BPCE - 2018 Registration document

NON-FINANCIAL PERFORMANCE REPORT Sustainable and responsible value creation

TRAINING ➡

2

2018

Indicator

2017

2016

Percentage of employees trained in their entity’s anti-money laundering policies and procedures (1) (based on entity reports)

79%

90%

88% (2)

Number of employees (on permanent, fixed-term, or work-study contracts) who have received anti-money laundering training in the last two years. (1) Percentage calculated based on two years of training activity and for the average number of permanent full-time staff. Excluding BPCE SA group and CFF. (2)

Prevention of corruption Corruption, which is defined as an act in which a person offers or grants an undue reward to another person in exchange for an act falling within that person’s remit, is a fraudulent and unethical behavior subject to severe criminal and administrative sanctions. Groupe BPCE denounces corruption in all forms and in all circumstances. Accordingly, it is a signatory of the United Nations Global Compact, whose tenth principle states that “Businesses should work against corruption in all its forms, including extortion and bribery.” Anti-corruption measures The Group strives to prevent corruption in order to guarantee the financial security of its activities, including in particular: by taking measures against money laundering and terrorist ● financing, measures against fraud, monitoring politically exposed persons, and complying with embargoes (see Chapter 3 of the registration document for more details); ensuring that employees observe professional rules of compliance ● and ethics by applying policies governing conflicts of interest, exchanges of gifts, benefits and invitations, confidentiality and professional secrecy. Disciplinary sanctions have been defined for any failure to respect professional rules governing the activities conducted by Group companies; exercising due diligence when making contributions to political ● campaigns or to government agents, donations, patronage and sponsorship, and lobbying; supervising relations with intermediaries and business introducers ● via groupwide standardized contracts describing the reciprocal services and obligations and contractually establishing compensation terms; mapping out exposure to corruption risks through Group activities; ● providing regulatory training on the rules of ethics in the industry ● and against corruption (e-learning course). A whistleblowing system is available to employees and included in the internal rules. Employees have a procedure in place for implementing the whistleblowing system. The Group has also defined standards and procedures governing KYC and due diligence procedures used for customer classification and supervision purposes. In the interest of organizing the internal control system, whistleblowing/detection tools and permanent control plans serve to bolster the security of this system. BPCE also has accounting policies and procedures in place in line with professional standards. The purpose of the Group’s internal control system for accounting information is to check the conditions in which such information is assessed, recorded, stored and made available, in particular by verifying the existence of the audit trail,

within the meaning of the Ministerial Order of November 3, 2014 on internal control. This control system is part of the fraud, corruption and influence-peddling prevention and detection plan. From a more general standpoint, these systems are formalized and detailed in the umbrella charter governing the organization of Group internal control and the Risk, Compliance and Permanent Control Charter. Parent company affiliates and all BPCE subsidiaries have adopted these charters. BPCE Procurement and Natixis are working to establish common rules for assessing the Group’s suppliers in terms of anti-corruption rules. Pursuant to the requirements of Article 17 of the French act of December 9, 2016 on Transparency, prevention of corruption and economic modernization (Sapin 2 Act), Natixis has also reviewed its anti-corruption policy, which is available on its website. https://www.natixis.com/natixis/upload/docs/application/pdf/2018-06/ politique_anti-corruption_natixis.pdf As a French company with over 5,000 employees, Groupe BPCE is subject to the act of March 27, 2017 on the duty of due diligence of parent companies and client companies. This act requires the Group to prepare a due diligence action plan containing measures capable of identifying and preventing risks of violating human rights and fundamental freedoms, the environment, and occupational health and safety, associated with the activities conducted by BPCE as well as its subsidiaries, sub-contractors and suppliers. The plan notably includes a risk mapping, risk assessment and mitigation measures and a whistleblowing system. The Group sees this new regulatory obligation as an opportunity to reiterate and continuously improve its existing due diligence plan. It strengthens the environmental and social risk management framework implemented by the Group on a voluntary basis. Parent company and client company due diligence obligations Oversight and governance of the due diligence action plan In view of the issues covered by the due diligence action plan (human rights, health and safety and the environment), its scope (the company’s own activities and the practices of its suppliers and sub-contractors) and the processes required, a number of divisions were involved in drafting the due diligence action plan. Mindful of the importance of these obligations, BPCE created a working group comprising experts from several divisions such as Sustainable Development, Risks, Compliance and Permanent Control, Human Resources, Procurement, and Legal, alongside representatives of Natixis, a BPCE subsidiary also subject to the law on the corporate duty of due diligence.

89

Registration document 2018