The Chief Risk Officer, to whom the Governance Area in charge of the risk management functions as well as the controls on the risk management and internal validation process reports, represents a “second line of defence” in the management of corporate risks that is separate and independent from the business supporting functions.
The Chief Risk Officer is responsible for:
proposing the Risk Appetite Framework and setting the Group’s risk management guidelines and policies, in accordance with the company’s strategies and objectives, and coordinates and verifies their implementation by the responsible units of the Group, also within the various corporate areas;
ensuring the management of the Group’s overall risk profile, by establishing methods and monitoring exposure to the various types of risk and reporting the situation periodically to the corporate bodies;
the Chief Risk Officer also carries out II level controls on credit and other risks, and ensures the validation of internal risk measurement systems.
The Chief Risk Officer Governance Area is responsible for operational implementation of the strategic and management guidelines along the Bank’s entire decision-making chain, down to individual operational units. The risk control functions of subsidiaries with a decentralised management model and the representatives of the Parent Company’s risk control function at subsidiaries with a centralised management model report to the Area.