INTERNAL CONTROL AND RISK MANAGEMENT
The Internal Control and Risk Management System is the set of rules, procedures and organisational structures aimed at an effective and efficient identification, measurement, management and monitoring of the main risks, in order to ensure the reliability and integrity of the accounting and management information, to ensure compliance with regulations and risk management and to contribute to the sustainable success of the Company.
- Board of Directors
- Control, Risk and Sustainability Committee
- Board of Statutory Auditors
- Supervisory Body
- Financial Reporting Officer
- Head of Internal Audit
- Heads of corporate functions:
Chief Executive Officer, Chief Financial Officer, Chief Commercial Officer, Chief Lending Officer, Chief Operating Officer, Chief Information Officer, Legal and Corporate Affairs Department, Risk Management Unit and AML-Compliance Unit.
The Board of Directors defines the guidelines of the internal control and risk management system in line with the strategic policies and risk appetite. It thus ensures that the main risks are correctly identified, measured, managed and monitored, also taking into account their evolution; it undertakes the assessments and decisions relating to the internal control and risk management system. It appoints the heads of the control units, approves their activity plans and receives periodic reporting; it approves the Risk Appetite Framework (RAF) annually, in line with the timescales of the budget process and the definition of the strategic plan, to ensure that the business develops within the desired risk profile.
The Control, Risk and Sustainability Committee carries out investigative and advisory functions for the benefit of the Board of Directors on risks and the internal control system.
The Board of Statutory Auditors supervises the risk management and control system as defined by the RAF and the internal control system, assessing the effectiveness of all the structures and units involved as well as their coordination.
The Control, Risk and Sustainability Committee carries out investigative and advisory functions for the benefit of the Board of Directors on risks and the internal control system.
The Board of Statutory Auditors supervises the risk management and control system as defined by the RAF and the internal control system, assessing the effectiveness of all the structures and units involved as well as their coordination.
The responsibility for the adequacy of Generalfinance's internal control and risk management system lies with top management who are called upon to prepare measures aimed at ensuring and maintaining an effective and efficient internal control system on an ongoing basis, through an understanding of all the business risks and, as part of an integrated management, of their reciprocal interrelationships.
- Risk control unit, placed under the Risk Management Office, reporting directly to the body with management functions (Chief Executive Officer), with direct access to the Board of Directors through periodic information flows.
It ensures the constant control of the overall exposure of the Company and of each unit to credit, financial, liquidity, operational and other major risks, in compliance with the limits established by internal and supervisory regulations.
- Anti-money laundering-compliance unit, placed under the AML-Compliance Office, reporting directly to the body with management functions (Chief Executive Officer), with direct access to the Board of Directors through periodic information flows. It oversees regulatory and reputational risks and verifies, specifically, that internal procedures are consistent with the objective of preventing the violation of laws and regulations applicable to the Company. The AML-Compliance Office proposes and verifies the adoption of procedures for the control of the risks of non- compliance linked to the provision of the services offered by Generalfinance, guaranteeing an update on the evolution of the legislative and regulatory framework.
- Internal audit unit, placed under the Internal Audit Office, an organisational unit with specific responsibility for internal audit, which reports directly to the Board of Directors. It carries out its activities with the aim of verifying the due performance of operations and the evolution of corporate risks, assessing the completeness, adequacy, functionality and reliability of the organisational structure and the other components of the internal control system, and providing consulting to the internal units.
The Head of the Internal Audit Office participates in the meetings of the Control, Risk and Sustainability Committee to which it provides support in relation to matters pertaining to the internal audit unit.
Antonio Guerra
Risk Manager
Tommaso Tovaglieri
AML - Compliance Manager
John Frederick Tschuor
Internal Audit Manager
Risk Manager
Tommaso Tovaglieri
AML - Compliance Manager
John Frederick Tschuor
Internal Audit Manager
The managers of the individual operating areas are responsible for ensuring the correct identification, assessment, management and monitoring of the risks related to the activities carried out and for implementing adequate first-level control measures.