The consistent split of duties and tasks in the PZU Group and in individual subsidiaries of the PZU Group’s financial sector is based on four decision-making levels.
The first three are:
- The Supervisory Board, which supervises the risk management process and assesses its adequacy and effectiveness as part of its decision-making powers defined in each company’s Articles of Association and the Supervisory Board bylaws;
- the Management Board, which organizes the risk management system and ensures that it is operational, by adopting strategies and policies and setting the risk appetite, defining the risk profile and tolerance for individual categories of risk;
- committees, which make decisions to mitigate individual risks to a level determined by the risk appetite. The committees adopt the procedures and methodologies for mitigating the individual risks and accept individual risk limits.
The fourth decision-making level pertains to operational measures and is divided into three lines of defense:
- the first line of defense – entails ongoing risk management at the entities’ business unit and organizational unit level and decision-making as part of the risk management process, also within the framework of the prevailing limits;
- the second line of defense includes risk management by specialized cells responsible for risk identification, measurement, monitoring and reporting and controlling the limits;
- the third line of defense – entails internal audit that conducts independent audits of the elements of the risk management system as well as control activities embedded in the Group’s operations.
The Actuarial, Operational and Model Committee was established at the level of the PZU Group in 2022. A committee focused on such risks will facilitate developing the PZU Group’s risk management system and ensure accurate and timely flow of information on operational, actuarial and model risks, which beforehand were addressed at meetings of the PZU Group’s Risk Committee.
In the risk management process in banks (Pekao and Alior Bank), an active role is played by Management Board, Supervisory Boards and special committees dealing with credit, financial and operating risk as well as asset and liability management.
The Supervisory Boards oversee the risk management process and set out a relevant strategy each year. The Management Boards are responsible, among others, for accepting policies and guidelines related to risk management and setting detailed limits for mitigating the banks’ risks, as well as providing a proper mechanism to control them.
Special committees exercise ongoing control over the bank’s risk management, which includes decisions about the accepted level of credit risk for single transactions, recommendations of portfolio limits for credit risk to the Management Board, supervision of liquidity risk level, market risk limits and the allowed level of operational risk. In addition, they monitor the risk appetite and capital adequacy levels.