BPCE_REGISTRATION_DOCUMENT_2017

RISK REPORT Governance and risk management system

This primarily concerns the relationship with the European Central Bank and the Joint Supervisory Team in charge of the continuous supervisionof GroupeBPCE, as well as the ACPR and the other French supervisory (AMF) or regulatory authorities (Banque de France, Trésor), and foreign authorities (e.g. US Federal Reserve). The team attends all supervisory meetings within the Risk and Compliance scope. It also follows up on the primary on-site audits conducted by the supervisory bodies and the resulting recommendations. Finally, it coordinates all ad hoc or one-time requests received from the ECB or ACPR by the central institution. For coordination purposes, the DRCCP relies on a half-yearly report drawn up by the institutions, aimed at ensuring that the various components of the local systems are properly implemented and operate under satisfactory conditions, particularly with respect to banking regulations and Group Charters. The findings of this report improve operational efficiency and optimize best practices throughoutGroupeBPCE. Activities specifically focused on the Lagarde Report are being monitored inconjunction with the Group’s institutions. Activities in 2017 In 2017, the DRCCP carried out several projectsthat strengthenedthe Risk and Complianceoversight and coordinationsystem, including in particular: annually reviewing the Group risk appetite system and its ● interactionwith the single risk mapping system, and implementing Article 98 of the MinisterialOrder of November 3, 2014 on internal control. The risk appetite system is reviewedon a quarterlybasis to ensure it remains consistent with the Group system; enhancing the function’s regulatory briefings and half-yearly ● reports submittedby the DRCCP to the directors and Heads of Risk Management for the Banque Populaire banks, Caisses d’Epargne and subsidiaries; performing an enhanced analysis of the half-yearly summaries ● preparedby all ExecutiveRisk Committeesof Banque Populaireand Caisse d’Epargne network institutions, for the purpose of sharing best practices and detecting potential areas of risk, for discussion when visiting the institutions; improving coordination and oversight during the preparation of ● regulatory reports (Lagarde Report, Ministerial Order of November 3, 2014 on internal control, Management Board’s quarterlyreport tothe Supervisory Board,etc.); preparing a summary of all reports issued by the Group Inspection ● Générale divisionor by the supervisoryand control authorities,used to identify trends and shared with the entire function during Risk Management and Compliance days; contributingto Group institution risk assessments; ● makingthe rounds of virtuallyall Group institutionsover the course ● of the year; acclimating new Heads of Risk Management and Compliance by ● putting them throughspecialtraining courses;

organizing regional platforms to exchange best practices and ● address collective efficiency issues concerning the risk and compliance functions; defining a standard format, derived from best practices, for the ● Executive Risk Management Committee; defining benchmark standards applicable to all Risk, Compliance ● and Permanent Control division employees. RISK MANAGEMENT AND COMPLIANCE CULTURE Strict risk managementis included in the principles of BPCE, which has always placed a risk managementand control culture at the top of its priorities. To contribute to the expansion of the Group’s activities, in accordance with its risk appetite, BPCE has decided to allocate additionalresourcesto promotingand strengtheningthe risk and compliance culture at all levels. To this end, the Governanceand Coordinationdepartment’sRisk and Compliance Culture division is tasked with: developing risk and compliance training and awareness programs, ● at all Group levels; overseeing macro-level risk mapping for the institutions and ● BPCE SA group; assisting the institutions with changes pertaining to risk and ● compliance in their operations (sharing best practices, new procedures, structures,etc.); including the risk and compliance culture in human resources ● managementprocesses, such as employee career managementand mobility; coordinatingthe preparationof the risk and compliancesections of ● the Groupe BPCE registration document and Pillar III Report – for the DRCCP; coordinating the Group credit function; ● providing the benefit of its risk expertise to the Sales functions ● throughits participationin the New ProductsCommittee. Launch of macro-level risk mapping at Group institutions Macro-level mapping of the risks incurred by Group institutions complies with regulations,and specificallywith the MinisterialOrder of November 3, 2014 on internal control which stipulates, in Articles 100,101 and 102, the requirementof a “risk mapping system that identifies and assess risks incurred due to internal and external factors”. The Group meets this obligation with its “macro-level risk mapping” system. The aim of this system is to secure the operations of its institutions and support their long-term financial profitability and growth. By identifying and rating its risks, each Group institution establishes its own risk profile and priority risks. This risk-basedapproach,based on the rating of the risk management system, lays the groundwork for the implementationand follow-up of targeted action plans. Activities in 2017

3

145

Registration document 2017

Made with FlippingBook - professional solution for displaying marketing and sales documents online