Our risk management and control model is based on the principles below:
- Advanced risk management with a forward-looking approach that ensures a medium-low risk profile, based on our risk appetite framework defined by the board.
- Risk culture that applies to all employees throughout the Group.
- Clearly defined three lines of defence model that enable us to identify, manage, control, monitor and challenge all risks.
- Autonomous subsidiaries model with robust governance based on a clear structure that separates the risk management and the risk control functions.
- Information and data management processes that allow all risks to be identified, assessed, managed and reported at appropriate levels.
- Risks are managed by the units that generate them.