BPCE_REGISTRATION_DOCUMENT_2017

3 RISK REPORT

Governance and risk management system

Governance and risk management system 3.4

3.4.1

Governance of risk management

GROUPE BPCE’S RISK, COMPLIANCE AND PERMANENT CONTROL DIVISION Groupe BPCE’s Risk, Compliance and Permanent Control division (DRCCP) measures, monitors and manages risks, including non-compliance risks, pursuant to the Ministerial Order of November3, 2014 oninternalcontrol. It ensures that the risk managementsystem is efficient,completeand consistent, and that risk-taking is consistent with the guidelines for the business (particularlytargets and resources of the Group and its institutions, including the Risk Management and Compliance functions or those contributing to Level 2 permanent control). GroupeBPCE’s Head of Risk Management,Complianceand Permanent Control, Deputy Chief Executive Officer of Groupe BPCE and member of the ExecutiveManagementCommittee,has a strong functionallink with the Heads of Risk Management and Compliance of Group institutions. This strategic positioning enables risk controls to be performed objectively, as each Group entity’s operational functions are independent from its Risk and Compliance functions. It also promotes a risk management and compliance culture and the application of shared risk management standards, and ensures that managers are given independent,objective and detailed information on the Group’srisk exposuresand any possibledeteriorationin its risk profile. Groupe BPCE places a strong focus on efficient organization of risk managementacross all Group entities,which is appliedto all business lines, financing activities, customer segments, markets and regions where it operates. The governance structure is based on a series of Risk and Compliance Committees, coordinated by the DRCCP.

The Group Risk ManagementCommittee,chaired by the President of the Management Board, met six times during fiscal year 2017 to review the adequacy of Groupe BPCE’s risk supervisionmechanisms, and validated the annual reviewof theGroup’srisk policies and limits. The Committee found that credit, financial and operational risks are adequatelycovered, in line with the Group’s risk appetite framework validated by the BPCE ManagementBoard and SupervisoryBoard, as presented in the “Risk Appetite” section, and closely related to the Group strategy as described in this document. From a more global standpoint, this system covers all risks referred to in the Ministerial Order of November3, 2014 oninternal control. The Risk, Compliance and Permanent Control division regularly ensures the effective application of risk standards via its control system, in particular those concerning prudential regulations. For example, the Risk Management department is notified of any new regulation with a prudential impact and information is shared with the department inchargeof calculatingthe capital adequacy ratio. As for the nature of the risk assessment and reporting systems, the Group capitalizeson regulatoryreports and reports specific to Groupe BPCE. Moreover, the Group uses risk maps which are regularly updated. These cover risk portfolios and the different types of risks, e.g. operational risks or non-compliance risks. All this work is presented inthe Group’s committees.

142

Registration document 2017

Made with FlippingBook - professional solution for displaying marketing and sales documents online