AFD - 2018 Registration document

4

RISK MANAGEMENT

Risk management

4.3.6 Other operational risks 4.3.6.1 Risk related to the settlement process AFD has established a number of measures to tighten up the organisation and control of settlements: P procedures which describe and formalise the processing of settlements; P training and awareness-raising initiatives, primarily on the risks of fraud, for staff involved in settlement processing and checks. In terms of anti-money laundering measures, AFD uses commercial software that provides an automated system to cross-check settlement records against a list of persons and entities that require extra vigilance. 4.3.6.2 Legal risks The Legal department is responsible for managing the Group’s legal risks. It covers all legal areas (except for Human Resources and Taxes). The Legal department provides legal support: P in financing, guarantee and equity investment operations at all stages of the project cycle, including restructuring projects and disputes; P in cross-disciplinary matters (Group risk prevention, international government agreements, relationships with other sponsors, guarantee funds, partnerships, relationships with subsidiaries and companies in which AFD holds shares, and legal knowledge creation); P in institutional matters (bylaws, governance, relationships with the government and supervisory bodies, legislative and regulatory development, agreements for various services); P pre- and post-settlement checks; P in market transactions; P in criminal matters, on all subjects where AFD Group or its directors may be held liable; P by providing consulting services for all AFD entities. To AFD’s knowledge, there are no governmental, legal or arbitration proceedings, whether suspended or pending, that could have or have had a material effect on the financial situation or the profitability of AFD and/or AFD Group over the last 12 months. 4.3.6.3 Non-compliance risks According to regulations, the Compliance Department (DCO) is responsible for the prevention, detection, monitoring and management of non-compliance risk throughout AFD Group. Non-complianceriskisdefinedas“ theriskoflegal,administrative or disciplinary sanction, material financial loss or loss to P regarding banking and finance regulations;

reputation arising from failure to comply with the provisions governingbankingandfinancialactivities,whethertheybedirectly applicable legal, regulatory, national or European provisions, or whether they are professional and ethical standards or the instructions given by executive officers, particularly in light of the guidelines from the supervisory body ” (Decree of 3 November 2014, Article 10p). The DCO ensures the Group complies with (i) internal and external provisions related to preventing money laundering and terrorist financing (AML/CFT), (ii) provisions related to the fight against corruption and associated offences as well as fraud and anti-competitive practices, (iii) provisions to do with abiding by national and international trade and financial sanctions, (iv) provisions that govern the performance of banking and financing activities or (v) provisions that ensure the protection of the personal data and private lives of clients. The department is part of the Executive Risk Department (DXR). The Compliance function reports on its activities to the Internal Control Committee (Cocint) and to the New Products and New Activities committee (Coconap in its Compliance configuration), as well as the Regulatory Risk Committee. The Compliance function covers all sectors, operations, geographic areas and regulatory contexts of AFD Group. In addition to operational projects and activities, it also concerns the Group’s new activities and products, in accordance with regulations. Its ultimate aim is to ensure that non-compliance risks are appropriately evaluated in the interest of preventing and limiting the exposure of AFD Group and its management to legal and/or administrative action and to reputational risks, by supervising them should these risks arise. Non-compliance risk monitoring is ongoing and backed by a risk map. The following changes were made to the non-compliance risk mitigation system during 2018: P further measures to prevent corruption and influence peddling introduced on the back of the so-called Sapin II Act of 9 December 2016 were taken with an anti-corruption code of conduct clarifying the expected or prohibited behaviour of Group employees regarding the prevention and fight against corruption and influence peddling in performing their duties, and a company whistleblowing system which came into effect in January 2019; P an overhaul of the system for preventing and managing conflicts of interest within the Group was begun with the aim of streamlining the roles and responsibilities of all parties; P the Group began complying with the General Data Protection Regulation (GDPR), which entails mapping out personal data processing, running impact analyses on the most sensitive instances of data processing, and drawing up and adopting policies and procedures to manage and guarantee the protection of personal data.

86

www.afd.fr

REGISTRATION DOCUMENT 2018