Bank Millennium manages financial, operational and social risk chiefly by taking into account the safety of client funds. Every year it evaluates the significance of the types of risk identified, it drafts the relevant management procedures and it sets up capital buffers if required. The risk management process in the Bank and the Bank’s Group is uniform to a high degree and it may be treated as a common system applicable to the overall Group.
The operational risk management structure defines individual management levels and the scopes of their duties and responsibilities. The owners of business and supporting processes play a crucial role in the Group’s daily activity. Process owners are best fit to identify and curtail the threats that occur as the first line of defense based on their profound process knowledge. The second line of defense is the level of specialized entities that deal with the organization of management processes and the control of an acceptable level of risk, with special emphasis on the following areas: compliance, countering abuse, employee issues, safety and ensuring business continuity, insurance and subcontracting. The third line of defense is the independent internal audit unit.
The Bank’s Management Board designs and introduces a risk management system and monitors its operation. The Bank’s Supervisory Board oversees the implemented system and assesses its adequacy and effectiveness at least once a year. [GRI 102-11, 102-30, 103-2 103-3]