BPCE - Risk Report - Pillar III 2020
3
RISK MANAGEMENT SYSTEM
INTERNAL CONTROL
Internal control 3.4
The Group control system relies on three levels of controls, in accordance with banking regulations and sound management practices (two levels of permanent controls and one level of periodic control), as well as the establishment of consolidated control processes in accordance with provisions approved by BPCE’s Management Board.
STRUCTURE OF GROUPE BPCE’S INTERNAL CONTROL SYSTEM
Supervisory Body
Responsible for the quality of the internal control system
Audit Committee Risk Committee
Executive Body Executive managers
Remuneration Committee
Appointments Committee
Internal Control Coordination Committee (3CI)
Periodic control
Audit-Inspection function
Risk and Compliance Committee or Executive Risk Committee and specific committees for each type of risk
Outsourced activities
Review, ISS, BCP and SPB functions
Risk Management function
Compliance function
Level 2 permanent controls
Non-financial risks (Compliance, Operational Risk BPC, ISS)
Credit risks
Financial risks
Coordination of Permanent Controls
Level 1 permanent controls
Self-checks by the operational departments under managerial or functional supervision
Permanent control system
LEVEL 1: PERMANENT CONTROL BY LINE MANAGEMENT
Depending on the situation and activity(ies) in question, Level 1 controls are performed, jointly if applicable, by a special-purpose Middle Office-type control unit or accounting control entity, by the operational staff themselves, or by line managers. Level 1 controls are formally reported to the relevant Permanent Control divisions or functions.
Level 1 permanent control is the first link in internal control and is primarily performed by operational or support departments under the supervision of their line management. These departments are responsible for: implementing formalized, documented and reportable • self-checks; documenting and verifying compliance with transaction • processing procedures, detailing the responsibility of those involved and the types of checks carried out; verifying the compliance of transactions; • implementing recommendations drawn up by Level 2 control • functions on the Level 1 control system; reporting to and alerting Level 2 control functions. •
LEVEL 2: PERMANENT CONTROL BY DEDICATED ENTITIES
Level 2 permanent controls, within the meaning of Article 13 of Ministerial Order A-2014-11-03 on internal control, are performed by entities dedicated to this duty as part of the Group’s Risk division and Corporate Secretary’s Office in charge of Compliance and Permanent Control for Groupe BPCE.
36
RISK REPORT PILLAR III 2020 | GROUPE BPCE
www.groupebpce.com
Made with FlippingBook - Online magazine maker