Three Lines of Defense About this Report Chairman's Foreword Management Report Appendices Corporate Governance Consolidated Financial Statements Company Financial Statements (Operational) losses and incidents are however closely monitored and analyzed in order to reduce the risk of reoccurrence in the future. In this regard we also take into account that in an environment of innovation and change, it is important to ensure clear risk ownership and a correct balance between strategic changes and risk mitigation. Additionally, a number of risks in areas where applicable regulations are unclear, subject to multiple interpretations or under development, are in conflict with each other, or when regulators revise their guidance or when courts set new legal standards. Risk Governance Both the Risk Management Charter and the Compliance Charter define Rabobank's governance and decision framework for both Financial and Operational Risks. The Charters are in place to support efficient and effective risk management at all levels of the Rabobank Group. To ensure effectiveness of risk management across the group, Rabobank works with the Three Lines of Defense' (3LoD) model. First-line functions own and manage risk within the bank, the second line functions (Risk Management and Compliance) oversee and advise on risk. An independent third-line function (Audit) provides assurance on the effectiveness of the first and second lines of defense. In this way the 3LoD model provides cleardivision of activities and responsibilities in risk management across the organization. The 3LoD model is represented in the following figure. line of defense Business owns and manages risks Managing Supervisory Board Audit committee Risk committee line of defense Functions that oversee and challenge risk Risk Management line of defense Functions that provides independent assurance The risk management framework covers regular banking risk types, such as credit risks, market risks, interest rate risks in the banking book, liquidity risks, compliance risks and operational risks (including tax risks and legal risks). Risk classification allows for clear definitions and promotes a common understanding of risk management throughout the organization. In addition to the main risk types, the risk management framework also uses a more granular classification for risks such as FX-translation risk and model risk.The riskappetite is determined per risktypeto manage risk profile alignment with the Strategic Framework 2016-2020. Generally, the risk teams are firmly at the table in the key management teams of the group. They foster better understanding ofand cooperation on riskand business, and they encourage additional informed decision-making. In 2018, we have strengthened the process by establishing 'In Control' meetings at various levels of the organization. We have expanded our policy for new products and material changes (e.g. organizations, strategic refocus) with a new Business Approval and Review Committee. Moreover, we have enhanced the process around client integrity and financial crime issues such as CDD, AML and Sanctions with a committee now reporting directly to the Managing Board. Risk Management Strategy Rabobank's mission 'Growing a better world together' underlines ourcooperative roots and emphasizes ourdedication to enabling our customers to achieve their ambitions. Rabobank's strategy defines priorities, objectives and targets including a capital strategy. Rabobank's Risk Strategy supports management in executing the business strategy. Rabobank's RiskStrategyfocuses on the following goals: Support the business through the delivery of excellent and appropriate customer focus. We accomplish this by conducting our business nearby our customers, by meeting high standards, and by keeping process and system errors to Annual Report 2018 - Management Report 60

Rabobank Bronnenarchief

Annual Reports Rabobank | 2018 | | pagina 62