The Risk Management Function has the role of ensuring the integrated assessment of the various risks, at a Group level, supporting the Board of Directors, the Manager in Charge and Senior Management in the assessment of the design and the effectiveness of the risk management system and reporting its conclusions to Senior Management, the Manager in Charge, the Control and Risks Committee and the Board of Directors, highlighting any deficiencies and suggesting how to resolve the same.
The Risk Management Function carries out such activities in the context of the ORSA process for the insurance business and ICAAP for the banking business, ensuring the coordination of activities carried out by the different corporate structures in relation to risk management.
Within the risk management system, the Risk Management Function is responsible for the on-going identification, measurement, assessment and monitoring of current and forward-looking risks, at an individual and aggregate level, that the Company is or may be exposed to and any interdependencies. The complete risk management process is fully described in the Group policies and in particular in the “Risk Management Policy”, the “Current and Forward-Looking Risk Assessment Policy” and the “Operational Risk Management Policy”.
Among its duties, the Risk Management Function is responsible for the design, implementation, maintenance and development of the tools necessary for risk measurement. Among these, the definition and use of tools for assessing the capital required to address the risks identified and namely the so-called Internal Model are of particular relevance. As regards the implementation of the Solvency II Regulations, responsibility within the Company for the design and implementation of the Internal Model is separated from the responsibility for validation.
Moreover, the Risk Management Function contributes to the dissemination of a risk culture throughout the Group.
The Risk Management Function is also responsible for the supervision and control of data quality, with particular reference to the calculation of Solvency II capital (Internal Model and Standard Formula) and with the gradual extension to the entire scope of the Group.
Finally, the Risk Management Function is responsible for assessing the impacts of operational risk arising from potential catastrophic events as defined in the Business Continuity Policy and for this purpose cooperates with the function in charge of the Business Continuity Plan.
With specific reference to the banking business, the Risk Management Function contributes to the definition and implementation of the RAF and the related risk governance policies, through an adequate risk management process. With regard to the risk management system, the results of the checks carried out, the weaknesses identified and the proposal of measures to be adopted to remove or mitigate the same are formalised and annually presented to the corporate bodies in the ICAAP and Risk Self Assessment. The function reports, for matters within its competence, on the completeness, adequacy, functionality and reliability of the internal control system.
As part of its responsibilities, the head of the Risk Management Function annually submits an activity plan to the Board of Directors for approval.