BPCE - 2020 Universal Registration Document

RISK FACTORS & RISK MANAGEMENT

RISK MANAGEMENT SYSTEM

MACRO-LEVEL RISK MAPPING - GROUP INSTITUTIONS Macro-level risk mapping plays a central role in an institution’s overall risk management system. By identifying and rating its risks, each Group institution establishes its own risk profile and priority risks. This risk-based approach serves to update the risk appetite and the permanent/periodic control plans of Group institutions on a yearly basis. Action plans targeting high-priority risks are defined with the goal of reducing and/or managing risks. The results of the macro-level risk mapping process contribute to the Group’s Supervisory Review and Evaluation Process (SREP), by identifying the main risks under the risk management and prudential approach, included in the annual report on internal control, the ICAAP report and the universal registration document (risk factors section).

In 2020, a macro-level risk mapping consolidation process was completed for each network. Each institution is able to compare the results of its own macro-level risk mapping with those of its network. Action plans set up by the institutions to address their priority risks were also consolidated. The integration in 2020 of the macro-level risk mapping process in the Priscop permanent control management tool has made it possible to automate links between risks and the controls performed in the risk management system. Macro-level risk mapping was performed at Group level in 2020 by consolidating the macro-level risk maps of the parent company institutions and subsidiaries.

RISK MANAGEMENT SYSTEM

POST-RMS RISK + FORWARD-LOOKING VIEW

GROSS RISKS

Chosen risk

Accepted risk

Incurred risk

Quality, Controls, Resources

RISK IDENTIFICATION AND ASSESSMENT

Strategic business and ecosystem risks

Credit and counterparty risks

Non-financial risks

Financial risks

IDENTIFICATION – ANALYSIS – ASSESSMENT - RECOGNITION

6

Lastly, the Risk Governancedivision is responsible for approving the models and managingmodel risk and climate risk, as well as the Corporate Secretary’s Office (human resources and budget) of the Risk division.

The Risk division also conducts or coordinates cross-business risk analyses and specific stress tests on the Group’s main portfolios or activities and, if needed, for the entities. It has also developed half-year forward-looking risk analyses aimed at identifying economic risk factors (known and emerging; international, national and regional), circumstantial threats (regulations, etc.)and their potential impact on the Group. These forward-looking analyses are presented at meetings of the Group Supervisory Board Risk Committee. In addition, it performs specific analyses of counterparties, as well as risk measurements on a portfolio basis. It reviews and validates risk models developed internally. Finally, it contributes to efforts to define internal capital requirements as well as internal and external solvency stress tests aimed at measuring the Group’s sensitivity to a series of risk factors and its resilience in the event of a severe shock, by determining impacts in terms of cost of risk and RWA.

CONSOLIDATED RISK OVERSIGHT ORGANIZATION

In addition to the risk supervision conducted both individually and by type of risk, Groupe BPCE’s Risk division also performs consolidated monitoring of the Group’s risks. It produces a quarterly Group risk dashboard, which is used to monitor the risk appetite defined by the Group as well as for comprehensive monitoring of risks based on an analysis of the Group’s risk profile in each area (mapping of risk-weighted assets, credit risks and counterparty risks – by customer segment –, market risks, structural ALM risks, non-financial risks and risks related to insurance businesses). In addition to the dashboard, a monthly flash report provides the Group with a more responsive and updated overview of Group risks.

613

UNIVERSAL REGISTRATION DOCUMENT 2020 | GROUPE BPCE