Risk management continued and the investigation of possibilities for increasing the under supervision of the Bank’s General Counsel, effectiveness of the Bank’s legal documentation and its who directly reports to the Bank’s CEO. The Finance implementation in the Bank’s daily activities. The Legal department and the Treasury department report to the department is also responsible for providing legal support Bank’s Deputy CEO, Chief Financial Officer. The AML to structural units of the Bank and/or its subsidiaries. and Compliance department reports to the Bank’s Deputy CEO, Operations. Anti-Money Laundering (AML) and Compliance. The Bank’s AML and Compliance department is The Quantitative Risk Management and Risk Analytics responsible for the implementation of the Bank’s department, in coordination with the Treasury, AML programme (including the development of AML implements the Bank’s market risk policies by ensuring policies and procedures, transaction monitoring and compliance with established open currency position limits, reporting, and employee training) throughout the Bank counterparty limits, VAR limits on possible losses and and its subsidiaries. The AML programme is based the interest rate policy set by the ALCO. on recommendations, directives and requirements of international organisations, including FATF/Basel, the The Treasury department manages foreign currency European Parliament, and the US Department of the exchange, money market, securities portfolio and Treasury on sanctions programmes, as well as local derivatives operations and monitors compliance with the regulations. The Bank’s Internal Audit department limits set by the ALCO for these operations. The Treasury makes annual assessments of the Bank’s AML systems department is also responsible for management of and controls, and provides independent assurance short-term liquidity and treasury cash flow and monitors of internal controls. the volumes of cash in the Bank’s ATMs and at its service centres. The Bank has adopted a risk-based approach towards ML/FT risks, including a general anti-money laundering The Credit Risk department manages credit risks with policy, customer acceptance policy and financial sanctions respect to particular borrowers and assesses overall loan compliance policy. The Bank’s risk-based approach means portfolio risks. It is responsible for ensuring compliance that it applies enhanced due diligence towards ML/FT with the Bank’s Credit Policies and management of the risks, it determines high-risk categories of products, quality of the Bank’s loan portfolio. customers, services and jurisdictions. The Portfolio Risk Management department manages The Bank is obliged to notify the Financial Monitoring and assesses credit risk with respect to the overall loan Service of Georgia of all transactions that are subject portfolio and is responsible for providing recommendations to monitoring in accordance with Georgian legislation. on the improvement of loan portfolio quality to minimise These reports are currently filed in electronic form in an credit losses. It develops the Bank’s portfolio quality offline mode by the AML and Compliance department. control models/methods and ensures compliance with The reporting process is fully automated and is supported the Bank’s Credit Policies and established limits. by a special software application. Furthermore, the Bank operates special AML software, which meets industry The Operational Risk Management department identifies requirements. The programme allows fully-automated and assesses operational risk within the Bank’s processes monitoring of all transactions against every sanctions and operations. It also detects critical risk areas or groups list, as well as debarred and banned individuals and of operations with an increased risk level and develops organisations, as identified by OFAC, the EU, the UN and internal control procedures to address these risks, through other similar bodies. In pursuance of identifying suspicious (among other things) business-process redesign schemes, transactions the Bank’s AML and Compliance department including document circulation, information streams, has implemented a centralised solution that links distribution of functions, permissions and responsibility. transactions, accounts and customers so that the Bank can see the enterprise-wide risk associated with each customer. The Legal department monitors all changes in relevant laws and regulations, and ensures that those changes are Bodies implementing the risk properly reflected in the Bank’s procedures, instructions, management system manuals, templates and other relevant documentation. The Bank’s risk management system is implemented It also disseminates information on legislative changes by the Bank’s Credit Risk department, Quantitative to all relevant departments within the Bank. The Legal Risk Management and Risk Analytics department, department participates in drafting laws and regulatory Treasury, Operational Risk Management, Legal, AML documents upon request of legislators and regulators, and Compliance and Security departments, Finance certain associations and other professional bodies. department and other departments. The Credit Risk, The Tax Reporting and Tax Risks Management unit Quantitative Risk Management and Risk Analytics, focuses on the Bank’s relationship with the tax authorities, Portfolio Risk Management and Operational Risk provides practical advice and monitors tax compliance Management departments report to the Bank’s Deputy across the Group. CEO, Chief Risk Officer and the Legal department is 54 Annual Report 2018Bank of Georgia Group PLC