Managing legal, regulatory or ethical risks

Complying with all the regulations, protecting ourselves against fraud, combatting money laundering or the financing of terrorism, offering our customers high-quality service over the long term, guaranteeing the continuity of essential services, etc… all these actions go well beyond the simple question of "reputational risk".

The functions managed by BPCE

BPCE is the central institution of the cooperative banking group comprised of the Banque Populaire and Caisses d'Epargne retail banking networks in addition to other affiliated credit institutions. In this context, BPCE ensures that the Group's different entities remain in strict compliance with all relevant laws, regulations, and good business practices. The Compliance function ensures the effective implementation of all these rules, thereby helping to earn the trust of all stakeholders.

Professional ethics

Professional ethics forms an integral part of our compliance system, for which the main principles are fixed by BPCE and then implemented by each group entity according to the specific nature of its activities. Compliance with the rules of good conduct by employees enables each entity to pursue its activities in an honest, fair and professional manner, and to serve its customers’ best interests.

The continuous drive to train and sensitize our employees to the need to respect ethical rules in the exercise of their functions is of vital importance. The group has been running a professional certification system for several years that enables it to verify that actions related to the presentation, recommendation, and sale of financial products and services to customers are carried out by staff possessing the appropriate professional qualifications.

Our companies take all reasonable steps to detect and handle situations where conflicts of interest are liable to arise, to prevent market abuse, and to monitor the compliance of employees’ behavior regarding laws governing competition and the fight against corruption.

We have set up a mechanism for monitoring and managing the disclosure of confidential and privileged information. Respect for bank secrecy or professional secrecy is a principle that is subject to no exceptions. Confidential, i.e. non-public, information about a customer or company is subject to special monitoring. As the group owns several listed subsidiaries, procedures for monitoring and controlling privileged information have been put in place. Special provisions have been made to cover securities transactions on listed subsidiaries carried out by employees enjoying access to privileged information on a permanent or occasional basis.

Protection of our customers

Groupe BPCE draws up rules through its Compliance Department to ensure the protection of its customers. These rules concern advertising, the validation of products offered for sale, and the validation of business processes regardless of the sales channel used (direct sales, online sales, telephone sales, etc.).

The protection of the customer must be effective at every stage in the relationship: when the initial pre-contractual information is given, when the employee offers the customer his or her advice and, lastly, during the life and final termination of the contract.

To better protect the personal data of individuals and grant them new rights concerning how their digital information is used is the goal pursued by GDPR¹. This new European regulation is based on the principles of transparency and the accountability of the various actors involved. Its application concerns all companies, wherever they are based, as long as they collect, process or host the personal data of individuals resident in the European Union.

Groupe BPCE has issued recommendations to group entities allowing each institution to define, according to its own specific characteristics, a clear and transparent procedure for handling customer complaints.

A regular monitoring of complaints, analyzed per type of dysfunction by quality indicators (delays in treatment, etc.) is carried out by the Quality and Compliance Departments of the entities in question.

In addition, each Groupe BPCE entity has an independent mediator, whose contact details are clearly indicated on the documents given to customers as well as on the website accessible to their clientele.

FOR FURTHER DETAILS

¹ General Data Protection Regulation

Financial security

We are engaged in the prevention of financial crimes, which includes the fight against money laundering and the financing of terrorism, but also the respect of the sanctions against certain countries, persons or entities decided by the European Union or the United States.

All of our companies ensure compliance with the principles and rules provided for by French law, in accordance with the standards defined, in particular, by the FATF¹, the United Nations or EU institutions².

The principles and frameworks are defined by BPCE and are applied by all of its entities. The operational teams are regularly sensitized to issues related to financial security, whether new forms of financial crime or legislative and regulatory developments in this area; dedicated training materials are used by all Groupe BPCE employees.

The prevention of money laundering and the financing of terrorist activities is based on the principle of ‘Know Your Customer’ complemented by constant vigilance exercised with regard to financial activities, calling on the assistance of the retail banking networks as well as the group employees directly assigned to the management of these issues.

¹ FATF, or the Financial Action Task Force (FATF), is an inter-governmental body set up to develop and promote national and international policies to combat money laundering and terrorist financing.

² Directives and regulations issued by the European Commission or the Council of the EU.

Business continuity

Like any business organization, Groupe BPCE companies may be affected by events or crises serious enough to affect the smooth running of their organization and, consequently, the quality of the services provided.

In such circumstances, the Business Continuity department identifies and validates alternative solutions to be implemented with a view to:

Reducing exposure to certain events or disasters,
Managing crisis situations and limiting the impact of losses,
Ensuring that the essential activities of Groupe BPCE's companies resume as quickly as possible,
Maintaining a minimum level of service by all available means,
Restoring a normal operating mode as soon as possible.

All financial institutions in the group, and the structures contributing to the pursuit of financial activities, have developed a continuity mechanism that can be activated, notably in the event of a major disaster.

All our employees are involved to varying degrees and are liable to participate in the implementation of continuity solutions. These solutions are derived from previously identified loss scenarios and their validity is ensured by a recurrent test policy involving the active participation of the group's employees, by regular controls, and by a periodic review of continuity requirements, available resources, and related procedures.

Other regulations

Article L221-5 of the French Monetary and Financial Code requires that financial institutions distributing Livret A and Sustainable Development passbook savings accounts to publish an annual report specifying how the funds deposited on these savings accounts (and not centralized at the Caisse des Dépôts) are used. This report, which may be downloaded below, demonstrates compliance by the financial institutions belonging to Groupe BPCE with the regulatory obligations for the re-use of decentralized funds deposited on the Livret A and Sustainable Development passbook savings accounts.