BPCE - 2018 Registration document

RISK REPORT Non-compliance, security and operational risks

The impact of non-compliance risk was measured with the Group’s operational risk teams, with the aid of OSIRISK, covering the risk management systems established by the institutions aimed at reducing gross risk levels. PRODUCT GOVERNANCE AND SUPERVISION All new products and services, regardless of their distribution channels, as well as sales materials that fall within the Compliance function’s remit, are reviewed by Compliance beforehand. The purpose of this review is to ensure that applicable regulatory requirements are met and that targeted customers – and the public at large – receive clear and fair information. Product supervision is carefully conducted over the entire product life cycle. Compliance also coordinates the approval of national sales challenges, ensures that conflicts of interest are managed properly and guarantees that customer interests always come first. Compliance is careful to ensure that sales procedures, processes and policies guarantee that the rules of compliance and ethics are observed at all times for all customer segments, and in particular that the advice given to customers is appropriate to their needs. CUSTOMER PROTECTION The Group’s reputation and the trust of its customers grow stronger when the products and services it sells comply with regulations and the information it supplies is reliable. To maintain this trust, the Compliance division makes customer protection a top priority. To that end, Group employees regularly receive training on customer protection issues to maintain the required level of customer service quality. These training sessions are aimed first and foremost at promoting awareness of compliance and customer protection among new hires and/or sales team employees. Additionally, ethics and compliance training, entitled “Fundamentals of professional ethics”, has been set up for all Group employees. The new Markets in Financial Instruments Directive (MiFID 2) and PRIIPS Regulation (Packaged Retail Investment and Insurance-based Products), both of which are subject to careful consideration by Groupe BPCE, are specifically designed to strengthen market transparency and investor protection. They have an impact on the Group in its role as a distributor of financial instruments by enhancing the quality of the customer experience in terms of financial savings and Insurance products: adjustments to customer and KYC data collection (customer profile, ● characteristics of customer plans in terms of objectives, risks and investment horizons), but also an updated questionnaire on each customer’s financial investment knowledge and experience to ensure that suitable advisory services are provided;

adaptation of offers associated with the financial services and ● products sold; formalization of customer advice (suitability report) and the ● customer’s acceptance of said advice (issuance of customer alerts where necessary); organization of relations between the Group’s manufacturers and ● distributors; inclusion of provisions related to the transparency of fees and ● charges at the required level of detail; production of value-added reports for customers and recording of ● conversations for customer relations and advisory purposes; disclosure of transaction reports to regulators and the market, ● best-execution and best-selection requirements; participation in the development of employee training and the ● change management program related to these new provisions. implementation of the Payment Accounts Directive, incorporating ● standard terminology and definitions in advertising, precontractual and contractual documentation, and organizing initiatives to define the new annual fee statement; overhaul of the Level 2 oversight system covering critical or ● essential services, in connection with the European Banking Authority’s draft guidelines; strengthening of the regulatory KYC system, with the launch of an ● initiative aimed at improving the reliability of addresses for customers listed as “not living at the indicated address”, digitization and automation of onboarding due diligence reviews, implementation of anti-tax evasion obligations (second amended French Finance Act for 2017, laying down provisions in terms of Automatic Exchange of Information); review of the offer specifically targeting customers facing financial ● hardships, in accordance with the Group’s commitments to the OIB (Banking Inclusion Observatory) and standard professional practices in the industry. Special areas of focus included: the non-compliance risk management system, including a ● non-compliance risk mapping campaign in accordance with the new methodology defined in 2017 and a review of the Level 2 permanent control framework targeting compliance; utilization of customer complains in conjunction with the Customer ● Quality Management function of the Retail Banking and Insurance division. Within the scope of investment services, BPCE has adapted its sales procedures for financial savings products to incorporate the impacts of the Markets in Financial Instruments Directive and Regulation (MiFID 2), the Insurance Distribution Directive and PRIIPs. Some processes are transitional, with ongoing IT developments and a remediation plan aimed at securing these processes. Accordingly, product governance and supervision under MiFID 2 has resulted in the establishment of: ACTIVITIES IN 2018 Several regulatory projects were carried out in 2018:

6

683

Registration document 2018