Page 23 - Consolidated Non Financial Statement
P. 23
Banca Ifis
| 2020 Consolidated Non-Financial Statement
The Compliance function operates using two types of approaches:
• ex ante: the function provides advice to support the business either as planned, on regulatory topics that are
identified and updated under a risk-based approach and in line with the Group's Strategic Plan, or when called
upon for specific needs (e.g. new products or operations);
• ex post: the function conducts compliance audits in accordance with the Annual Compliance Plan as well as
systematic inspections, whose findings are shared with the functions concerned, reported to the BoD through
the Dashboard, and notified to the Bank of Italy.
In addition, when starting a major project (such as acquisitions or the launch of new products or operations), the
Compliance function actively participates by providing operational and other recommendations on how to properly
manage the risk of non-compliance, for instance in terms of precautions and controls to be implemented, regulations to
consider, and monitoring actions to be taken.
To promote a culture of respect for the law at all organisational levels, in 2020 the Group provided refresher courses
and training programmes to employees to make sure they acquire and develop the knowledge necessary to comply
with the law, internal rules, and industry regulations. Compliance informs the structures concerned of any regulatory
changes deemed significant, and either provides training or encourages more comprehensive training initiatives by
involving Human Resources.
Anti-Money Laundering performs systematic second line of defence audits concerning the risk of money-
laundering and terrorist financing to ensure the relevant procedures are properly applied to operational processes,
and develops Key Risk Indicators representing the most significant risk factors to be monitored. It also performs a self-
assessment of the risk of money laundering and terrorist financing once a year. The function shares the audit findings
and the action plan with the relevant Management. These audits and indicators are also displayed in the Dashboard on
a quarterly basis and reported to the Board of Directors as well as, if required, to the Bank of Italy. Anti-Money Laundering
also monitors the evolution of the relevant legislation, providing the structures impacted with information and taking
action for the necessary adjustments. In order to guarantee an effective application of anti-money laundering legislation,
the department also assures the delivery of training programmes to staff, guaranteeing a complete understanding of
the purposes, principles of the obligations and corporate liability in terms of the fight against money laundering.
Internal Audit controls, with a view to assuring level three audits, the regular performance of operations and the
evolution of business risks and assesses the completeness, adequacy, function and reliability of the organisational
structure and the various components of the Internal Control System. The review carried out by Internal Audit is therefore
transversal to all corporate processes.
In order to identify any abnormal performance or breach of internal regulations and assess the function of the Internal
Control System as a whole, Internal Audit is specifically assigned responsibility for verifying the correct application
of internal provisions.
Internal Audit operates on the schedule approved by the Board of Directors; in addition to this, it also performs unplanned
audits as specifically necessary and/or required by the main corporate bodies or external supervisory bodies. The results
15
