Your browser is not up to date and is not able to run this publication.
Learn more

2018 Registration document and annual fi nancial report - BNP PARIBAS 111

2CORPORATE GOVERNANCE AND INTERNAL CONTROL

2

Internal Control

The control exercised by the valuation channel which involves all players is supervised by the Finance Function and has its own governance framework. This control system is based on a set of organisational principles defined in the Group s Internal Control Charter for each organisational level, i.e. Group, CIB and the main entities that account for market transactions.

The Finance Function relies on dedicated CIB Methodology & Financial Control (CIB MFC) teams, which oversee the entire system, to ensure that it is functioning correctly. The Finance Function decides on the information that must be reported by the various players: this comprises both quantitative and qualitative data indicating trends in different businesses as well as the results and quality of upstream controls carried out.

Several committees that meet on a quarterly or monthly basis are set up to bring all of the players together to review and examine, for each process and business line, the methods used and/or the results of the controls conducted. These committees operating methods are governed by procedures approved by the Finance Function, ensuring that the Finance Function takes part in the main choices and arbitrations. Lastly, the CIB MFC reports at each accounting quarter-end to the Product Financial Control Committee (PFC), an arbitration and decision- making committee chaired by the Group Chief Financial Officer, on its work, and informs the committee of the points of arbitration or attention concerning the effectiveness of the controls and the reliability of the result measurement and determination process. This quarterly Committee meeting brings together the business lines, Group Finance and the divisions concerned, the ALMT and the Risk Function. Intermediary PFC committees complete this system and aim to defi ne project priorities, monitor their implementation and thoroughly examine certain technical elements.

Development of the system

The control system is continuously adapted to the Group s requirements. The procedures described form part of an evolving system that aims to guarantee an adequate level of control throughout the Group.

In particular, the quality of the accounting certification process is regularly reviewed with the divisions/business lines, for instance with the preparation of quantitative indicators for some controls, targeted cross-functional reviews of a major control and ad hoc reviews with the divisions/business lines on specific points for improvement in various areas. These reviews are supplemented by presentations to the various committees in the Finance channel, on-site visits and training sessions. Group procedures clarifying some major controls, and detailed instructions aimed at ensuring consistent responses and adequately- documented processes are also distributed. These Group procedures and instructions are extended where necessary at divisions/business lines level to cover issues specifi c to them.

Similarly, the certification system of the data contributing to the calculation of the capital adequacy ratio is subject to adjustment in order to take into account developments in the processes and the organisation, and to capitalise on indicators and controls in place in the various sectors in connection with the improvement programme on the reporting and the quality of the data mentioned below.

In addition, as part of the programme undertaken in respect of liquidity reporting, changes in processes and tools are carried out regularly in order to adapt to the new demands of regulatory reporting, and specifi c actions are taken with the various contributors in order to enhance the quality and controls for the channel.

Lastly, the Group pursued a programme called Risk Data Aggregation and Reporting (RaDAR) in response to the Principles for effective risk data aggregation and risk reporting established by the Basel Committee. The aim of this programme is to improve the quality and integrity of the data needed to produce reports covering the different types of risks to which BNP Paribas is exposed (credit, market, liquidity, operational), and to strengthen the consistency of reporting for all levels of the organisation during normal times as well as in times of stress or crisis. With the EU s General Data Protection Regulation (GDPR), the programme was extended in late 2016 to include personal data protection.

Structured around various areas, this year it has enabled the continuation of multi-year action plans in the Group s Divisions and Functions, to achieve a high degree of quality of critical data and to deploy the principles of governance in the divisions/business lines by consolidating the network of Chief Data Offi cers (CDOs). Each CDO is responsible, within his scope, for defi ning the strategy as a whole and implementing the process as well as ensuring its monitoring over time.

PERIODIC CONTROL General Inspection has a team of inspectors (the Central Accounting Inspection Team) specialising in accounting and fi nancial audit, thus refl ecting its strategy of strengthening auditing capability in accountancy, as regards both the technical complexity of its work and its coverage of accounting risk.

Its action plan is based on an annual Risk Assessment exercise, the practical details of which have been established by General Inspection based on the risk evaluation chart defi ned by the Risk Function.

The core aims of the team are as follows:

■ establishing a hub of accounting and fi nancial expertise in order to reinforce the capability of General Inspection when carrying out inspections in such areas;

■ disseminating internal audit best practices and standardising the quality of audit work throughout the Group;

■ identifying and inspecting areas of accounting risk at Group level.