Part E - Information on risks and risk management policies

The prudential supervisory provisions for banks continue to strengthen the system of rules and incentives that allow to measure more accurately potential risks connected to banking and financial operations as well as maintain internal capital levels more suited to the effective level of risk exposure of each intermediary.

Concerning risk governance, the Group regularly reviews the strategic guidelines set out in the so-called Risk Appetite Framework. Meanwhile, the second pillar of the provisions includes the ICAAP process (Internal Capital Adequacy Assessment Process), pursuant to which the bank autonomously assesses its own current and expected capital adequacy in relation to both so-called first-pillar risks (credit risk, counterparty risk, market risk and operational risk) and other risks (liquidity risk, banking book interest rate risk, concentration risk, etc.).

This examination accompanied the preparation and the forwarding to the Supervisory body of the annual ICAAP report as at 31 December 2014. In May 2015, again with reference to 31 December 2014 and in compliance with the obligations in the relevant provisions, Banca IFIS published information on its capital adequacy, its exposure to risks, and the general characteristics of the systems it has put in place for the identification, measurement and management of these risks. This document has been published on Banca IFIS’s website www.bancaifis.it in the ‘Institutional Investors’ section.

With reference to the above and as per Circular 229 of 21 April 1999 as amended - Supervisory Instructions for banks - the Banca IFIS Group has set up an Internal Control System that aims to guarantee a reliable and sustainable generation of value in a context of sensible risk control and taking, so as to protect the Group’s financial solidity. Banca IFIS’s Internal Control System consists of rules, procedures and organisational structures aiming to ensure corporate strategies are complied with and the following goals achieved:

  • effectiveness and efficiency of corporate processes (administration, production, distribution, etc.);
  • safeguarding of assets’ value and protection from losses;
  • reliability and integrity of accounting and operating information;
  • compliance of operations with the law, supervisory regulations and internal policies, plans, regulations and procedures, as well as the Codes (Code of Ethics, Corporate Governance Code, etc.) adopted by the Group.

Audits involve all personnel to varying degrees and constitute an integral part of day-to-day operations. They can be classified according to the relevant organisational structures. Some types of audits are highlighted below:

  • Line audits aim to ensure operations are carried out correctly. These audits are carried out by the operational structures themselves, incorporated in procedures, or performed as part of back office operations;
  • Audits on risk management (including compliance risk) aim to define methods for measuring/evaluating risks, verify if limits assigned to the various operational areas are being respected, and check if operations within all areas are consistent with the risk appetite and tolerance objectives set out every year in the so-called Risk Appetite Framework. These audits are entrusted to structures other than the operational ones;
  • Internal audit activities aim to identify anomalies and violations of procedures and regulations, as well as to assess the overall efficiency and effectiveness of the Internal Control System. These activities are carried out all the time, either regularly or exceptionally, by structures other than and independent from the operational ones, also via on-the-spot audits.

The role of the different players involved in the Internal Control System (the Board of Directors, the Control and Risks Committee, the Executive Director in charge of the Internal Control System, the Supervisory Body as per Legislative Decree no. 231, the Internal Audit Function, the Corporate Accounting Reporting Officer, the Risk Management Function, the Compliance Function, and the Anti-Money Laundering Function) are described in detail in the ‘Report on Corporate Governance and Shareholding Structure’, prepared pursuant to the third paragraph of article 123 bis of Legislative Decree 58 of 24 February 1998 (Consolidated Law on Finance) as amended, approved by the Board of Directors on 18 February 2015 and published on the Bank’s Internet website in the Corporate Governance section.