UNIVERSAL REGISTRATION DOCUMENT 2023

5 GROUP RISK FACTORS

Organisation of risk management within the Group

5.1.5 WAR IN UKRAINE AND THE MIDDLE EAST

financial impacts for the Group. The armed conflict between these two countries and its uncertainties have disrupted growth forecasts around the world with its impacts on commodities, energy, production, and supply chains, fuelling the inflationary environment and having global repercussions on the financial and commodity markets. Furthermore, the conflict between Israel and Hamas, which has been ongoing since October 2023, adds more uncertainty about the production and supply chains in the world economies.

The war in Ukraine, which began on 24 February 2022 with the invasion by Russian troops on Ukrainian territory, has created a great international instability environment, the outcome of which is currently unknown. Despite the Group’s non ‑ significant exposures to these two countries and Belarus, this war could have economic and

5.2 ORGANISATION OF RISK MANAGEMENT WITHIN THE GROUP

In order to better manage all the risks to which it is exposed, the Group has put in place a set of measures and risk monitoring processes managed within a global framework. The implementation of the risk management system within the Group is ensured by: definition of standards and a structuring framework for analysis and control of risks; ❯ support from the entities in implementation of this risk management system; and ❯ downstream checks of compliance with the Group standards and the effectiveness of the risk management system implemented within the entities. ❯ At Group level, risks related to insurance business lines are in particular monitored by the Groupama Assurances Mutuelles and Groupama Gan Vie Business Departments specialising in the area in question; and by the reinsurance department. The Group Finance Department is responsible for managing the risks related to assets and Asset/Liability Management. Operational risks are monitored by the business lines, support departments, or subsidiaries of Groupama Assurances Mutuelles specialising in the area in question. Risks are identified according to the Group classifications defined by risk area—operational, life insurance, non ‑ life insurance, and financial—common to all the Group’s entities and incorporating the Solvency II risk classification. Each major (Group and entity) risk is assigned a risk “owner” responsible for monitoring and controlling the risk consistent with the standards defined by the Group. Risk owners set up risk control plans implemented at Group level and within the entities. The general principles, the objectives, and the organisation of internal control are defined in the Group’s internal control policy. An internal audit policy, a component of internal control, supplements the provisions of the internal control policy and specifies its own operating rules and its areas of involvement. A general risk management policy and policies dedicated to covering all the risks to which the Group is exposed as well as a compliance policy, defining the overall framework for implementing and operating the compliance process within the Group, complete the system. All these policies are approved by the Groupama Assurances Mutuelles Board of Directors. The Group risk management policy is the basis for risk management at both the Group level and the entity level. It defines all the structuring principles of the risk management system within Groupama in terms of risk identification, measurement, and management methods and in organisational terms.

The Group’s entities formalise their risk management policy and various risk policies in line with the Group’s policies and on the basis of their risk profile, organisation and operating country. The service (or resource), distribution, and financial subsidiaries implement a risk management system in accordance with the rules applicable to their activities, consistent with the framework established by the Group. The risk management system also relies on the ORSA (Own Risk and Solvency Assessment) process, shown by the production of an annual report. This exercise, which aims to assess risks and solvency, is carried out at the level of each of the Group’s entity and at the consolidated level, and each report is validated by the Board of Directors of the entity in question and communicated to the regulator. Several bodies are responsible for Group ‑ level risk monitoring governance: the Group Risk Committee: composed of the members of the Group Executive Committee and the Manager of the key Risk Management function; its role is to approve the risk management policy, by setting the limits of risks and approving the measures used to manage risks, and to supervise the management of major Group risks; ❯ the Risk Committees by risk family (insurance, financial and operational) organised by the Group insurance & financial risk management and permanent control/Compliance Departments and made up of major risk owners, and depending on the areas concerned of the representatives from the Groupama Assurances Mutuelles business line and support departments (Group Actuarial Department, Group Financial Control Department, investments, etc.), French subsidiaries/International Subsidiaries Department, and asset management subsidiaries; ❯ the Ethics and Sustainability Committee; and ❯ the Capital Management Committee, consisting of the deputy CEO in charge of finance, the Director of risk management, control, and compliance, the Insurance & Financial Risk Director, the Reinsurance Director, the Financing and Investment Director, the Group Actuarial Director, the Financing Director, the ALM Director, and the representative of the International Department in charge of monitoring international subsidiaries. ❯

172

Universal Registration Document 2023 GROUPAMA ASSURANCES MUTUELLES