We refer to:
Risk Management pages of Investor Relations Section for a description of our system of risk management and in particular of Credit Risk, Market Risk, Liquidity Risk and Operations Risk;
Climate Change for a description of the f
inancial implications, risks and opportunities.
Risk management policies also include reputational risk, defined as the present or future risk of incurring loss of profits or capital resulting from a negative perception of the image of the Bank by customers, counterparties, the Bank’s shareholders, investors or supervisory authorities. The management of reputational risk involves, amongst other things, social responsibility and sustainability issues and it is performed by issuing internal regulations required by a Reputational Risk Management Policy set at Group level, which outlines priority areas in which events with tangible repercussions on the Bank’s reputation might manifest. An update of that policy is programmed for 2016.
The crime of corruption, which UBI Banca is also committed to fighting as part of its adherence to the UN Global Compact, is included in Italy among the “predicate offences” falling within the sphere of Legislative Decree No. 231/2001 on the administrative liability of businesses. In order to implement the provisions of Legislative Decree No. 231/2001, UBI Banca has adopted a special model of organisation, management and control (the 231/2001 Model). The model lays down rules and procedures designed to prevent the crimes covered by the decree from being committed and for the creation of a Supervisory Body and reporting and penalty systems. The Internal Control Committee of the bank was identified to play the role of the Supervisory Body, formed as an internal committee of the Supervisory Board, in order to ensure the proper functioning and constant update of the model itself and of the relative reporting and penalty systems. Furthermore, in its capacity as the Parent of the Group, UBI Banca informs subsidiaries of the policies it has set on the matter and recommends general criteria which they may follow. Each subsidiary adopts and updates its own Model with support from the Parent’s Compliance Function for those companies that have granted a specific mandate for this.
All activities and organisational units are subject to verification connected with implementation of the 231/2001 Model, while the Supervisory Body reports to the governing bodies on its adoption and effective implementation, the supervision of its functioning and oversight of its update.
All transactions are subject to monitoring according to the amount limits set by the relative legislation by means of dedicated software applications which support the identification of data potentially connected with money-laundering or other illegal activities, including corruption. The situations detected are subsequently subject to assessment by the organisational units responsible for managing the customer relationship and then by the central control unit.
In 2015 approximately 17,000 hours of specialist training (31% more than in 2014) were delivered, both in the classroom and through the e-learning platform, to 7,489 participants. In line with the three-year training programme, training was directed above all to staff in the Network Banks and Group companies who constitute the first point of contact with customers. Training on the principles derived from Legislative Decree No. 231/2001, which also addressed anti-corruption policies and procedures and was differentiated according to the level of responsibility, remained at levels appropriate to normal update requirements following the strong increase in 2014, with approximately 7,500 training hours delivered during the year.
Yet again in 2015, as in previous years, the operational risk management system and more specifically the loss data collection procedures recorded no incidents of “corruption, bribes and anti-money-laundering violations” (a sub-category of internal fraud).