BPCE - Risk Report - Pillar III 2020

11

NON-COMPLIANCE AND SECURITY RISKS

In accordance with the legal and regulatory requirements mentioned above, and with the professional standards and control charters governing Groupe BPCE, the functions managing compliance risk are organized as part of the internal control system of all Groupe BPCE institutions and subsidiaries as a whole. The Group Compliance division, which reports to the Groupe BPCE Corporate Secretary’s Office, performs its duties independently of the operational departments and the other Internal Control departments with which it collaborates. It Financial Security responsible for AML/CFT (anti-money • laundering and counter financing of terrorism) with BPCE’s Tracfin correspondents, the fight against corruption, compliance with embargo sanctions and internal fraud; cross-functional oversight and Coordination of Compliance • functions; The Compliance function, defined by the EBA as a “compliance verification function,” is in charge of preventing, detecting, measuring and monitoring compliance risks in order to ensure their control. The Group Compliance division carries out its duties within the framework of business line operations. It helps guide, motivate, manage and control the Heads of the Compliance function of the affiliates and subsidiaries. The Compliance Officers appointed within the different Group entities, including the Banque Populaire and Caisse d’Epargne banks and direct subsidiaries covered by the regulatory system of banking and financial supervision, are functionally subordinate to the Compliance division. compliance and permanent control of Eurotitres; • compliance and operational risks of BPCE SA. • includes the following divisions: bancassurance compliance; • off-balance Sheet D&S Ethics compliance; •

The Group Compliance division conducts any necessary initiatives to strengthen the compliance of products, services and marketing processes, customer protection, compliance with rules of ethics, the fight against market abuse, monitoring of operations and compliance with sanctions and embargoes. It monitors compliance risks throughout the Group. As such, it builds and revises the standards proposed for the governance of Groupe BPCE, shares best practices and coordinates working groups consisting of departmental representatives. The dissemination of a compliance culture and consideration of the legitimate interests of customers is also reflected in the training of employees in the sector and the awareness-raising of collaborates and validates the content for the training • materials used for the Compliance function in coordination with the Group Human Resources division and the Risk Governance department of the Risk division, which coordinates the annual work schedule for the Risk and Compliance functions; helps train Compliance staff, mainly through specialized annual • seminars (financial security, compliance, ethics, coordination of permanent compliance controls, etc.); coordinates the training of Directors or Heads of Compliance • through a dedicated system in conjunction with the Risk culture and Compliance division of the Risk division; coordinates and checks the Compliance function of the Group • institutions, notably by holding national compliance days, and via a system of permanent controls coordinated at Group level; draws on the expertise of the Compliance functions of Group • institutions via theme-based working groups, in particular to develop and implement compliance standards. Moreover, BPCE’s corporate compliance as well as the compliance of the Financial Solutions & Expertise division and other subsidiaries reporting to BPCE, including BPCE International, have also been handled and overseen by the Group Compliance division since the beginning of 2020. other departments, including RB&I and 89C3. Accordingly, the Group Compliance division:

214

RISK REPORT PILLAR III 2020 | GROUPE BPCE

www.groupebpce.com