth, without reigniting inflationary pressures. This translated into tighter margins for businesses and increased vulnerability to credit and liquidity risks.

In response to the uncertainties, we intensified efforts to sharpen credit risk identification. This included rigorous credit assessments and monitoring, forward-looking stress tests and scenario analyses designed to surface emerging vulnerabilities and facilitate timely risk mitigation. Potentially vulnerable accounts were proactively escalated for closer scrutiny under the Early Warning Risk Forums, reinforcing a vigilant, early risk identification and management approach across business units globally.

These collective efforts helped maintain the resilience of our credit portfolio. The non performing loan ratio remained steady at 0.9%, while credit costs stayed at 17 basis points – clear indicators of the effectiveness of our early intervention strategy.

Sector-specific headwinds, particularly in commercial real estate in some of our markets, underscored the need for heightened vigilance. Our agile and risk-focused response framework enabled us to adjust quickly to evolving risks, preserving overall portfolio stability. We also continued to actively manage bond durations and maintain high-quality exposures, helping to cushion the impact of market volatility and shifting rate environments.

Fortifying Our Non-Financial Risk Management

Non-financial risk management has been a key focus of the Group amid accelerating digitalisation and complex system interdependencies. We continued to prioritise and enhance capabilities across operational, technology, cyber and third party risk management to strengthen resilience and safeguard critical services.

Operational and technology resilience remained key priorities. We advanced our ability to anticipate, withstand, and recover from disruptions through ongoing investments in resilience planning, testing and response capabilities. These enhancements support continuity of operations and minimise the impact of adverse events in an increasingly interconnected environment.

The acceleration of digital adoption continued to introduce new dimensions of operational and cyber security risks. Technology outages, service disruptions, and cybersecurity threats – particularly those associated with third-party service providers – demanded rigorous assessment and robust controls. To further uplift the Group's organisational readiness, we invested in various initiatives such as the Cyber Smart Program, to deepen our colleagues' awareness and competencies in cyber security.

As we expanded artificial intelligence (AI) usage across the Group, we remained vigilant of the associated risks and steadfast in our commitment to the ethical and responsible deployment of AI. We continue to closely monitor the rapidly evolving landscape and will refine our policies and guardrails to ensure robust and effective oversight.

Recognising the importance of protecting customer information, we broadened our internal monitoring coverage to more systems, enabling more timely detection and prevention of unauthorised access to sensitive data.

These efforts culminated in the Bank maintaining its highest tier Cyber Trust Mark certification from the Cyber Security Agency of Singapore for the third consecutive year – affirming the strength of our cyber risk governance and commitment to safeguarding critical assets.

Strengthening Our Foundations for Sustainable Growth

The lessons of 2025 underscored the enduring importance of strong risk management fundamentals, timely risk recognition and intervention, and organisational resilience. As global uncertainties persist, we remain focused on deepening our core risk capabilities to support sustainable business growth.

As the Group advances its strategic initiatives, we will continue to focus on our forward-looking approach to risk management. This entails assessing risks early and comprehensively across products, portfolios, and business lines to ensure growth initiatives remain aligned with the Group's risk appetite and supported by appropriate controls.

Portfolio management will continue to play a central role. We will support our strategic priorities through quality and sustainable growth in core and emerging segments, underpinned by prudent and disciplined underwriting, active portfolio monitoring and rigorous stress testing. We are committed to optimise the balance between risk, return and capital usage for a long-term sustainable performance.

Finally, we maintain a strong governance oversight over our businesses and functions across our footprint to ensure consistency and discipline in risk management and execution of our control standards.

Together, these priorities reflect the Group's commitment to a continuing strong risk culture with resilience, and long term sustainability. Building on the foundations strengthened in 2025, we are confident that the Group and our risk management function are well positioned to navigate ongoing uncertainties as we seek quality, sustainable growth with a refreshed Group corporate strategy.