6-K

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

FORM 6-K

REPORT OF FOREIGN PRIVATE ISSUER

PURSUANT TO RULE 13A-16 OR 15D-16

UNDER THE SECURITIES EXCHANGE ACT OF 1934

For the month of September, 2017

Commission File Number: 001-37877

The Bank of N.T. Butterfield & Son Limited

(Translation of registrant’s name into English)

65 Front Street

Hamilton, HM 12

Bermuda

(Address of principal executive offices)

Indicate by check mark whether the registrant files or will file annual reports under cover Form 20-F or Form 40-F.

Form 20-F ý Form 40-F o

Indicate by check mark if the registrant is submitting the Form 6-K in paper as permitted by Regulation S-T Rule 101(b)(1): o

Indicate by check mark if the registrant is submitting the Form 6-K in paper as permitted by Regulation S-T Rule 101(b)(7): o

DOCUMENTS INCLUDED AS PART OF THIS FORM 6-K

Attached hereto (i) as Exhibit 99.1 is the Pillar III filing of The Bank of N.T. Butterfield & Son Limited (the “Company”) for the six months ended June 30, 2017.

Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned, thereunto duly authorized.

Date:  September 27, 2017	THE BANK OF N.T. BUTTERFIELD & SON LIMITED
	By:	/s/ Jeff Bennett
	Name:	Jeff Bennett
	Title:	Group Chief Accountant

2

EXHIBIT INDEX

Exhibit	Description
99.1	Pillar III filing - June 30, 2017

3

EX-99.1

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

Contents		Page
1	Overview	3
1.1	Background	3
1.2	Basis of disclosures	3
1.3	Scope of application	3
1.4	Location and verification	4
2	Risk Management Objectives and Policies	5
2.1	Risk governance	5
2.2	Risk management	7
3	Capital Structure	8
4	Capital Adequacy	10
4.1	Capital management	10
4.2	Regulatory capital	10
4.3	Minimum capital requirement: Pillar 1	10
4.4	Leverage ratio	11
5	Credit Risk Measurement, Mitigation and Reporting	13
5.1	Credit risk overview	13
5.2	Credit risk - retail and private banking	13
5.3	Credit risk - commercial banking	14
5.4	Credit risk - treasury	14
5.5	Exposures	15
5.6	Impairment provisions	17
5.7	Credit risk concentrations	19
5.8	Credit risk mitigation	21
5.9	Securitisations	23
6	Market and Liquidity Risk	25
6.1	Market risk overview	25
6.2	Interest rate risk	25
6.3	Foreign exchange risk	25
6.4	Liquidity risk	26
7	Operational Risk	27
8	Other Information	28
8.1	Abbreviations	28
8.2	Cautionary statements regarding forward-looking statements	29

Page 2

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

1.Overview

1.1    Background

Effective 1 January 2015, the BMA implemented the capital reforms proposed by the BCBS and referred to as the Basel III regulatory framework. Basel III aims to raise the quality, consistency and transparency of the capital base, limit the build-up of excess leverage and increase capital requirements for the banking sector. Basel III adopts CET1 capital as the predominant form of regulatory capital with the CET1 ratio as a new metric. Basel III also adopts the new Leverage Ratio regime, which is calculated by dividing Tier 1 capital by an exposure measure. The exposure measure consists of total assets (excluding items deducted from Tier 1 capital, if any) and certain off-balance sheet items converted into credit exposure equivalents as well as adjustments for derivatives to reflect credit risk and other risks.

The Bank was required to report under both Basel II and Basel III guidance during 2015. From 1 January 2016 onwards, all published ratios are calculated under Basel III.

The Basel III regulatory framework adopts a phased implementation approach for Bermuda banks with full implementation on 1 January 2019, consistent with BCBS recommendations. When fully phased-in, the Bank will be subject to the following requirements:

• CET1 ratio of at least 7.0% of RWA, inclusive of a minimum CET1 ratio of 4.5% and the new capital conservation buffer of 2.5%, but excluding the D-SIB surcharge described below;

• Tier 1 capital of at least 8.5% of RWA, inclusive of a minimum Tier 1 ratio of 6% and the new capital conservation buffer of 2.5% but excluding the D-SIB surcharge described below;

• Total capital of at least 10.5% of RWA, inclusive of a minimum Total capital ratio of 8% and the new capital conservation buffer of 2.5% but excluding the D-SIB surcharge described below;

• The Bank is considered to be a D-SIB and is subject to a 3% surcharge composed of CET1-eligible capital implemented by the BMA effective 30 September 2015. This is based upon the Banks assessment of the extent to which it (individually and collectively with the other Bermuda banks) poses a degree of material systemic risk to the economy of Bermuda due to its role in deposit taking, corporate lending, payment systems and other core economic functions;

• Counter-cyclical buffer composed of CET1-eligible capital may be implemented by the BMA when macroeconomic indicators provide an assessment of excessive credit or other pressures building in the banking sector, potentially increasing the CET1, Tier 1 and total capital ratios by up to 2.5%; and

• Leverage ratio must be at 5.0% or higher.

The requirements of the Basel III regulatory capital framework include the disclosure requirements applicable to banks and deposit-taking companies which are known as Pillar 3. These are designed to promote market discipline by providing market participants with key information on a firm’s risk exposure and risk management processes. Pillar 3 also aims to complement the minimum capital requirements described under Pillar 1, as well as the supervisory processes of Pillar 2.

1.2    Basis of Disclosures

This disclosure document has been prepared by the Bank on a standardised basis and in accordance with the rules laid out in the BCBS standard issued in January 2015 entitled ‘Revised Pillar 3 Disclosure Requirements’. Unless otherwise stated, all figures are as at 30 June 2017 and are expressed in Bermuda dollars. Certain tables in this report may not sum due to rounding.

1.3    Scope of Application

The Bank is the parent company of The Bank of N.T. Butterfield & Son Limited group of companies and is regulated by the BMA. The Basel III Framework, therefore, applies to the Bank and its subsidiary undertakings (together referred to as both the “Bank” and the “Group”).

There is a requirement to calculate and maintain regulatory capital ratios on both a consolidated and a solo basis in respect of the Bank’s businesses in Bermuda, The Bahamas, the Cayman Islands, Guernsey, Switzerland and the United Kingdom. Differences may exist between jurisdictions in the calculation of regulatory capital requirements. However, there are no differences between the basis of consolidation of the Group for accounting and prudential purposes. Full details of the basis of consolidation can be found in Note 2 of our consolidated financial statements for the period ended 30 June 2017.

The Group is made up of the following principal operating entities, which are all wholly owned subsidiaries and fully consolidated in the Group’s financial statements:

The Bank of N.T. Butterfield & Son Limited, Bermuda

Page 3

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

Butterfield Asset Management Limited, Bermuda

Butterfield Securities (Bermuda) Limited

Grosvenor Trust Company Limited, Bermuda

Butterfield Trust (Bermuda) Limited

Butterfield Bank (Cayman) Limited

Butterfield Bank (Guernsey) Limited

Butterfield Mortgages Limited, UK

Butterfield Trust (Bahamas) Limited

Butterfield Trust (Switzerland) Limited

All the Group’s subsidiaries are included in the Pillar 3 disclosures. Each overseas operating company is regulated by its own local regulator and is subject to its own regulatory capital requirements. Further details of the principal subsidiary undertakings can be found in Note 12 of the Bank’s 30 June 2017 consolidated financial statements.

1.4    Location and Verification

The disclosures are not subject to external audit except where they are equivalent to those prepared under the accounting requirements for the inclusion in the Bank’s Audited Annual Report and Financial Statements.

These disclosures have been published on the Group’s corporate website (www.butterfieldgroup.com)

Page 4

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

2. Risk Management Objectives and Policies

2.1Risk Governance

The Group’s risk governance and management structure is illustrated below:

The Board of Directors (the “Board”) has overall responsibility for determining risk strategy, setting the Bank’s risk appetite and ensuring that risk is monitored and controlled effectively. It accomplishes its mandate through the activities of two dedicated committees:

The Risk Policy and Compliance Committee (“RPC”): This committee of the Board assists the Board in fulfilling its responsibilities by overseeing the Group’s risk profile and its performance against approved risk appetites and tolerance thresholds. Specifically, the committee considers the sufficiency of the Group’s policies, procedures and limits related to the identification, measurement, monitoring and control of activities that give rise to credit, market, liquidity, interest rate, operational and reputational risks, as well as overseeing its compliance with laws, regulations and codes of conduct.

The Audit Committee: This committee reviews the overall adequacy and effectiveness of the Group’s system of internal controls and the control environment, including those that are brought to bear in respect of the risk management process. It reviews recommendations arising from internal and independent audit review activities and management’s response to any findings raised.

Both the RPC and Audit Committees are supported in the execution of their respective mandates by the dedicated Audit, Compliance & Risk Policy Committees for our UK, Guernsey and Caribbean operations, which oversee the sufficiency of local risk management policies and procedures and the effectiveness of the system of internal controls that are in place. These committees are chaired by non-executive Directors drawn from the board of directors for each segment.

The Group executive management team is led by the Chief Executive Officer (“CEO”) and includes the members of executive management reporting to the CEO. The executive management team is responsible for setting business strategy and for monitoring, evaluating and managing risks across the Group. It is supported by the following management committees:

The Group Risk Committee (“GRC”): This committee comprises executive and senior management team members and is chaired by the Chief Risk Officer. It provides a forum for the strategic assessment of risks assumed across the Group as a whole based on an integrated view of credit, market, liquidity, legal and regulatory compliance, operational, interest rate, investment, capital and reputational risks, ensuring that these exposures are consistent with the risk appetites and tolerance thresholds promulgated by the Board. It is responsible for reviewing, evaluating and recommending the Group’s Risk Appetite Framework, the results of the Capital Assessment and Risk Profile (“CARP”) process (including all associated stress testing performed) and the Group’s key risk policies to the Board for approval, for reviewing and evaluating current and proposed business strategies in the context of our risk appetites and for identifying, reviewing and advising on current and emerging risk issues and associated mitigation plans.

The Group Asset and Liability Committee (“GALCO”): This committee comprises executive and senior management team members and is chaired by the Chief Financial Officer. The committee is responsible for liquidity, interest rate and exchange rate risk management and other balance sheet issues. It also oversees the execution of the Group’s investment and capital management strategies and monitors the associated risks assumed. It is supported in the execution of its mandate by the work undertaken by the dedicated Asset & Liability Committees in each of the Bank’s jurisdictional business units.

Page 5

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

The Group Credit Committee (“GCC”): This committee comprises executive and senior management team members and is chaired by the Chief Risk Officer. The committee is responsible for a broad range of activities relating to the monitoring, evaluation and management of credit risks assumed across the Group at both transaction and portfolio levels. It is supported in the execution of its mandate by the Financial Institutions Committee (“FIC”), a dedicated sub-committee that is responsible for the evaluation and approval of recommended inter-bank and counterparty exposures assumed in the Group’s treasury and investment portfolios, and by the activities of the European Credit Committee, which reviews and approves transactions within delegated authorities and recommends specific transactions outside of these limits to the GCC for approval.

The Provisions and Impairments Committee: This committee comprises executive and senior management team members and is chaired by the Chief Risk Officer. The committee is responsible for approving significant provisions and other impairment charges. It also oversees the overall credit risk profile of the Group in regards to non-accrual loans and assets. It is supported in the execution of its mandate by local credit committees and the GCC, which make recommendations to this committee.

The Policy Development Committee: This committee is operational by nature and comprises of representatives from all Butterfield business lines and jurisdictions. The committee is chaired by the Group Head of Operational Risk and meets as required, providing a forum to support the management and adoption of policies across the Group.

Page 6

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

2.2Risk Management

The Group manages its exposure to risk through the three “lines of defence” model. This may be summarised as follows:

The first “line of defence” is provided by our jurisdictional business units, which retain ultimate responsibility for the risks they assume and for bearing the cost of risk associated with these exposures.

The second “line of defence” is provided by the Risk Management group, which works in collaboration with our business units to identify, assess, mitigate and monitor the risks associated with our business activities and strategies. It does this by:

• Making recommendations to the GRC regarding the constitution of the Risk Appetite Framework;

• Setting risk strategies that are designed to manage risk exposures assumed in the course of pursuing our business strategies and aligning them with agreed appetites;

• Establishing and communicating policies, procedures and limits to control risks in alignment with these risk strategies;

• Measuring, monitoring and reporting on risk levels;

• Opining on specific transactions that fall outside delegated risk limits; and

• Identifying and assessing emerging risks.

The four functions within the Risk Management group that support our risk management activities are outlined below. To ensure a formal separation of duties, each reports directly to the Chief Risk Officer.

Group Market Risk - This unit provides independent oversight of the measurement, monitoring and control of liquidity and funding risks, interest rate and foreign exchange risks as well as the market risks associated with the Group’s investment portfolios. It also monitors compliance with both regulatory requirements and the Group’s internal policies and procedures relating to the management of these risks.

Group Credit Risk Management - This unit is responsible for the adjudication and oversight of credit risks associated with our retail and commercial lending activities and the management of risks associated with our investment portfolios and counterparty exposures. It also establishes the parameters and delegated limits within which credit risks may be assumed and promulgates guidelines on how exposures should be managed and monitored.

Group Compliance - This unit provides independent analysis and assurance of the Group’s compliance with applicable laws, regulations, codes of conduct and recommended best practices, including those associated with the prevention of money laundering and terrorist financing. It is also responsible for assessing the Group’s potential exposure to upstream risks and for providing guidance on the preparations that should be made in advance of these changes coming into effect.

Group Operational Risk - This unit assesses the effectiveness of the Group’s procedures and internal controls in managing its exposure to various forms of operational risk, including those associated with new business activities and processes and the deployment of new technologies. It also oversees the Group’s incident management processes and reviews the effectiveness of its loss data collection activities.

The third “line of defence” is provided by our Group Internal Audit function, which performs oversight and ongoing review, and challenges the effectiveness of the internal controls that are executed by both the business and Risk Management.

Page 7

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

3.Capital Structure

CET1 capital is comprised of common share capital, the share premium account, retained earnings and other reserves. It may also include interim retained profits that have been verified by external auditors, but losses must be taken into account, whether audited or not. Retained earnings and other reserves exclude unrealised gains and losses on available-for-sale investments¹. A deduction from CET1 capital is made in respect of goodwill and intangible assets and the Bank’s defined benefit pension obligations. For accounting purposes, acquired customer relationships are capitalised as intangible assets where they meet certain criteria and amortised over a period not exceeding 15 years.

Tier 1 capital is comprised of CET1 and AT1 capital. In December 2016, the Bank redeemed and cancelled all of its issued and outstanding preference share capital which constituted AT1 capital.

Tier 2 capital is comprised of non-qualifying subordinated notes subject to Basel III phase-out rules for capital instruments and the general allowance for credit losses. Non-qualifying subordinated notes are subject to a 10% phase-out per annum commencing 1 January 2013.

The table below shows the reconciliation between accounting capital and regulatory capital:

Table 1: Reconciliation of accounting capital to regulatory capital

(in millions of $)	30 Jun 2017		31 Dec 2016
Common share capital	0.5		0.5
Preference share capital	—		—
Additional paid in capital	1,150.2		1,142.6
Accumulated deficit	(250.5	)	(287.7	)
Less: Treasury common shares	—		—
Accumulated other comprehensive loss ("AOCL")	(130.3	)	(144.7	)
Total Shareholders Equity per Consolidated Balance Sheet	769.9		710.7
Regulatory adjustments:
Preference share capital	—		—
Goodwill and intangible assets	(61.5	)	(61.9	)
AOCL: Unrealised gains (losses) on AFS investments1	11.3		22.7
Defined benefit pension fund asset	(6.9	)	(4.7	)
AOCL: Deferred tax asset	(0.1	)	—
Total CET1 Capital	712.6		666.8
AT1 Capital
Preference share capital	—		—
Total Tier 1 Capital	712.6		666.8

¹One-time, irrevocable election allowed by the BMA

Page 8

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

The following table shows the Banks excess total eligible capital over regulatory minimums:

Table 2: Eligible capital

(in millions of $)	30 Jun 2017	31 Dec 2016
Total Tier 1 Capital (per table 1)	712.6	666.8
Tier 2 Capital	90.6	102.7
General provision	32.1	32.5
Subordinated debt	58.5	70.2
Total Eligible Capital	803.3	769.6
Minimum capital requirements under Pillar I (refer Table 3)	336.0	349.2
Excess eligible capital over minimum capital requirement under Pillar 1	467.3	420.4

Total capital increased mainly due to earnings accretion for the six month period ended 30 June 2017. This was partially offset by dividends paid to ordinary shareholders and the impact of Basel III phase-out rules on our non-qualifying long-term debts eligibility for inclusion as Tier 2 capital.

Page 9

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

4.Capital Adequacy

4.1Capital Management

One of management’s primary objectives is to maintain the confidence of our clients, bank regulators and shareholders. A strong capital position helps the Bank to take advantage of profitable investment opportunities and withstand unforeseen adverse developments.

The Bank manages its capital both on a total Group basis and, where appropriate, on a legal entity basis. The Finance department has the responsibility for measuring, monitoring and reporting capital levels within guidelines and limits established by the RPC. The management of capital will also involve regional management to ensure compliance with local regulation. In establishing the guidelines and limits for capital, a variety of factors are taken into consideration, including the overall risk of the business in stressed scenarios, regulatory requirements, capital levels relative to our peers, and the impact on our credit ratings.

4.2 Regulatory Capital

The current capital regulatory framework is based on three pillars:

• Pillar I: Sets the minimum capital requirements for credit, market and operational risk. Information is presented in Table 3 below.

• Pillar II: Under the Basel framework as implemented by the BMA, the Bank undertakes a CARP process, which is an internal assessment of all material risks to determine our capital needs. This internal assessment takes account of the minimum capital requirement and other risks not covered by the minimum capital requirement (Pillar 2). Where capital is deemed as not being able to mitigate a particular risk, alternative management actions are identified and described within the CARP. The CARP is presented to the RPC before being presented to the Board for challenge and approval and then submission to the BMA. The CARP process is performed annually or more frequently should the need arise.

A SAP is then undertaken annually by the BMA, which is designed to assess the Bank’s risk profile as documented in the CARP. This assessment is used to determine and set the Individual Capital Guidance which is the minimum level of capital the Group will be required to hold until the next SAP review is conducted.

• Pillar III: Aims to promote market discipline through regulatory disclosure requirements.

4.3Minimum Capital Requirement: Pillar 1

As at 30 June 2017 the CET1, Tier 1 and Total capital ratios of the Group were 17.0%, 17.0% and 19.1% respectively.

Page 10

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

The following table provides a general overview of RWAs by type of risk with additional disclosures pertaining thereto in the following sections:

Table 3: Overview of RWA (OV1)

		a	b	c
		RWA		Minimum capital requirements
	(in millions of $)	30 Jun 2017	31 Dec 2016	30 Jun 2017
1	Credit risk (excluding counterparty credit risk) (CCR)	2,987.6	3,198.2	239.0
2	Of which standardised approach (SA)	2,987.6	3,198.2	239.0
3	Of which internal rating-based (IRB) approach	—	—	—
4	Counterparty credit risk	—	—	—
5	Of which standardised approach for counterparty credit risk (SA-CCR)	—	—	—
6	Of which internal model method (IMM)	—	—	—
11	Settlement risk	—	—	—
12	Securitisation exposures in banking book	557.8	534.4	44.6
13	Of which IRB ratings-based approach (RBA)	—	—	—
14	Of which IRB Supervisory Formula Approach (SFA)	—	—	—
15	Of which SA/simplified supervisory formula approach (SSFA)	557.8	534.4	44.6
16	Market risk	—	—	—
17	Of which standardised approach (SA)	—	—	—
18	Of which internal model approaches (IMM)	—	—	—
19	Operational risk	654.9	632.1	52.4
20	Of which Basic Indicator Approach	—	—	—
21	Of which Standardised Approach	654.9	632.1	52.4
22	Of which Advanced Measurement Approach	—	—	—
23	Amounts below the thresholds for deduction (subject to 250% risk weight)	—	—	—
24	Floor adjustment	—	—	—
25	Total (1+4+7+8+9+10+11+12+16+19+23+24)	4,200.2	4,364.6	336.0

4.4Leverage Ratio

The Basel III framework introduced the leverage ratio as a simple, non-risk based measure to restrict the build-up of leverage in the banking sector.

As at 30 June 2017, the leverage ratio for the Group was 6.4%, in excess of the 5% regulatory minimum set by the BMA.

The tables below provide a reconciliation of the accounting assets and the leverage ratios denominator, the exposure measure, as well as the common disclosure template as prescribed by the BCBS in the Basel III leverage ratio framework and disclosure requirements standard issued in January 2014:

Page 11

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

Table 4: Summary comparison of accounting assets vs leverage ratio exposure measure

	(in millions of $)	30 Jun 2017
1	Total consolidated assets as per published financial statements	10,678.7
2	Adjustment for investments in banking, financial, insurance or commercial entities that are consolidated for accounting purposes but outside the scope of regulatory consolidation	—
3	Adjustment for fiduciary assets recognised on the balance sheet pursuant to the operative accounting framework but excluded from the leverage ratio exposure measure	(29.4	)
4	Adjustments for derivative financial instruments	88.4
5	Adjustment for securities financing transactions (i.e. repos and similar secured lending)	—
6	Adjustment for off-balance sheet items (i.e. conversion to credit equivalent amounts of off-balance sheet exposures)	393.5
7	Other adjustments	—
8	Leverage ratio exposure	11,131.2

Table 5: Leverage ratio common disclosure template

	(in millions of $)	30 Jun 2017
On-balance sheet exposures
1	On-balance sheet items (excluding derivatives and SFTs, but including collateral)	10,678.7
2	(Asset amounts deducted in determining Basel III Tier 1 capital)	(29.4	)
3	Total on-balance sheet exposures (excluding derivatives and SFTs) (sum of lines 1 and 2)	10,649.4
Derivative exposures
4	Replacement cost associated with all derivatives transactions (ie net of eligible cash variation margin)	52.5
5	Add-on amounts for PFE associated with all derivatives transactions	—
6	Gross-up for derivatives collateral provided where deducted from the balance sheet assets pursuant to the operative accounting framework	—
7	(Deductions of receivables assets for cash variation margin provided in derivatives transactions)	—
8	(Exempted CCP leg of client-cleared trade exposures)	—
9	Adjusted effective notional amount of written credit derivatives	35.9
10	(Adjusted effective notional offsets and add-on deductions for written credit derivatives)	—
11	Total derivative exposures (sum of lines 4 to 10)	88.4
Securities financing transaction exposures
12	Gross SFT assets (with no recognition of netting), after adjusting for sale accounting transactions	—
13	(Netted amounts of cash payables and cash receivables of gross SFT assets)	—
14	CCR exposure for SFT assets	—
15	Agent transaction exposures	—
16	Total securities financing transaction exposures (sum of lines 12 to 15)	—
Other off-balance sheet exposures
17	Off-balance sheet exposure at gross notional amount	853.4
18	(Adjustments for conversion to credit equivalent amounts)	(460.0	)
19	Off-balance sheet items (sum of lines 17 and 18)	393.5
Capital and total exposures
20	Tier 1 capital	712.6
21	Total exposures (sum of lines 3, 11, 16 and 19)	11,131.2
Leverage ratio
22	Basel III leverage ratio	6.4	%

Page 12

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

5.Credit Risk Measurement, Mitigation and Reporting

5.1    Credit Risk Overview

Credit risk is inherent in our various lending and business activities. It is defined as the risk that unexpected losses arise as a result of the Bank’s borrowers or market counterparties failing to meet their obligations to repay. We focus our lending efforts on clients who are looking to establish a full range of financial services with us.

Credit risk is managed through the GCRM department, headed by the Group Chief Credit Officer, to whom overall responsibility for managing credit policy and process is delegated, including responsibility for ensuring adherence to a high level of credit standards. The Group Chief Credit Officer reports to the Chief Risk Officer.

GCRM provides a system of checks and balances for our diverse credit-related activities by establishing and monitoring all credit-related policies and practices throughout the Group and assuring their uniform application. These activities are designed to diversify credit exposure on an industry and client basis, thus lessening overall credit risk. These credit management activities also apply to our use of derivative financial instruments, including foreign exchange contracts and interest rate risk management instruments, which are primarily used to facilitate client transactions. We also use derivatives in the asset and liability management of positions to minimise significant unplanned fluctuations in earnings that are caused by interest rate volatility. Our derivative contracts principally involve over-the-counter transactions that are privately negotiated between the Bank and the counterparty to the contract. Derivative instruments that are used as part of our interest rate risk management strategy include interest rate swaps. Interest rate swaps generally involve the exchange of fixed and variable-rate interest payments between two parties, based on a common notional principal amount and maturity date.

Individual credit authority for commercial and other loans is limited to specified amounts and maturities. Credit decisions involving commitment exposure in excess of the specified individual limits are submitted to GCRM and then to the GCC, which provides a forum for ongoing executive review of loan activity, establishing our credit guidelines and policies and approving selected credit transactions in accordance with our business objectives. The committee reviews large credit exposures, establishes and reviews credit strategy and policy and approves selected credit transactions. The FIC manages counterparty risk in respect of (third party) bank counterparties which do not have commercial credit relationships within the Group and also approves country exposure limits.

As part of our ongoing credit granting process, internal ratings are assigned to commercial clients before credit is extended, based on an assessment of creditworthiness. At least annually, a review of all significant credit exposures is undertaken to identify, at an early stage, clients who might be facing financial difficulties. Internal BRRs are also reviewed during this process. They range from “1” for the strongest credits to “8” for the weakest credits. Above average risk loans receive special attention by both lending officers and GCRM. This approach allows management to take remedial action in an effort to deal with potential problems. The BRR reflects the overall credit risk to the Bank of the specific borrower. Individual BRRs are reviewed at least annually, allowing identification of adverse individual borrower and sector trends.

An integral part of the GCRM function is to formally review past due and potential problem loans to determine which credits, if any, need to be placed on non-accrual status or charged off. The allowance for loan losses is reviewed monthly to determine the amount necessary to maintain an adequate provision for credit losses.

Another way credit risk is managed is by requiring collateral. Management’s assessment of the borrower’s creditworthiness determines whether collateral is obtained. The amount and type of collateral held varies but may include deposits held in financial institutions, mutual funds, U.S. Treasury securities, other marketable securities, income-producing commercial properties, accounts receivable, residential real estate, property, plant and equipment, and inventory. Values of variable collateral are monitored on a regular basis to ensure that they are maintained at an appropriate level.

5.2    Credit Risk - Retail and Private Banking

Retail and Private lending activity is split between residential mortgages, personal loans, credit cards and authorised overdrafts. Retail credit risks are managed in accordance with limits set out in the Credit Risk Policies and Guidelines approved by GCC (and ratified by the Board). The policies set out where specialist underwriting may be needed.

Page 13

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

For residential mortgages, a combination of lending policy criteria, lending guidelines and underwriting are used to make a decision on applications for credit. The primary factors considered are affordability, residential status, residential history, credit history, employment history, nature of income and LTV of the residential property. In addition, confirmation of a borrower’s identity is obtained and an assessment of the value of the collateral carried out prior to granting a credit facility. When considering applications the primary focus is placed on the willingness and ability to repay.

For other retail lending products, similar lending policy criteria are used, and each of these products has its own policy and underwriting guidelines to enable decisions on applications for credit and to manage accounts. The factors used are attuned to the lending product in question, although affordability and credit history are considered in all cases. Ongoing monitoring of all retail and private banking credit is undertaken by the business unit concerned as well as by GCRM. Reports are reviewed on a monthly basis. In the event that particular exposures show adverse features such as arrears, specialist recovery teams will work with borrowers to resolve the situation.

5.3    Credit Risk - Commercial Banking

Commercial credit risks are managed in accordance with limits and asset quality measures set out in the Credit Risk Policies and Guidelines approved by GCC (and ratified by the Board).

In respect of Commercial Banking, there is a level of delegated sanctioning authority to underwrite certain credit risks based upon an evaluation of the borrower’s experience, track record, financial strength, ability to repay, transaction structure and security characteristics. Lending decisions for large or high risk exposures are based upon a thorough credit risk analysis and the assignment of a BRR and are subject to further approval by the assigned officers in GCRM or the GCC.

Consideration is also given to risk mitigation measures which will provide the Bank with protection, such as third-party guarantees, supporting collateral and security, legal documentation and financial covenants.

Commercial portfolio asset quality monitoring is based upon a number of measures, including the monitoring of financial covenants, cash flows, pricing movements and variable collateral. In the event that particular exposures begin to show adverse features such as payment arrears, covenant breaches or business trading losses, a full risk reassessment is undertaken.

Where appropriate, a specialist recovery team will work with the borrower to resolve the situation. If this proves unsuccessful, the case will be subject to intensive monitoring and management procedures designed to maximise debt recovery.

5.4    Credit Risk - Treasury

Treasury credit risks are managed in accordance with limits, asset quality measures and criteria set out within the policy approved by the GCC and ratified by the Board. The policy also sets out powers which require higher levels of authorisation according to the size of the transaction or the nature of the associated risk. The FIC identifies, assesses, prioritises and manages our risks associated with counterparty exposure to other financial institutions, as well as country-specific exposures.

Exposures to financial institutions arise within the Bank’s investment portfolio and treasury operations. The Bank has treasury operations in all of its banking locations. Treasury exposures primarily take the form of deposits with banks and foreign exchange positions. Exposures to financial institutions in the investment portfolio can take the form of bonds, floating rate notes and or certificates of deposit.

Diversification and avoidance of concentration is emphasised. The Bank establishes limits for countries and each financial institution where there is an expected exposure. Ongoing asset quality monitoring is undertaken by Treasury and GCRM. Reports are sent to the FIC, GCC and the GRC on a monthly basis. Exception reporting takes place against a range of asset quality triggers.

Treasury uses a number of risk mitigation techniques including netting and collateralisation agreements. Other methods (such as margining and derivatives) are used periodically to mitigate the risk associated with particular transactions or group of transactions.

For its exposure to treasury credit risk, the Bank uses S&P, Fitch and Moody’s as ECAIs as permitted under Basel II for Sovereign, Financial Institutions, Asset-backed Securities, Covered Bonds and Corporate risks. With regard to Financial Institutions and Corporates, the Bank’s preference for a long-term rating is the senior unsecured rating. However, counterparty ratings and/or short-term deposit or commercial paper ratings are used if this is unavailable. For Asset-backed Securities, the issue or tranche rating is used.

Page 14

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

5.5Exposures

The following tables analyse the Bank’s regulatory credit risk exposures as at 30 June 2017. Exposures are allocated to specific standardised exposure portfolios determined by the BMA’s Revised Framework for Regulatory Capital Assessment and it is these portfolios that determine the risk weights used. These exposures include both on and off-balance sheet exposures, with the latter shown separately after credit conversion factors (“CCF”) have been applied.

Table 6: Credit Quality of Assets (CR1)

		a	b	c	d
		Gross carrying values of		Allowances / impairments	Net values (a+b-c)
	(in millions of $)	Defaulted exposures	Non-defaulted exposures
1	Loans	54.2	3,577.1	43.5	3,587.8
2	Debt securities	—	1,047.2	—	1,047.2
3	Off-balance sheet exposures	—	699.6	—	699.6
4	Total	54.2	5,323.9	43.5	5,334.6

Table 7: Analysis of Exposures

		Average Exposure	Position at
	(in millions of $)	2017	30 Jun 2017
1	Cash	54	50.7
2	Claims on Sovereigns	1,156.3	1,023.5
3	Claims on Public Sector Entities	104.2	102.2
4	Claims on Corporates	488.7	524.6
5	Claims on Banks and Securities Firms	1,616.6	1,268.8
6	Securitisations	4,036.1	4,237.9
7	Retail Loans	211.5	212.6
8	Residential Mortgages	2,322.4	2,355.0
9	Commercial Mortgages	564.1	558.2
10	Past Due Loans	48.5	50.3
11	Other Balance Sheet Exposures	256.2	253.1
12	Non-Market Related Off Balance Sheet Credit exposures	374.6	393.5
13	Market Related Off Balance Sheet Credit Exposures	79.4	88.4
14	Total	11,312.4	11,118.8

Table 8: Geographic Distribution of Exposures

	(in millions of $)	Bermuda	UK		Guernsey	Caribbean	Switzerland	Total
1	Cash	26.1	—		—	24.6	—	50.7
2	Claims on Sovereigns	577.0	13.0		361.5	71.9	—	1,023.5
3	Claims on Public Sector Entities	92.2	—		—	10.1	—	102.2
4	Claims on Corporates	383.7	—		17.9	123.0	—	524.6
5	Claims on Banks and Securities Firms	485.3	25.0		239.3	516.8	2.3	1,268.8
6	Securitisations	2,654.4	—		89.1	1,494.4	—	4,237.9
7	Retail Loans	101.6	(1.7	)	21.7	91.0	—	212.6
8	Residential Mortgages	1,142.9	—		685.8	526.3	—	2,355.0
9	Commercial Mortgages	353.1	—		16.9	188.2	—	558.2
10	Past Due Loans	39.6	—		0.8	9.9	—	50.3
11	Other Balance Sheet Exposures	159.6	10.2		20.6	61.7	1.0	253.1
12	Non-Market Related Off Balance Sheet Credit exposures	205.7	—		29.1	158.7	—	393.5
13	Market Related Off Balance Sheet Credit Exposures	72.3	—		0.9	15.3	—	88.4
14	Total	6,293.6	46.5		1,483.6	3,291.7	3.4	11,118.8

Page 15

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

Table 9: Residual Maturity Breakdown of Exposures

	(in millions of $)	Up to 12 months	1-5 years	More than 5 years	No specific maturity	Total
1	Cash	50.7	—	—	—	50.7
2	Claims on Sovereigns	992.1	8.9	22.4	—	1,023.5
3	Claims on Public Sector Entities	38.0	40.6	23.6	—	102.2
4	Claims on Corporates	245.3	193.9	85.4	—	524.6
5	Claims on Banks and Securities Firms	1,147.4	121.5	—	—	1,268.8
6	Securitisations	—	17.9	4,220.1	—	4,237.9
7	Retail Loans	110.1	78.4	24.1	—	212.6
8	Residential Mortgages	183.3	559.9	1,611.9	—	2,355.0
9	Commercial Mortgages	44.8	251.8	261.6	—	558.2
10	Past Due Loans	12.5	2.2	35.6	—	50.3
11	Other Balance Sheet Exposures	—	—	—	253.1	253.1
12	Non-Market Related Off Balance Sheet Credit exposures	393.5	—	—	—	393.5
13	Market Related Off Balance Sheet Credit Exposures	88.4	—	—	—	88.4
14	Total	3,306.0	1,275.2	6,284.5	253.1	11,118.8

The above table shows residual maturity of exposures stated on a contractual, rather than an expected basis and does not take into account the cash flows payable or receivable over the life of the exposure.

The table below details the mappings between the main ECAI used by the Bank and the credit quality steps used to determine the risk-weightings applied to rated counterparties. Where no external rating is used in the RWA calculation, the unrated credit quality step applies.

Table 10: ECAI Mapping

Credit quality step	Fitch's assessment	Moody's assessment	S&P's assessment
Step 1	AAA to AA–	Aaa to Aa3	AAA to AA–
Step 2	A+ to A–	A1 to A3	A+ to A–
Step 3	BBB+ to BBB–	Baa1 to Baa3	BBB+ to BBB–
Step 4	BB+ to BB–	Ba1 to Ba3	BB+ to BB–
Step 5	B+ to B–	B1 to B3	B+ to B–
Step 6	CCC+ and below	Caa1 and below	CCC+ and below

The tables below detail the standardised portfolio exposure pre- and post-credit risk mitigation by the credit quality steps:

Table 11: Sovereign Exposure Mapping

Credit Quality Step	Risk Weight %	Exposure Value	Exposure Value after CRM
1	0%	995.4	995.4
2	20%	22.4	22.4
3	50%	—	—
4	100%	—	—
5	100%	—	—
6	150%	5.6	5.6
Total		1,023.5	1,023.5

Table 12: Public Sector Entity Exposure Mapping

Credit Quality Step	Risk Weight %	Exposure Value	Exposure Value after CRM
1	20%	—	—
2	50%	92.2	37.0
3	100%	—	—
4	150%	10.1	1.4
Total		102.2	38.4

Page 16

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

Table 13: Corporate Exposure Mapping

Credit Quality Step	Risk Weight %	Exposure Value	Exposure Value after CRM
1	20%	183.9	—
2	50%	—	—
3	100%	240.3	220.1
4	150%	100.4	100.4
Total		524.6	320.4

Table 14: Banks and Securities Firms Exposure Mapping

Credit Quality Step	Risk Weight %	Exposure Value	Exposure Value after CRM
1	20%	653.7	653.7
2	50% / 20%	144.0	144.0
3	50% / 20%	157.9	157.9
4	100% / 50%	313.3	313.3
Total		1,268.8	1,268.8

5.6Impairment Provisions

Impairment of Financial Assets

The Bank assesses at each balance sheet date whether, as a result of one or more events that occurred after initial recognition, there is objective evidence that a financial asset or group of financial assets are impaired. Evidence of impairment may include indications that the borrower or group of borrowers are experiencing significant financial difficulty, default or delinquency in interest or principal payments or the debt being restructured to reduce the burden on the borrower.

The Bank first assesses whether objective evidence of impairment exists either individually for assets that are separately significant or collectively for assets that are not separately significant. If there is no objective evidence of impairment for an individually assessed asset it is included in a group of assets with similar risk characteristics and collectively assessed for impairment.

If there is objective evidence that an impairment loss on loans and receivables has been incurred, the amount of the loss is measured as the difference between the carrying amount of the asset(s) and the present value of expected future cash flows, discounted at the asset’s original effective interest rate, except when the sole (remaining) source of repayment for the loan is the operation or liquidation of the collateral. In these cases the current fair value of the collateral, less selling costs is used instead of discounted cash flows. The resultant allowances are deducted from the appropriate asset values in the balance sheet.

If there is objective evidence of impairment for financial assets classified as available-for-sale, the amount of impairment relating to credit losses is recognised in net income and the decrease in fair value relating to factors other than credit losses are recognised in other comprehensive income (loss).

The methodology and assumptions used for expected future cash flows are reviewed regularly by the Bank to reduce any difference between loss estimates and actual experience.

Past Due, Non-accrual and Impaired Loans

Non-accrual loans are those on which the accrual of interest is discontinued.

Commercial, Commercial real estate and Consumer loans (excluding credit card consumer loans) are placed on non-accrual status generally if:

▪ in the opinion of management, full payment of principal or interest is in doubt; or

▪ principal or interest is 90 days past due.

Residential mortgages are placed on non-accrual status immediately if:

Page 17

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

▪ in the opinion of management, full payment of principal or interest is in doubt; or

▪ when principal or interest is 90 days past due, unless the loan is well secured and any ongoing collection efforts are reasonably expected to result in repayment of all amounts due under the contractual terms of the loan.

The entire balance of an account is contractually delinquent if the minimum payment of principal or interest is not received by the specified due date. Delinquency is reported on loans that are 30 days or more past due.

Interest accrued but not collected at the date a loan is placed on non-accrual status is reversed against interest income. Interest income on non-accrual loans is recognised only to the extent it is received in cash. However, where there is doubt regarding the ultimate collectivity of the loan principal, all cash thereafter received is applied to reduce the carrying value of the loan. Loans are restored to accrual status when payments are brought current and future payments are reasonably assured.

The Bank recognises charge-offs when it determines that loans are uncollectible and this generally occurs when all commercially reasonable means of recovering the loan balance have been exhausted.

Commercial and Consumer loans are either fully or partially charged off down to the fair value of collateral securing the loans when:

▪ management judges the loan to be uncollectible;

▪ repayment is expected to be protracted beyond reasonable time frames;

▪ the asset has been classified as a loss by either the Bank’s internal loan review process or external examiners; or

▪ the customer has filed bankruptcy and the loss becomes evident owing to a lack of assets or cash flow.

The outstanding balance of Commercial and Consumer real estate secured loans and residential mortgages that are in excess of the estimated property value, less costs to sell, are charged off once there is reasonable assurance that such excess outstanding balance is not recoverable.

Credit card consumer loans that are contractually 180 days past due and other consumer loans with an outstanding balance under $100,000 that are contractually 180 days past due are written off and reported as charge-offs. Subsequent recoveries of amounts previously charged-off decrease the amount of the impairment loss recorded in the income statement. Loans subject to individual impairment assessment are subject to ongoing review to determine whether they remain impaired or are considered to be past due.

The following table shows the past due loans and allowances for impaired exposures and charges to the consolidated statement of operations for the period ended 30 June 2017. The amounts shown as delinquent represent the full amount of the loan outstanding, not just the amount that is delinquent:

Table 15: Loan Exposures

	(in millions of $)	Commercial Loans		Commercial Real Estate Loans		Consumer Loans		Residential Mortgage Loans		Total
1	Neither past due nor impaired	424.0		583.9		189.5		2,272.5		3,469.9
2	Impaired but not delinquent	0.4		2.8		—		48.1		51.3
3	Delinquent:	10.5		21.1		2.9		75.6		110.1
4	30 to 59 Days	3.0		15.3		1.6		26.8		46.6
5	60 to 89 Days	—		0.4		0.2		2.6		3.2
6	Over 90 Days	7.6		5.4		1.1		46.2		60.2
7	Total Exposures (1+2+3)	434.9		607.8		192.4		2,396.2		3,631.3
8	Allowances for credit losses	(3.4	)	(16.8	)	(0.7	)	(22.4	)	(43.5	)
9	Net Exposures (7+8)	431.5		590.9		191.7		2,373.7		3,587.8
10	Provision taken during the period	0.1		0.6		0.1		(0.6	)	0.2

Table 16: Change in stock of defaulted loans and debt securities (CR2)

	(in millions of $)	Total
1	Defaulted loans and debt securities at end of the previous reporting period	48.5
2	Loans and debt securities that have defaulted since the last reporting period	15.4
3	Returned to non-defaulted status	7.0
4	Amounts written off	1.8
5	Other changes	(0.9	)
6	Defaulted loans and debt securities at end of the reporting period (1+2-3-4±5)	54.2

Page 18

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

Further details of the Bank’s non-accrual and delinquent loans can be found in Note 6 of the Bank’s June 2017 consolidated financial statements.

Allowance for Credit Losses

The Bank maintains an allowance for credit losses, which in management’s opinion is adequate to absorb all estimated credit related losses in its lending and off-balance sheet credit-related arrangements at the balance sheet date. The allowance for credit losses consists of specific allowances and a general allowance, each of which is reviewed on a regular basis. The allowance for credit losses is included as a reduction of the related asset category. Allowances for credit losses are reviewed and approved by the Provisions and Impairments Committee.

Specific Allowances

Specific allowances are determined on an exposure by exposure basis and reflect the associated estimated credit loss. The specific allowance for credit loss is computed as the difference between the recorded investment in the loan and present value of expected future cash flows from the loan. The effective rate of return on the loan is used for discounting the cash flows. However, when foreclosure of a collateral-dependent loan is probable, the Bank measures impairment based on the fair value of the collateral. The Bank considers estimated costs to sell, on a discounted basis, in the measurement of impairment if those costs are expected to reduce the cash flows available to repay or otherwise satisfy the loan. If the measurement of an impaired loan is less than the recorded investment in the loan, then the Bank recognises impairment by creating a specific allowance with a corresponding charge to provision for credit losses.

General Allowance

The allowance for credit losses attributed to the remaining portfolio is established through a process that estimates the probable loss inherent in the portfolio based upon various analyses. These analyses consider historical default rates and loss severities, internal risk ratings, and geographic, industry, and other environmental factors. Management also considers overall portfolio indicators including trends in internally risk rated exposures, cash-basis loans, historical and forecasted write-offs, and a review of industry, geographic and portfolio concentrations, including current developments within those segments. In addition, management considers the current business strategy and credit process, including limit setting and compliance, credit approvals, loan underwriting criteria and loan workout procedures.

Each portfolio of smaller balance, homogeneous loans, including consumer instalment, revolving credit, and most other consumer loans, is collectively evaluated for impairment. The allowance for credit losses attributed to these loans is established via a process that estimates the probable losses inherent and incurred in the portfolio, based upon various analyses. Management considers overall portfolio indicators including historical credit losses; delinquent (defined as loans that are more than 30 days past due), non-performing, and classified loans; trends in volumes and terms of loans; an evaluation of overall credit quality; the credit process, including lending policies and procedures; and economic, geographical, product, and other environmental factors.

The following table summarizes the movement in the allowance for credit losses for the period to 30 June 2017:

Table 17: Loan Allowances

	(in millions of $)	Specific Allowance		General Allowance		Total
1	Balance at 31 December 2016	11.7		32.5		44.2
2	Provision taken during the period	1.1		(0.9	)	0.2
3	Recoveries	0.2		0.5		0.7
4	Charge-offs	(1.6	)	(0.1	)	(1.7	)
5	Other	—		0.1		0.1
6	Balance at 30 June 2017	11.4		32.1		43.5

5.7Credit Risk Concentrations

Concentration Risk is defined as: any single exposure or group of exposures with the potential to produce losses large enough (relative to the Bank’s capital, total assets or overall risk level) to threaten the Bank’s health or ability to maintain core operations.

Page 19

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

The management of concentration risk is addressed in the first instance by the Group’s large exposure policy and related credit guidelines, which require that credit facilities to entities that are affiliated through common ownership or management are aggregated for adjudication and reporting purposes. The policy also defines what constitutes a large exposure and the related reporting requirements. The GCRM function also undertakes monitoring and assessment of our exposure to concentration risk, reporting the results of these analyses to the GCC, the GRC and RPC.

The factors taken into consideration when assessing concentration risk are as follows:

▪ single or linked counterparty;

▪ industry or economic sector (e.g. hospitality, property development, commercial office building investment);

▪ geographic region;

▪ product type;

▪ collateral type;

▪ maturity date (whether of the facility or of interest rate fixes).

5.7.1 Counterparty Concentration is the risk associated with assuming a high level of exposure to a single counterparty, the failure of which could have an adverse impact on the Bank.

Large exposures are reviewed quarterly by the GRC and RPC for the loan portfolio and the treasury / investment portfolios. GCRM and Treasury work closely together on daily treasury positions and exceptions.

All large exposures and concentrations in the portfolio are reviewed and agreed by the FIC on a quarterly basis and are reported to the Board as a part of this process. The review of large exposures considers:

▪ Facility total;

▪ Any link with other facilities;

▪ Total linked facility being within guidelines;

▪ BRR;

▪ Security value on the facility;

▪ LTV percentage against minimum security covenants.

5.7.2 Industry Concentration encompasses the scenario that a risk factor inherent within an industry is tied to an entire portfolio of accounts or investments; e.g. a portfolio made up of a large number of small individual loans where all the counterparties are steel producers. Due to the nature of the Group’s client base, industry exposure in this traditional sense is not a relevant risk. It is recognised that our exposure to the property, insurance and fund sectors could be classified as an industry concentration, and our exposure to the property sectors in Bermuda, Guernsey and the UK are more properly addressed through the concentration risk factors described below.

5.7.3Geographic Concentration of the book is monitored as follows:

▪ Reports are generated which provide details of all the property loan exposure of the Bank. Through this, loans are subdivided into regional exposure.

▪ From this, the percentage breakdown per region of the Bank’s property exposure is analysed and reported to the GRC and RPC. Assessment of the exposure allows the committees to decide whether the Bank should decline further lending in any area in which it is becoming over-weighted.

The geographic distribution of loans by origination is presented in Section 5.5 above.

5.7.4 Product Concentration is defined in the context of credit risk, as an over-weighting in the portfolio to a given product type, making the Bank vulnerable to the impact of a variety of external factors that could either reduce demand for the product itself or lead to an increase in the level of default rates experienced.

Butterfield operates as a full service bank in Bermuda and Cayman and aims to satisfy the requirements of its customers in these communities through the range of products and services it offers. Accordingly, there is no dependence or concentration on a single product in these markets outside of the residential mortgage portfolios which comprise 66.0% of the Group’s loan book; in Bermuda residential mortgage lending makes up 60.7% of the Bermuda loan book, and loans for many purposes (education, business support, family requirements) are made in the form of residential mortgages.

Page 20

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

Product category analysis confirms that the total lending portfolio is concentrated in the property market; this has been addressed in stress testing performed.

5.7.5 Collateral Concentration considers whether the Bank’s loan book is secured by a limited number of collateral types. An example of this would be when a large value of loans to a diversified group of borrowers is all secured by shares in the same company or by the shares of various companies within the same industry sector. Any decline in the value of these shares or in the performance of the sector as a whole could have an adverse impact on the Bank’s security position across all affected borrowers.

The most obvious and relevant example of collateral concentration is the Bank’s exposure to real estate property values. Ignoring cash-backed facilities, the largest collateral concentrations within the portfolio are to residential and commercial property. The greatest risk with collateral concentration is that the value of the security could be severely reduced. To simulate this, the Bank’s stress testing process incorporates a scenario in which all real estate collateral is devalued by factors as high as 30%.

5.7.6 Maturity concentration has been classified as the concentration of loans that are either: 

▪ Maturing at any similar time, leading to a sudden fall in the value of the portfolio and the income that this generates; or

▪ Have fixed interest rates that are approaching maturity at similar times, potentially impacting the repayment obligations on the borrowers (if rates have subsequently risen) and therefore the risk of default in the affected portfolio.

5.8Credit Risk Mitigation (“CRM”)

The Bank uses a wide range of techniques to reduce credit risk of its lending. The most basic of these is performing an assessment of the ability of a borrower to service the proposed level of borrowing without distress. However, the risk can be further mitigated by obtaining security for the funds advanced.

The following tables reflect the split between the Banks’ secured and unsecured exposures as well the effects of the CRM techniques utilised.

Table 18: CRM Techniques - overview (CR3)

		a	b	c	d	e	f	g
		Exposures unsecured: carrying amount	Exposures secured by collateral	Exposures secured by collateral, of which: secured amount	Exposures secured by financial guarantees	Exposures secured by financial guarantees, of which: secured amount	Exposures secured by credit derivatives	Exposures secured by credit derivatives, of which: secured amount
1	Loans	118.6	3,469.2	3,469.2	—	—	—	—
2	Debt securities	1,047.2	—	—	—	—	—	—
3	Total	1,165.8	3,469.2	3,469.2	—	—	—	—
4	Of which defaulted	0.1	54.1	54.1	—	—	—	—

Table 19: Standardised Approach - Credit Risk Exposure and CRM Effects (CR4)

		a	b	c	d	e	f
		Exposures before CCF and CRM		Exposures post-CCF and CRM		RWA and RWA Density
		On-balance sheet amount	Off-balance sheet amount	On-balance sheet amount	Off-balance sheet amount	RWA	RWA Density
1	Cash	50.7	—	50.7	—	0.8	1.5	%
2	Claims on Sovereigns	1,023.5	—	1,023.5	—	12.9	1.3	%
3	Claims on Public Sector Entities	102.2	—	38.4	—	20.6	53.6	%
4	Claims on Corporates	524.6	—	320.4	—	370.6	115.7	%
5	Claims on Banks and Securities Firms	1,268.8	—	1,268.8	—	434.5	34.2	%
6	Securitisations	4,237.9	—	2,787.7	—	557.8	20.0	%
7	Retail Loans	212.6	—	173.0	—	139.4	80.6	%
8	Residential Mortgages	2,355.0	—	2,168.8	—	849.2	39.2	%
9	Commercial Mortgages	558.2	—	558.2	—	558.2	100.0	%
10	Past Due Loans	50.3	—	50.3	—	75.4	150.0	%
11	Other Balance Sheet Exposures	253.1	—	253.1	—	254.2	100.4	%
12	Non-Market Related Off Balance Sheet Credit exposures	—	853.4	—	393.5	213.4	54.2	%
13	Market Related Off Balance Sheet Credit Exposures	—	88.4	—	88.4	54.0	61.1	%
14	Total Standardised Approach	10,637.0	941.8	8,692.9	481.9	3,541.0	38.6	%

Page 21

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

Table 20: Standardised Approach - exposures by asset classes and risk weights (CR5)

		a	b	c	d	e	f	g	h
	Risk Weight Asset Classes	0%	20%	35%	50%	75%	100%	150%	Total credit exposures amount (post CCF and post-CRM)
1	Cash	46.8	3.9	—	—	—	—	—	50.7
2	Claims on Sovereigns	995.4	22.4	—	—	—	—	5.6	1,023.5
3	Claims on Public Sector Entities	—	—	—	37.0	—	—	1.4	38.4
4	Claims on Corporates	—	—	—	—	—	220.1	100.4	320.4
5	Claims on Banks and Securities Firms	—	673.9	—	590.4	—	4.6	—	1,268.8
6	Securitisations	—	2,787.0	—	0.7	—	—	—	2,787.7
7	Retail Loans	—	—	—	—	134.5	38.5	—	173.0
8	Residential Mortgages	—	—	1,942.6	1.4	224.7	—	—	2,168.8
9	Commercial Mortgages	—	—	—	—	—	558.2	—	558.2
10	Past Due Loans	—	—	—	—	—	—	50.3	50.3
11	Other Balance Sheet Exposures	—	—	—	—	—	251.0	2.1	253.1
12	Non-Market Related Off Balance Sheet Credit exposures	56.0	106.1	5.1	71.1	1.6	153.6	—	393.5
13	Market Related Off Balance Sheet Credit Exposures	—	27.6	—	24.0	—	36.8	—	88.4
14	Total Standardised Approach	1,098.1	3,620.9	1,947.7	724.7	360.9	1,262.7	159.8	9,174.8

Residential mortgages

Residential property is the Bank’s main source of collateral and means of mitigating credit risk inherent in the residential mortgage portfolio. All mortgage lending activities are supported by an appropriate form of valuation using an independent firm of valuers.

All residential property must be insured to cover property risks through a third party.

Commercial

Commercial property is the Bank’s primary source of collateral and means of mitigating credit risk inherent in its commercial portfolios. Collateral for the majority of commercial loans comprises first legal charges over freehold or long leasehold property but the following may also be taken as security:

Life insurance policies	Credit balances	Assignments
Shares	Guarantees	Equitable charges
Debentures	Chattel mortgages	Charges over residential property

For property-based lending, supporting information such as professional valuations are an important tool to help determine the suitability of the property offered as security and, in the case of investment lending, generating the cash to cover interest and principal payments.

All standard documentation is subject to in-house legal review and sign-off in order to ensure that the Bank’s legal documentation is robust and enforceable. Documentation for large advances may be specifically prepared by independent solicitors.

Insurance requirements are always fully considered as part of the application process and the Bank ensures that appropriate insurance is taken out to protect the property against an insurable event.

Treasury

Collateral held as security for treasury assets, including investments, is determined by the nature of the instrument. Loans, debt securities, treasury and other eligible bills are generally unsecured with the exception of asset-backed securities and similar instruments, which are secured by pools of financial assets.

The International Swaps and Derivatives Association (“ISDA”) Master Agreement is the Bank’s preferred method of documenting derivative activity. It is common in such cases for a Credit Support Annex to be executed in conjunction with the ISDA Master Agreement in order to mitigate credit risk on the derivatives portfolio. Valuations are performed, agreed with the relevant counterparties, and collateral is exchanged to bring the credit exposure within agreed tolerances.

Page 22

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

The Bank’s legal documentation with its counterparties for derivative transactions grants legal rights of set-off for those transactions. Accordingly, for credit exposure purposes, negative market values on derivatives will offset positive market values on derivatives with the same counterparty in the calculation of credit risk, subject to an absolute exposure by counterparty.

The exposure value to the counterparty is measured under the counterparty credit risk mark to market method. The exposure value is derived by adding the gross positive fair value of the contract (replacement cost) to the contracts potential future credit exposure, which is derived by applying a multiple base on the contracts residual maturity to the notional value of the contract.

The following table shows the exposures to counterparty credit risk for derivative contracts as at 30 June 2017:

Table 21: Analysis of counterparty credit risk (CCR) exposure by approach (CCR1)

		a	b	c	d	e	f
		Replacement cost	Potential Future Exposure	EEPE	Alpha used for computing regulatory EAD 1	EAD post-CRM	RWA
1	SA-CCR (for derivatives) 2	52.5	35.9		—	88.4	54.0
2	Internal Model Method (for derivatives and SFTs)			—	—	—	—
3	Simple Approach for credit risk mitigation (for SFTs)					—	—
4	Comprehensive Approach for credit risk mitigation (for SFTs)					—	—
5	VaR for SFTs					—	—
6	Total						54.0

5.9Securitisations

The Bank has not, to date, securitised assets that it has originated. The Bank’s total exposure to purchased securitisation positions as at 30 June 2017 was $4.2 billion by carrying value, with U.S. government and federal agencies accounting for the majority of this exposure.

Table 22: Securitisation exposures in the banking book (SEC1)

	(in millions of $)	Carrying Value
1	Retail	4,060.1
2	Of which residential mortgages	4,047.6
3	Of which other retail exposures	12.5
4	Wholesale	169.8
5	Of which commercial mortgages	169.8
6	Total	4,229.8

A combination of ratings published by Fitch, Moody’s and S&P are used to derive the external rating to be used under the standardised approach for securitisation exposures. In line with the BMA’s Revised Framework for Regulatory Capital Assessment, where two credit assessments by ECAIs are available, the less favourable of the two credit assessments is applied. Where more than two credit assessments are available, the two most favourable credit assessments are used and where the two most favourable assessments are different, the less favourable of the two is applied.

Page 23

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

The following table shows the aggregate amount of the bank’s purchased securitisations as at 30 June 2017 broken down by risk weighting:

Table 23: Securitisation Exposures in the Banking Book and Associated Capital Requirements - Bank Acting as Investor (SEC4)

		a	b	c	d	e	f	g	h	i	j	k	l	m	n	o	p	q
		Exposure values (by RW bands)					Exposure values (by regulatory approach)				RWA (by regulatory approach)				Capital charge after cap
		≤ 20% RW	> 20% to 50% RW	> 50% to 100% RW	> 100% to 1250% RW	1250% RW	IRB RBA (including IAA)	IRB SFA	SA / SSFA	1250%	IRB RBA (including IAA)	IRB SFA	SA / SSFA	1250%	IRB RBA (including IAA)	IRB SFA	SA / SSFA	1250%
1	Total exposures	4,237.2	0.7	—	—	—	—	—	4,237.9	—	—	—	557.8	—	—	—	44.6	—
2	Traditional securitisation	4,237.2	0.7	—	—	—	—	—	4,237.9	—	—	—	557.8	—	—	—	44.6	—
3	Of which securitisation	4,237.2	0.7	—	—	—	—	—	4,237.9	—	—	—	557.8	—	—	—	44.6	—
4	Of which retail underlying	4,067.2	—	—	—	—	—	—	4,067.2	—	—	—	523.4	—	—	—	41.9	—
5	Of which wholesale	169.9	0.7	—	—	—	—	—	170.7	—	—	—	34.4	—	—	—	2.7	—
6	Of which re-securitisation	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—
7	Of which senior	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—
8	Of which non-senior	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—
9	Synthetic securitisation	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—
10	Of which securitisation	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—
11	Of which retail underlying	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—
12	Of which wholesale	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—
13	Of which re-securitisation	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—
14	Of which senior	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—
15	Of which non-senior	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—	—

Page 24

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

6.Market and Liquidity Risk

6.1Market Risk Overview

Market risk is the risk of a loss in earnings or decrease in value of the Group’s balance sheet due to adverse movements in market factors such as interest rates, foreign exchange rates, credit spreads and equity prices.

Market risk exposures are generally calculated and monitored independently of each other. All market risks are monitored closely and regularly reported to GALCO by the Group Market Risk function, within the Risk Management group.

6.2Interest Rate Risk

Interest rate risk is our exposure to movements in interest rates. Such risk is a normal part of banking and exposure to it can be an important source of profitability and shareholder value. However, where risk is excessive, the threat to earnings and capital can be significant. Changes in interest rates affect earnings by changing net income as well as the level of other interest-sensitive income and expenses. Such changes also affect underlying value of assets, liabilities and off balance-sheet instruments, and hence the economic value of the Bank, since the present value of future cash flows changes as interest rates shift. With respect to investments, this risk only arises in the banking book, as the Bank does not run a trading book.

According to the BMA “an institution’s trading book consists of positions in financial instrument and commodities held either with the intention of trading or in order to hedge other elements of the banking book. Positions not assigned to the trading book fall into the banking book.” Further, “each licensed institution must agree a trading book policy statement with the Authority. This includes the case of institutions seeking exemption from the detailed market risk calculation since exemption is dependent on receipt by the Authority of such a statement.” As such, the Bank has submitted a policy statement to the BMA which declares the activities of the Group as non-trading.

The principal objective of our interest rate risk management is to maximise profit potential while minimising exposure to changes in interest rates. Our actions in this regard are taken under the guidance of GALCO. The committee is actively involved in formulating the economic assumptions that we use in our financial planning and budgeting processes and establishes policies which control and monitor the sources, uses and pricing of funds. From time to time, we utilise hedging techniques to reduce interest rate risk. GALCO uses interest income simulation and economic value of equity analysis to measure inherent risk in our balance sheet at specific points in time.

Appetite for interest rate risk is documented in the Bank’s policies on market risk and investments. This includes the completion of stress testing on at least a quarterly basis of the impact of an immediate and sustained shift in interest rates of +/- 200 basis points on Net Interest Income, Economic Value of Equity and the ratio between Tangible Total Equity and Average Tangible Assets.

If any of the parameters established by policy are exceeded, GALCO will provide a plan to executive management to bring the exposure back within tolerance under advice to the Board. The plan does not have to bring the exposure back within limit immediately, but must adjust the exposure within Board and Management approved timeframes.

Additional details are given in the Risk Management Report in the Bank’s Annual Report for the year ended 31 December 2016.

6.3Foreign Exchange Risk

The Bank holds various non-Bermuda Dollar (“BMD”) denominated assets and liabilities and maintains investments in subsidiaries whose domestic currency is either not the BMD or their domestic currency is not pegged to the U.S. Dollar (“USD”). The domestic currencies of Bermuda, the Cayman Islands and The Bahamas are all pegged to the USD; although that does not mean that will always remain the case. Assets and liabilities denominated in currencies other than BMD or USD are translated to BMD at the rates of exchange prevailing at the balance sheet date. The resulting gains or losses are included in foreign exchange revenue in the consolidated statement of operations. Assets and liabilities of subsidiaries outside of Bermuda are translated at the rate of exchange prevailing on the balance sheet date while associated revenues and expenses are translated to BMD at the average rate of exchange prevailing through the accounting period. Unrealised translation gains or losses on investments in foreign currency based subsidiaries are recorded as a separate component of shareholders’ equity within accumulated other comprehensive loss. Such gains or losses are recorded in the consolidated statement of operations only when realised. Our foreign currency subsidiaries which may give rise to significant foreign currency translation movements against the BMD are located in Guernsey and the United Kingdom. We also provide foreign exchange services to our clients, principally in connection with our community banking and wealth management businesses, and effect other transactions in non-BMD currencies. Foreign currency volatility and fluctuations in exchange rates may impact the value of non-BMD denominated assets and liabilities and raise the potential for losses resulting from foreign currency trading positions where aggregate obligations to purchase and sell a currency other than BMD or USD do not offset one another, or offset each other in different time

Page 25

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

periods. If the policies and procedures we have in place to assess and mitigate potential impacts of foreign exchange volatility are not followed, or are not effective to mitigate such risks, our results and earnings may be negatively affected.

The Bank maintains a clearly articulated foreign exchange risk exposure tolerance framework which limits exposures to select currencies. A full definition of the tolerance framework is contained in the Bank’s Market Risk Management Policy and its associated standards.

Note 13 of the Consolidated Financial Statements as at 30 June 2017 provides details of the Bank’s foreign exchange and other derivative instruments as at that date.

6.4    Liquidity Risk

The objectives of liquidity risk management are to ensure that the Group can meet its cash flow requirements and capitalise on business opportunities on a timely and cost effective basis. Liquidity is defined as the ability to hold and/or generate cash adequate to meet our needs for day-to-day operations and material long and short-term commitments. Liquidity risk is the risk of potential loss if the Bank were unable to meet its funding requirements at a reasonable cost.

We monitor and manage our liquidity on a group-wide basis. The treasury functions in the Group’s banking operations, located in Bermuda, Cayman Islands, Guernsey, and the United Kingdom, manage day-to-day liquidity. The Group Market Risk function has the responsibility for measuring and reporting to senior management on liquidity risk positions. We manage our liquidity based on demand, commitments, specific events and uncertainties to meet current and future financial obligations of a short-term nature. Our objective in managing liquidity is to respond to the needs of depositors and borrowers as well as to earnings enhancement opportunities in a changing marketplace. Management is responsible for establishing and monitoring liquidity targets as well as strategies to meet these targets. The Bank adopts a cautious liquidity risk appetite with internal quantitative liquidity risk tolerances more stringent than regulatory requirements. Specifically the Group manages liquidity against internal limits established by the Market Risk Management Policy and its related Liquidity Risk Standard and quarterly stress testing methodology.

We maintain a balance sheet with loans representing 33.6% of total assets as at 30 June 2017. Further, at that date there were significant sources of liquidity within our balance sheet in the form of cash and cash equivalents, short-term investments and investments amounting to $6.8 billion, or 63.3%, of total assets.

An important element of our liquidity management is our liquidity contingency plan which can be employed in the event of a liquidity crisis. The objective of the liquidity contingency plan is to ensure that we maintain our liquidity during periods of stress. This plan takes into consideration a variety of scenarios that could challenge our liquidity. These scenarios include specific and systemic events that can impact our on-and off-balance sheet sources and uses of liquidity. This plan is reviewed and updated at least annually.

There is no central bank in Bermuda and thus we have no ‘lender of last resort’, and neither do we have committed standby facilities in our favour. We do have access to funding from the inter-bank market on an uncommitted basis and also have put in place formalised but uncommitted repurchase and collateralised facilities with counterparties which enable us to access funding on a secured basis. However, in a financial crisis, our access to some of these liquidity sources may be restricted or we may not be able to access them at all. Another source of liquidity for us is the ability to draw funding from capital markets globally. The availability and cost of these funds are influenced, in part, by our credit rating; as a result, a downgrade in our credit ratings could have an adverse impact on our liquidity funding and the cost thereof. Similarly, a downgrade in Bermuda’s sovereign credit rating could also adversely affect our ability to access liquidity.

Page 26

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

7.Operational Risk

In providing our services, we are exposed to operational risk. This is the risk of loss from inadequate or failed internal processes and systems, actions or inactions of people, or from external events.

The Bank views the management of operational risk as integral to its objective of creating and maintaining shareholder value. Risk management requires the consideration of the risk/reward relationship in both the management of existing activities and the execution of all new business strategies. Our success is also dependent, in part, upon maintaining our reputation as a well-managed institution with shareholders, existing and prospective clients, creditors, and regulators. In order to maintain this reputation, we seek to minimise the frequency and severity of operational losses associated with compliance and fiduciary matters, product, process, technology failures, and business continuity.

Operational risk is mitigated through effective internal controls embedded in our business activities and our risk management practices, which are designed to continuously re-assess the effectiveness of these controls in order to keep the risk we assume at levels appropriate to our risk appetite as approved by the Board. Our overall approach is based on the following four guiding principles:

▪ Assessing risks is a day-to-day business activity that is the concern of every employee;

▪ Decisions are based on an assessment of all relevant operational risks;

▪ Risk decisions shall be made at the appropriate level based on clear lines of responsibility and delegated authority; and

▪ Unnecessary risks shall be avoided.

Data on operational losses and any significant control failures incurred are captured through an incident reporting process. These events are reported to both the GRC and RPC, which assess the sufficiency of the corrective actions taken by management to prevent recurrence. Both committees also receive regular reporting on actual performance against established risk tolerance metrics.

For the purposes of calculating its operational risk capital requirements, the Bank has adopted the Standardised Approach as set out in the Basel Capital Accord. Under this, gross income is regarded as a proxy for the operational risk exposure within each business line and the capital charge for operational risk is calculated based on gross losses over the preceding three years.

Page 27

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

8.Other Information

8.1Abbreviations

The following abbreviated terms are used throughout the document:

AT1 Additional Tier 1 capital

BCBS Basel Committee on Banking Supervision

BMA Bermuda Monetary Authority

BRR Borrower Risk Ratings

CARP Capital Assessment and Risk Profile

CCF Credit Conversion Factor

CCR Counterparty Credit Risk

CET1 Common Equity Tier 1 capital

D-SIB Domestic Systemically Important Bank

ECAIs External Credit Assessment Institutions

FIC Financial Institutions Committee

GALCO Group Asset and Liability Committee

GCC Group Credit Committee

GCRM Group Credit Risk Management

GRC Group Risk Committee

ISDA International Swaps and Derivatives Association

LTV Loan-to-Value

RPC Risk Policy and Compliance Committee

RWA Risk-weighted Assets

S&P Standard and Poor’s rating agency

SAP Supervisory Assessment Process

Page 28

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

8.2Cautionary statements regarding forward-looking statements

These Capital and Risk Management Pillar 3 Disclosures as at 30 June 2017 contain certain forward-looking statements. Forward-looking statements are neither historical facts nor assurances of future performance. Instead, they are based on our current beliefs, expectations or assumptions regarding the future of our business, future plans and strategies, our operational results and other future conditions. Forward-looking statements can be identified by words such as "anticipate," "believe," "estimate," "expect," "intend," "may," "plan," "predict," "project," "seek," "target," "potential," "will," "would," "could," "should," "continue," "contemplate" and other similar expressions, although not all forward-looking statements contain these identifying words. These forward-looking statements include all matters that are not historical facts. They appear in a number of places throughout this annual report and include statements regarding our intentions, beliefs or current expectation concerning, among other things, our results of operations, financial condition, capital and liquidity requirements, prospects, growth, strategies and the industry in which we operate.

There are important factors that could cause actual results to differ materially from those contemplated by such forward-looking statements. By their nature, forward-looking statements involve risks and uncertainties because they relate to events and depend on circumstances that may or may not occur in the future. We believe that these risks and uncertainties include, but are not limited to, those described in the "Risk Factors" section of Bank’s Audited Annual Report and Financial Statements, which include, but are not limited to, the following: changes in economic and market conditions; changes in market interest rates; our access to sources of liquidity and capital to address our liquidity needs; our ability to attract and retain customer deposits; our ability to effectively compete with other financial services companies and the effects of competition in the financial services industry on our business; our ability to successfully execute our business plan and implement our growth strategy; our ability to successfully manage our credit risk and the sufficiency of our allowance for credit loss; our ability to successfully develop and commercialize new or enhanced products and services; our ability to transact business in EU countries in the aftermath of Brexit; damage to our reputation from any of the factors described in this section, in "Risk Factors" and in "Management's Discussion and Analysis of Financial Condition and Results of Operations"; our reliance on appraisals and valuation techniques; our ability to attract and maintain qualified employees and key executives; our reliance on third-party vendors; our reliance on the effective implementation and use of technology; our ability to identify and address cyber-security risks; the failure or interruption of our information and communications systems; the effectiveness of our risk management and internal disclosure controls and procedures; our ability to maintain effective internal control over financial reporting; the likelihood of success in, and the impact of, litigation or regulatory actions; the complex and changing regulatory environment in which we operate, including any changing regulatory requirements and restrictions placed on us by our principal regulator, the BMA, and other regulators, as well as our ability to comply with regulatory schemes in multiple jurisdictions; and the incremental costs of operating as a public company. These factors should not be construed as exhaustive and should be read with the other cautionary statements in Bank’s Audited Annual Report and Financial Statements.

Although we base these forward-looking statements on assumptions that we believe are reasonable when made, we caution you that forward-looking statements are not guarantees of future performance and that our actual results of operations, financial condition and liquidity, and the development of the industry in which we operate may differ materially from those made in or suggested by the forward-looking statements contained in this report. In addition, even if our results of operations, financial condition and liquidity, and the development of the industry in which we operate, are consistent with the forward-looking statements contained in this report, those results or developments may not be indicative of results or developments in subsequent periods.

Given these risks and uncertainties, you are cautioned not to place undue reliance on these forward-looking statements. Any forward-looking statement that we make in this report speaks only as of the date of such statement. Except to the extent required by applicable law, we undertake no obligation to update any forward-looking statements or to publicly announce the results of any revisions to any of those statements to reflect future events or developments. Comparisons of results for current and any prior periods are not intended to express any future trends or indications of future performance, unless specifically expressed as such, and should only be viewed as historical data.

Page 29

Capital and Risk Management Pillar 3 Disclosures for the period ended 30 June 2017

The Bank of N.T. Butterfield & Son Limited

65 Front Street

Hamilton, HM 12

Bermuda

Tel: (441) 295 1111

Fax: (441) 295 3878

Investor Relations Contact:Media Relations Contacts:

Michael Schrum                    Mark Johnson

Group Chief Financial Officer                Vice President, Group Head of Communications

The Bank of N.T. Butterfield & Son Limited        The Bank of N.T. Butterfield & Son Limited

Phone: (441) 298 4758                Phone: (441) 299 1624

Fax: (441) 295 1220                Fax: (441) 295 3878

E-mail: michael.schrum@butterfieldgroup.com        E-mail: mark.johnson@butterfieldgroup.com

Page 30