BPCE_REGISTRATION_DOCUMENT_2017

RISK REPORT General structure of Groupe BPCE’S internal control system

3.1.2

Permanent and periodic control departments

Integratedpermanentand periodiccontroldepartmentshave been set up throughout Groupe BPCE. Two Permanent and Periodic Control divisions are established within the central institution, under its authority:the Group Risk, Complianceand PermanentControldivision for permanentcontrolsand the Group InspectionGénérale divisionfor periodic controls. The permanent and periodic control functions, which are located at affiliates and subsidiaries subject to banking supervision, have a strong functional link, as consolidated control departments,to BPCE’s correspondingCentral Control divisions and a hierarchical link to their entity’s executive body. This link includes approval of the appointment and dismissal of managers responsible for permanentor periodic control at affiliates and direct subsidiaries; reporting,disclosureand alert obligations;standardsimplementedby the central institutionand laid down in a body of standards;and the definitionor approvalof control plans. These links have been formally defined incharterscovering each department.

The entire system was approved by the Management Board on December 7, 2009 and presented to the Audit Committee on December 16, 2009. It was also presentedto the SupervisoryBoard of BPCE. The Risk Charter was reviewed at the beginning of 2017 and the body of standards now consists of three Group charters covering all activities: the Group’s Internal Control Charter: an umbrella charter based on ● the followingtwo separate charters: the Internal Audit Charter, - and the Risk, Compliance and Permanent Control Charter. - As mentionedabove, the system also includes the IT System Security departmentand, to a certain extent, the Human Resourcesand Legal Affairs departments.

3

3.1.3

Structure of Groupe BPCE’s internal control system

ORGANIZATION OF GROUPE BPCE’S INTERNAL CONTROL SYSTEM ➡

Supervisory Body

Responsible for the quality of the Internal Control system

Audit Committee

Risk Committee

Executive Body Executive managers

Remuneration Committee

Appointments Committee

Internal Control Coordination Committee (3CI)

Periodic control

Audit-Inspection function

Risk and Compliance Committee or Executive Risk Committee and specific committees for each type of risk

Outsourced activities

Review, ISS, BCP and SPB functions

Risk Management function

Compliance function

Level 2 permanent controls

Non-financial risks (Compliance, Operational Risk BCP, ISS)

Credit risk

Financial risks

Coordination of Permanent Controls

1 Level permanent controls

Self-checks by the operational departments under hierarchical or functional supervision

113

Registration document 2017

Made with FlippingBook - professional solution for displaying marketing and sales documents online