GROUPAMA / 2019 Universal Registration Document

3 CORPORATE GOVERNANCE AND INTERNAL CONTROL Internal control procedures

The general audits of entities conducted in 2019 by the Group General Audit Department focused on four regional mutuals, two French insurance subsidiaries, two service subsidiaries, one international subsidiary, and 1 “flash” audit. Four subsidiaries underwentprocess audits as part of cumulativeaudits. Lastly, two cross-functional audits were conducted (one on the annual revaluationof portfoliosand one on new businesspricing). The audit conclusions are reported via a table of assessment of risks to which the company is exposedon its key processesand a list of recommendations.These conclusions are shared with the Steering Committeesof the companies concerned and the Group ExecutiveCommitteefor the cross-functionalaudits. They are then presented to the Audit and Risk Management Committee of Groupama Assurances Mutuelles. At the end of 2019, the Group’s audit team had around 100 auditors across Groupama Assurances Mutuelles, the regional mutuals,and the Group’ssubsidiaries in Franceand internationally. The workingmethodsand the definitionof the responsibilitiesof the key internal audit functions of the entities were formalised in dedicatedpolicies approved in 2015 by the Boards of Directors of most of the group’s entities, consistent with the principles of the Internal Audit policy of the Group and Groupama Assurances Mutuelles. The function is managed principally through an annual agreement and a working group (WG),which met threetimes in 2019.

The entities’ permanent control plans are integrated into the community operational risk management tool according to the Group methodology.This tool also enables collection of incidents, assessment ofoperationalrisks, andmanagementof action plans. All of the Risk Management and Permanent Control/Compliance Managers of the Group’s entities supplement the plan and meet regularly within the framework of information exchange and best practices bodies, directed by the Group Risk Management, Control, and Compliance Department. An ARC Operation Committee brings together the regional mutuals and the main subsidiaries of the Group’s France scope, with regular reports to the SteeringCommittee. Within Groupama Assurances Mutuelles (b) Implementing the internal control system at the level of the functional and operational activities of Groupama Assurances Mutuelles is the responsibility of the different officers in charge of these activitiesunder the authorityof the ExecutiveCommittee.The area of responsibilityof each of these Managers is determinedby the delegations of authority approved. The implementationof the internal control system of the corporate entity Groupama AssurancesMutuellesis handledby an employeeof the GroupRisk Management/Control andComplianceDepartment. Monitoring of entities (c) Every subsidiary is subject to ongoing monitoring by the departmentsof the divisionto which it isattached: Group FinanceDepartmentfor financial subsidiaries; ● Group Insurance and Services Department for the Non-Life ● insurance subsidiaries, the French service subsidiaries, and Groupama Supports& Services; Groupama Gan Vie’s Executive Management for the life ● insurance subsidiary and the distribution subsidiaries Gan Patrimoine andGan Prévoyance; International SubsidiariesDepartment for foreign subsidiaries. ● This specific monitoring is supplemented at Group level by cross-functionalmanagementof all of the entities, particularlyin the followingareas: Activity monitoring and financial reporting On behalf of the Group, the various Group Analysis and Management Control Departments (within the Group Financial Control Department) implement procedures for activity monitoring (performance indicators) and financial reporting for all regional mutuals, French and international subsidiaries, and Groupama Assurances Mutuelles. The aim is transparency of results and an understanding of trends in these areas for the Groupama Assurances MutuellesExecutiveManagementand the entities. This approachis based on a processof managementplanningthat is common to all entities. It is implementedand coordinatedby the Group Financial Control Department and is based on core Group standards for developing forecasts, approved by the Executive Management andupdatedregularly.

Internal control and risk 3.4.2.2

management systems within the entities and Groupama Assurances Mutuelles

Within the entities (a) The risk control and internalcontrol systemspecificto the entities is

organised around two complementary systems: risk management and internal controlof each entity; ● internal or operational auditing of every entity. ●

These systems are adapted to each entity based on its organisation, activities, and resources and the local regulations abroad, under theauthority of its Executive Management. Regardingorganisationand governance,the French entities subject to the Solvency IIregulationshave specified in their risk policies the roles and responsibilities of the administration and executive management bodies, key functions, and operational or support departmentsinvolved in riskmanagement. As under the Groupmodel, the entities regularlyhold specialistRisk Committee meetings and reinforce the level of maturity of the followingfour key functions,definedunder Solvency II: the “Risk Management” key function; ● the “ComplianceVerification”key function; ● the “Audit”key function; ● the “Actuarial” keyfunction. ● The Group Risk Management/Controland ComplianceDepartment supportsthe entitiesin monitoring androllingout Group standards.

61 Universal Registration Document 2019 - GROUPAMA ASSURANCES MUTUELLES

Made with FlippingBook Ebook Creator