Why this issue is significant

The Intesa Sanpaolo Group attaches great importance to risk management and control as conditions to ensure the reliable and sustainable creation of value in a context of controlled risk.

Intesa Sanpaolo has a moderate risk profile in which capital adequacy, stable profit, a sound liquidity position and a strong reputation are the key factors protecting its current and future profitability.

The risk management strategy targets a complete, consistent vision of risk, consolidating a transparent and accurate approach to representing the possible risk of the Group's portfolios. The strategy also includes an assessment of the social and environmental variables of financing activities, particularly in the case of infrastructure projects, for which the assessment criteria of Equator Principles are applied.

Risk monitoring includes an environmental management and occupational health and management system, and a commitment to protecting and safeguarding staff and customers, with a specific focus on preventing the risk of robberies at bank branches, risks related to the use of electronic channels and fraud prevention.


How it is managed
Departments/Functions in charge
Results achieved in 2016

The Group has adopted processes and established specific responsibilities for understanding and managing risks, in order to ensure capital strength and business continuity in the long term. To this end, it has adopted an internal control and risk management system to identify, measure and verify the typical risks of its operations. These general principles are outlined in policies, limits and criteria applicable to different risk categories and business areas, in a structured framework of governance and control procedures.

Policies on risk assumption are defined by the Board of Directors, with strategic supervisory and management functions and by the Management Control Committee. The Board of Directors carries out activities also through specific board committees, including the Risks Committee. Corporate bodies are assisted by managerial committees, including the Group Risk Governance Committee, and by the Chief Risk Officer that directly reports to the Chief Executive Officer.

The Credit Activities Sub-Department is involved in social and environmental risk assessment processes for loans covered by the scope of application of the Equator Principles.

Intesa Sanpaolo Group Service oversees IT security, business continuity and safety functions. The Safety and Protection Head Office Department monitors occupational health and safety and environmental compliance (as well as privacy compliance).

The customary close monitoring of risk assumption strategies summarised in the Group’s Risk Appetite Framework and specifically concerning credit risk continued. Control and management processes designed to allow the correct ex ante assessment of any transactions that are potentially relevant in terms of risk profile and that could impact the Group's stability were further implemented.

In view of a changing economic scenario, the Bank took steps to develop the latest generation rating model, for Italian businesses, to measure sector and competitive variables.

The risk classification of the Equator Principles – international guidelines based on World Bank standards – continued to be adopted for loans for project development. As regards the management of controversial sectors, “Rules for transactions in the armaments industry“ were updated.

An overall Group framework was prepared, for reputational risk, with the involvement of other company functions and a monitoring tool for the Group's web reputation was identified.

Regarding the overall evaluation of work-related stress situations in the Intesa Sanpaolo Group and in order to identify any mitigation measures, the results of the epidemiological report of the last three years were taken into account, which considered the general health of more than thirteen thousand employees (in 2016 alone, company-appointed doctors carried out over 6,000 health surveillance check-ups and in 97.7% of cases, employees were considered as being fit for their work duties, and in 2.2% of cases the fitness rating was pending).

The focus on combating computer crime continued, with an anti-fraud system set up to block transactions totalling nearly 10 million euro for retail customers and around 21 million euro for business customers.

Activities to protect people and branches from the risk of robberies focussed on consolidating and innovating technological safety measures. As from 2016, the “post-robbery support” programme has been operative and assistance from a medical team is provided for all robberies, regardless of the severity of the event, for attacks on personnel, and in the case of natural disasters.

Performance indicators and objectives achieved

Indicators 2016 Results
Definition of systematic monitoring to manage Most Significant Transactions (MSTs) Around 460 transactions were reviewed, with prior opinions issued, mainly concerning “TOP20 Concentration”, “Property Sector” and “Public sector - local authorities” risks
Breakdown of Group RAF limits on Divisions and Subsidiaries with a high contribution to risks and/or specific local features. RAF limits were defined for all Group Divisions, for subsidiaries with a specialist business model (Banca IMI, Fideuram-ISPB, Eurizon) or that are subject to sector regulations (Intesa Sanpaolo Vita, Fideuram Vita) and for international banks
Definition of systematic monitoring to manage and mitigate reputational risk Activities to define the overall reference framework continued
Projects subject to the Equator Principles screening and relative percentage of total project financing 14 projects for a value of 2.04 billion
10% of total project finance loans *
Monitoring health and safety: Accidents Accidents in the workplace: 269 (211 in 2015)
Accidents outside the workplace: 598 (698 in 2015)
Percentage of accidents out of the number of people: 0.98% (1.04 % in 2015)
Personnel training the prevention and management of the risk of robbery / Number of robberies In Italy, nearly 18,000 hours of training were held for around 3,000 people.
Since 2014, robberies have decreased in Italy by 65%, with 21 events in 2016

* The percentage only refers to project finance transactions, excluding corporate loans relative to projects.