Universal registration document and annual financial report 2020

2020 Universal registration document and annual financial report - BNP PARIBAS 535

6information on the Parent ComPany finanCial statements at 31 deCemBer 2020

Statutory Auditors report on the financial statements

Analysis of legal risk with respect to regulatory and administrative investigations and to class actions (See Notes 2.f and 3.k to the financial statements)

Description of risk How our audit addressed this risk

In each of the countries where it is present, BNP Paribas is subject to the regulations applicable to the sectors in which it operates. If the Company does not comply with the applicable laws and regulations, it may be exposed to significant fines and other administrative and criminal sanctions. It may also incur losses as a result of private legal disputes in connection with or unrelated to these sanctions.

Any provision recognised to cover the consequences of investigations into non-compliance with certain regulations requires judgement due to the difficulty in estimating the outcome of regulatory procedures.

Any provisions recognised with respect to class actions or other private legal disputes also requires management to exercise judgement.

In light of the increase in regulatory and administrative investigations and class actions brought against financial establishments in recent years and of the significant judgement exercised by management to estimate the amount of provisions recognised, we deemed this risk to be a key audit matter.

We familiarised ourselves with the procedure for identifying and assessing legal risk with respect to regulatory and administrative investigations and to class actions, in particular through quarterly interviews with BNP Paribas SA s legal functions.

Our work consisted primarily in:

■ obtaining an understanding of the analyses prepared by the financial and legal departments at the end of each quarterly accounting period;

■ interviewing the specialised law firms with which BNP Paribas works when subject to legal disputes.

General IT controls

Description of risk How our audit addressed this risk

The reliability and security of IT systems plays a key role in the preparation of BNP Paribas SA s financial statements.

We thus deemed the assessment of the general IT controls of the infrastructures and applications that contribute to the preparation of accounting and financial information to be a key audit matter.

In particular, a system for controlling access rights to IT systems and authorisation levels based on employee profiles represents a key control for limiting the risk of inappropriate changes to application settings or underlying data.

For the main systems used to prepare accounting and financial information, assisted by our IT specialists, our work consisted primarily in:

■ obtaining an understanding of the systems, processes and controls which underpin accounting and financial data;

■ assessing the general IT controls (application and data access management, application changes/developments management and IT operations management) on key systems (in particular accounting, consolidation and automatic reconciliation applications);

■ examining the control for the authorisation of manual accounting entries;

■ performing additional audit procedures, where appropriate.

Specific verifications

In accordance with professional standards applicable in France, we have also performed the specific verifications required by French legal and regulatory provisions.

Information given in the management report and in the other documents provided to the shareholders with respect to the Company s financial position and the financial statements

We have no matters to report as to the fair presentation and the consistency with the financial statements of the information given in the Board of directors management report and in the other documents provided to the shareholders with respect to the Company s financial position and the financial statements, with the exception of the item described below.

Concerning the fair presentation and the consistency with the financial statements of the information about payment terms referred to in article D.441-4 of the French Commercial Code, we have the following matter to report: as indicated, these disclosures do not include banking and related transactions as the Company considers that such disclosures are not within the scope of the information to be provided.