Universal registration document and annual financial report 2019

4332019 Universal registration document and annual financial report - BNP PARIBAS

5risks and CaPital adequaCy Pillar 3

Operational risk

➤ FIGURE 13: REPUTATION RISK MANAGEMENT FRAMEWORK

MANAGEMENT OF REPUTATIONAL

RISK

EMPLOYEE TRAINING PROGRAM

ETHICS COMMITTEE

CORPORATE COMMUNICATIONS

PERMANENT CONTROLS

GROUP SUPERVISORY AND CONTROL COMMITTEE

■ the Group Supervisory and Control Committee is chaired by the Chief Executive Officer. Its other members are the Chief Operating Officer and the Heads of the Compliance, RISK, LEGAL and General Inspection Functions. The Deputy Chief Operating Officers have standing invitations to attend. Its mission is to define rules of principle and policies, to contribute to the organisation of the control functions and the consistency between them and to ensure their overall consistency vis-à-vis the operating entities of the Group;

■ the Ethics Committee is chaired by Jean-Marie Guéhenno, Chairman of the International Crisis Group. It is made up in equivalent proportion of members of the Group Executive Committee as well as independent outside individuals. The role of the Ethics Committee is to help formulate recommendations for the Group s code of conduct and business conducted in certain sensitive countries or business sectors;

■ the employee training programme: the Group s employees have an essential role in managing the reputation risk. This awareness training includes identifying, controlling, and managing the reputation risk, the Group s Values, and its ethics standards;

■ Corporate Communications: one of the major missions of Corporate Communication is to protect the reputation of the Group and its Entities, as well as being a source of information for employees and the public, whose trust is essential for the Group;

■ permanent control: identifying and managing the reputation risk are part of the objectives of the permanent control system. Procedures and controls are closely monitored wherever the risk is highest. Whistleblowing procedures and periodic control recommendations

are also taken into consideration. The reputation risk is also taken into account in the process for validating standard or non-standard transactions, new businesses, and new products. The Group has procedures for conflicts of interest; market integrity; adequacy and appropriateness of offers to clients; best execution of their orders; anti- money laundering, terrorist financing and corruption; compliance with international sanctions and embargoes; and social and environmental responsibility that, along with the code of conduct, are conducive to effective management of reputation risk.

LEGAL RISK The Legal Function (LEGAL) is responsible for preventing and managing the Group s legal risks through its advisory and control roles.

Legal risk is defined as the Group s risk of suffering from a negative impact following:

■ a potential conflict or a change in laws or regulations applicable to the Group s operations;

■ a civil or criminal action or an investigation associated with an alleged breach, infringement of an applicable law or regulation or any other alleged breach of an obligation;

■ an inability to ensure that a contractual agreement with a customer or a third party is respected.