NATIXIS - Universal registration document and financial report 2019

3 RISK FACTORS, RISK MANAGEMENT AND PILLAR III Risk management

Risk management 3.2

the Risk Supervision Division , which is headed by the Chief Risk V Officer, reports directly to senior management and is responsible for measuring, monitoring and managing the risks inherent to the business activities, in particular credit and counterparty risk, market and liquidity risk, operational risk and model risk, the Regulatory and Accounting Review team within the V Accounting and Ratios division, which reports functionally to the Compliance Department, verifies the quality and accuracy of accounting and regulatory information; periodic controls performed by the General Inspection V Department. The General Inspection Department reports to the Chief Executive Officer and performs periodic audits to assess the risks to which the businesses are exposed and ensure the effectiveness of the entire internal control system. The Corporate Secretary is responsible for permanent controls and ensures their consistency and effectiveness. Natixis organizes its control functions on a global basis in order to ensure that the internal control mechanism is consistent throughout the Company. Second-level permanent and periodic control functions within subsidiaries or business lines report to Natixis’ corresponding central control departments, either on a functional basis in the case of subsidiaries or on a hierarchical basis in the case of business lines. The purpose of this structure is to ensure adherence to the following principles: a strict segregation of duties between units responsible for V performing transactions and those that approve them, in particular accounting teams; strict independence between the operational and functional units V responsible for undertaking and validating transactions, and the units that control them. The Control Functions Coordination Committee coordinates the system as a whole. The executive managers , under the supervision of the Board of Directors, are responsible for implementing Natixis’ internal control system in its entirety. The executive managers regularly inform the Board of Directors of all significant risks, risk management policies and changes made thereto.

Organization of Natixis’ 3.2.1 internal control system Natixis’ internal control system encompasses all the steps taken by the institution to measure, monitor and manage the risks that are inherent to its various activities in accordance with legal and regulatory requirements. The system complies with the provisions set forth in the French Ministerial Order of November 3, 2014 on internal control by companies in the banking, payment services and investment services sector. It is structured in accordance with the principles set out by BPCE, with the objective of ensuring a consolidated approach to risk within the framework of the control exercised by the shareholding group. The objective is to ensure the effectiveness and quality of the Company’s internal operations, the reliability of accounting and financial information distributed both internally and externally, the security of operations, and compliance with laws, regulations and internal policies. control system (Data certified by the Statutory Auditors in accordance with IFRS 7) Natixis’ internal control system comprises: first-level permanent controls performed by operational staff on V the processing in their charge, following internal procedures and legal and regulatory requirements; second-level permanent controls performed by four departments V that are independent of operational staff: the Compliance Department , which reports to the Corporate V Secretary, is notably responsible for managing compliance risk, organizing the first-level permanent control system, and performing second-level controls, the IT Systems Security and Business Continuity (ITSS-BC) V function , which reports to the Compliance Department, assesses the risks and establishes the policies on information systems security and business continuity while ensuring they are correctly applied, Overview of the internal 3.2.1.1

108

NATIXIS UNIVERSAL REGISTRATION DOCUMENT 2019

Made with FlippingBook Annual report