Risk Management

Our internal risk control system to ensure transparency.

Banca Generali internal control system is structured on three levels:

  • first-level controls, aimed at ensuring that activities are conducted properly. Such controls are undertaken by production units or are included into procedures;
  • risk management controls, aimed at identifying, measuring, controlling and managing all risks (credit, market, operating and strategic risks, etc.);
  • compliance controls, aimed at preventing noncompliance with law in the rendering of services.

Within Banca Generali, such controls are entrusted to:

  • the Compliance function entrusted with preventing the risk of noncompliance with applicable legislation, including the risk of money laundering and financing of terrorism;
  • the Risk Management function, entrusted with the task of identifying, measuring, controlling and managing other risks (credit, market, operating and strategic risks, etc.);
  • internal audits (or thirdlevel controls), entrusted to the Internal Audit function, which performs controls aimed at identifying anomalous performances and violations of procedures and regulations, as well as assessing the overall functioning of the entire internal audit and risk management system.

The above-mentioned activities are complemented by those of the 262 Oversight function, with reference to the administrative-accounting risk (Law No. 262/2005).

Functions in charge of the internal audit and risk management system

Board of Directors

  • bears the final responsibility in the system
  • establishes guidelines
  • periodically assesses the appropriateness and efficiency of the system

Top Management

  • implements strategic guidelines
  • constantly monitors the appropriateness of the system

Board of Statutory Auditors

  • oversees the adequacy and compliance of the system and its actual functioning

Internal Audit and Risk Committee

  • supports the Board of Directors discharging investigative, consultative and recommendatory duties

Risk Committee

  • ensures coordinated coverage of the system for managing and controlling risks
  • addresses specific operating issues with decision-making powers relating to risk containment measures

Law 262 Organisational Unit

  • guides and coordinates administrative and accounting risk management activities
  • supports the Manager in charge of this function

Risk Management Service

  • identifies, measures, assesses and monitors all types of risk to which the Group is exposed, with the exception of the risk of non-compliance

Compliance Service

  • assesses the adequacy of company processes and procedures in order to prevent the risk of non-compliance to the regulations
  • supervises the distribution network's actual behaviour

Anti Money Laundering Service

  • prevents and combates transactions involving money laundering and financing of terrorism

Internal Audit

  • oversees and assesses the efficiency and effectiveness of Internal Control System For further information, see “Three levels of control, risk management and Law 262 Organisational Unit”

Main Risks and Uncertainties

The main risks and uncertainties to which the Banking Group is exposed are:

  • credit risk: it is defined as the possibility that a counterparty may become insolvent, or the likelihood that a debtor may fail to fulfil its obligations or fulfil its obligations on a delayed basis with respect to predetermined due dates;
  • counterparty risk: it is the risk associated with the possibility that a counterparty to a securities transaction may default before said transaction is settled. The counterparty risk is a sub-category of credit risk;
  • operating risk: it can be defined as the possibility of loss resulting from the inadequacy or failure of processes, human resources or internal systems, or from external events. This category includes losses deriving from fraud, human error, interrupted operations, system breakdown, breaches of contract, and natural disasters. The legal risk is included in the operating risk, whereas strategic and reputation risks are not included;
  • market risk: it is represented by the possibility to suffer losses due to variations in the value of a security or a portfolio of securities associated with unexpected variations in market conditions (share prices, interest rates, exchange rates, the prices of goods and the volatility of risk factors);
  • banking portfolio interest rate risk: it is due to potential fluctuations of interest rates. This risk is generated by the gaps between the maturities and time required to re-set the interest rate on the Group’s assets and liabilities. Where such gaps are present, fluctuations in interest rates result in variations of net profit, and therefore expected net profit, as well as variations in the market value of the assets and liabilities, and therefore net equity;
  • liquidity risk: it is manifested in the form of the breach of payment obligations, which may be caused by an inability to procure funding (funding liquidity risk) or the existence of limits on the divestment of assets (market liquidity risk). Liquidity risk also includes the risk of fulfilling payment obligations at above-market costs, incurring a high cost of funding, or incurring capital losses on the divestment of assets;
  • concentration risk: it is the risk arising from exposures to counterparties, groups of related counterparties, and counterparties operating in the same business segment, engaging in the same activity, or based in the same geographical area;
  • residual risk: the risk that the recognised credit risk mitigation techniques used prove less effective than foreseen;
  • reputational risk: the current or prospective risk of a decrease in profits or capital arising from a negative perception of the corporate image by clients, counterparties, shareholders, investors or regulatory authorities;
  • strategic risk: the actual or prospective risk of a decrease in profits or capital arising from changes in the operating context or poor company decisions, the inadequate implementation of decisions, or insufficient reaction to changes in the competitive scenario;
  • compliance risk: the risk of incurring legal or administrative penalties, significant financial losses or damages to reputation due to breaches of compulsory provisions (of laws or regulations) or self-imposed rules (e.g., articles of association, codes of conduct, self-regulatory codes).

The Group has formally defined a policy for each of the above risks that lays down: the general principles, roles and responsibilities of the company bodies and functions involved in risk management; guidelines on risk management in accordance with its business model, risk appetite, internal control system, system of delegated powers established by the Board of Directors and instructions of supervisory authorities.

Discover our external auditors

It carries out audit work and draws up audit reports.