At BES Group, the risk function is organised in such a way as to cover the credit, market, liquidity, interest rate, exchange rate, operational, and compliance risks.

The Risk Committee

The Risk Committee is responsible for monitoring BES Croup’s integrated risk profile, and for analysing and proposing methodologies, policies, procedures and instruments to deal with all types of risk to which BES is subject, namely credit, operational and market risk, liquidity risk and interest rate risk. This Committee also analysis te evolution of risk adjusted return and the value added by the main segments/clients. The Risk Committee holds monthly meetings, which are attended by the
Chairman of the Executive Committee.

The Global Risk Department (GRD)

The Global Risk Department (GRD) centralises BES Group’s risk function, having as main responsibilities to:

• identify, assess and control the different types of risk assumed, thus managing the Group’s overall risk exposure;
• implement the risk policies outlined by the Executive Committee, while harmonising principles, concepts and methodologies across all the Group’s units;
• contribute towards the achievement of BES Group’s value creation objectives, by fine-tuning tools to support the structuring and pricing of operations, and by developing internal techniques for performance assessment and for optimising the capital position.

The Credit Risk Monitoring Committee (CARC)

The Credit Risk Monitoring Committee (CARC) has the following main objectives:

• to analyse and assess clients whose creditworthiness shows signs of deteriorating, based on:
  - the client’s economic and financial profile;
  - type of credit exposure;
  - nature and value of the guarantees received, paying attention to the dates when the assets provided as security were evaluated and the entities which carried out these evaluations;
  - warning signals detected in the behavioural profile of clients in their relations with the Bank and with the financial system in general;
• to define strategic options in commercial relations and the level of active vigilance required by the profile and specific circumstances of each of the entities/groups under analysis;
• to analyse and validate the credit impairment levels established for the group of entities in question, in accordance with predetermined objective criteria.

The compliance Department

The compliance Department reports functionally to the Audit Committee, regardless of its hierarchical relationship with the Executive Committee. It ensures the day-to-day management of compliance activities, which include:

• advising the Board of Directors on compliance with legal, regulatory, ethical and conduct obligations to which BES is subject;
• implementing policies and procedures for the prevention and detection of money laundering and terrorism financing;
• ensuring the monitoring and maintenance of Bank’s internal control system, reporting internal and to the Bank of Portugal on the respective results;
• verifying compliance with regard to financial intermediation activities registered with the CMVM, under the terms set forth in the Securities Code;
• within the scope of its powers, ensuring and promoting the relations with Legal and Police authorities, with the Bank of Portugal, the CMVM and other supervision authorities;
• monitoring the implementation of the Code of Conduct of BES Group employees.

The Internet Audit Department

The Internet Audit Department reports functionally to the Audit Committee, regardless of its hierarchical relationship with the Executive Committee. It is responsible for assessing the effectiveness and adequacy of risk management, internal control and governance process in the companies of BES Group, with the objective of reducing risk conditions.

Its responsibilities include:

• analysing operational and business process, assessing the effectiveness of the respective risk management and controls, as well as compliance with applicable legal/regulatory provisions and internal regulations;
• cooperating with all the bodies of BES Group viewing the implementation and correct application of policies established at senior management level, particularly with regard to the understanding and application of internal control procedures:
• checking and assessing the protection and safety of monetary, dematerialised or documentary assets that are the property of the BES Group or were entrusted to it for safeguarding;
• within the scope of its powers, ensuring and promoting the relations with Legal and Police authorities, with the Bank of Portugal, the CMVM and other supervision authorities, also addressing requests from other public and private institution;
• participating in the definition and preparation of regulatory texts that ensure the standardisations of prevention, control and safety procedures, and issuing and publishing communications and circular letters on matters pertaining to its specific sphere of intervention;
• ensuring the prompt correction of practices that breach regulatory texts and/or internal regulations, while making sure that the procedures adopted for the execution of operations are duly regulated.

The Governance Comittee

The Corporate Governance Committee is an internal body of the Board of Directors with advisory functions, consisting of three independent directors who are not members of the Executive Committee. The main purpose of the Committee is to reinforce the efficiency of the Board of Directors, making sure that all its decisions are based on all relevant elements and that they are not conditioned by possible conflicts of interest.

The Corporate Governance Committee has the following members:

• Isabel Maria Osório de Antas Mégre de Sousa Coutinho (Chair)
• Nuno Maria Monteiro Godinho de Matos
• José de Albuquerque Epifânio da Franca

The Corporative Governance Committee has the following responsibilities:

• monitor compliance with the guiding principles of BES Group’s corporate governance policy;
• express an opinion, at its own initiative or at he request of the Board of Directors, on national or international guidelines on corporate governance, viewing their possible integration into BES Group’s corporate governance model and/or the improvement of this model;
• draw up an annual report that contains a description of its activities during the year, as assessment of the functioning of the Company’s corporate governance structure, as well as its opinion on the Company’s internal rules and procedures of the Board of Directors vis-à-vis the established objectives;
• verify at all times that independence requirements of the Company’s corporate bodies are complied with, in accordance with the applicable legal and regulatory provisions;
• analyse the Board of Directors about any situations or events of with it is aware, that in its opinion cases of non-compliance with the established corporate governance rules and practices.

Concerning its assessment duties, the Corporate Governance Committee as the following responsibilities:

•  support and advise the Board of Directors on the filling of vacancies occurred within the Board, namely by evaluating the profile of each candidate in terms of qualifications, expertise and experience;
• examine the Board of Directors’ policy on the selection and appointment of senior officers;
• implement, in cooperation with the Company’s internal structures, a programme intended to acquaint newly appointed directors with the organisation and its activities, as well as with their responsibilities and duties as members of the Board of Directors.
• determine which areas require the upgrading of the qualifications and expertise of the Company’s directors, and make an annual proposal on the subject.

Responsibility of the Board of Directors for the Company’s Internal Control and Risk Management Systems

BES’s Board of Directors, through its Executive Committee, is responsible for establishing and maintaining an adequate and effective internal control system. This implies not only defining the system’s underlying principles and objectives, which must be incorporated into the Bank’s strategy and policies, but also making sure that they are complied with by all the employees, and that at all the times BES Group has the necessary competences and resources to conduct its activity in strict compliance with the internal control system.

The Executive Committee is also responsible for the establishment and maintenance of a solid risk management system, which, within the framework of an adequate overall control environmental, and alongside an efficient information and communication system and an effective monitoring process, guarantee the adequateness and effectiveness of BES’s internal control system. To this end, the Executive Committee defines the objective risk profile, establishing global and specific limits for exposures, thus ensuring that the limits it has established are complied with.

The Audit Committee, as BES’s supervisory body, is responsible for assessing the function of the internal control system, and particularly of the risk control, compliance and internal audit functions within this system, as well as for assessing the system’s adaptation to BES’s needs. The Audit Committee shall also issue an annual statement expressing its opinion on the adequacy and efficacy of the internal control system in light of the requirements established by Bank of Portugal Notice no. 5/2008, except with regard to the part of the system underlying the process of preparation and disclosure of the financial information, which is the subject of an opinion issued by BES’s EA/SA.

Major Risk to which the Company is Exposed in Pursuing its Business Activity

In the pursuit of its business activity BES is subject to the following major risks:

• Credit Risk
  Credit risk is the potential loss arising from the failure of a borrower or counterparty to honour is contractual obligations to the Bank.
• Market risk
  Market is the possible loss resulting from an adverse change in the value of a financial instrument due to fluctuations in interest rates, foreign exchange rates, share prices or commodity prices.
• Interest rate risk
  Interest Rate risk lies in the exposure of a bank’s financial situation to adverse movements in interest rates.
• Liquidity risk
  Liquidity risk arises from the present or future inability to pay liabilities as they mature without incurring in excessive losses.
• Operational and compliance risk
  Operational risk may be defined as the probability of there occurring events with a negative impact on earnings or capital resulting from inadequate or negligent application of internal procedures, information systems, staff behaviour, or external events. Legal risk also included in this definition.

Internal Control System

BES has in place an effective and documented internal control system which is managed by the Compliance Department. To assist it in carrying out these duties, the Compliance Department has set up a separate independent unit, the Internal Control System Management Unit (“UGSCI”).

The UGSCI is responsible for all the assessment, systematisation, monitoring and maintenance tasks required by BES’s internal management of the entire internal control system of BES Group as the guarantor of the reliability of the financial information, the protection of assets and the adequate prevention of risks.

The UGSI is also responsible for internal reporting, namely through monthly update briefings, as well as for external reporting to eh various regulatory authorities, thus ensuring the overall perspective and integrated management of the internal control system.

For the design and assessment of its internal control system, BES Group adopted COSO methodologies and principles (the COSO – Committee of Sponsoring Organizations of the Treadway Commission – was created in 1985 in the US to identify and combat the primary causes of fraudulent financial reporting, establishing for the purpose recommendations and frameworks for companies):

• the internal control culture promoted within the organisation determines the conduct and awareness of its employees;
• the organisation faces a diversity of risks which must be assessed at the level of the entity and the processes;
• the control procedures established must ensure that management directives are complied with;
• all relevant information must be obtained and reported;
• the internal control system must be supported by a monitoring process.

Money Laundering Detection and Prevention Policy

The BES Group is totally committed to opposing any practice that may involve fraud and/or that may be included in the classification of money laundering, undertaking, if this is identified within its sphere of influence, to report it to the competent authorities. Fraud and money laundering are a threat to the financial system in general and to the banking activity in particular. The BES Group is dedicated to continuing to develop prevention and internal control mechanisms which help to combat this illegal activity.

Please consult General Statement on the Anti Money Laundering Policies of BES

Conflict of Interest Prevention and Management Policy

Addresses the requirements of the Markets in Financial Instruments Directive (MiFID). The BES undertakes a number of financial intermediation activities, offering its Clients a wide range of services in this area. In performing these activities the Bank may come across a variety of situations of conflicts of interest. To address this, the Bank defined a concrete policy which aims to regulate and guide its actions in these situations.

Please consult

Global Compact

By subscribing to the Global Compact the BES Group undertakes to include the principles of the Compact in all of its activities and strategies and to drive and promote partnerships so as to support the objectives of the United Nations. The Principle 10 – Anti-Corruption highlights that businesses should work against corruption in all its forms, including extortion and bribery.

Please consult

Principles of Sustainable Development

BES defined and adopted the “Principles of Sustainable Development”, inspired and based on “United Nations' Global Compact Principles”. It is defined that an ethical behaviour and individual and professional integrity steer the development of its activities and transparency is its must.

Microcredit Code of Conduct

This Code has the main goal to share principles and rules between the various Portuguese financial institutions which make available the Microcredit lines.

Habitation Credit's Voluntary Code of Conduct

Adhering to this Voluntary Code of Conduct, BES Group adopts another way of support to the Client, reiterating an attitude of transparency and precision in the market, once this Code stipulates the information to give to Clients and/or potential Clients before the concreteness of the Credit contracts.

Another related practices followed by BES include:

• Business Continuity: A reactive management of a business entails the implementation of a “crisis government”, the definition of an internal and external communication policy capable of ensuring the reactivation of the business (processes and systems) within the time limits established, and a clear definition of roles and responsibilities. Along these lines, BES Group has been developing strategies and policies which allow to identify and measure the impact of and exposure to operating risks in the business processes, detect shifts in trends and identify new risks, while outlining strategies and plans to reduce the impact and frequency of actual or forecast losses;
• Risk Management policies: procedures and mechanisms are explained in internal regulation and are periodically revised. The Risk Management approach follows international standards (i.e. Basel principles, anti-money laundering requirements, Internal Control guidelines). The function is organized so that it will include the credit, market, liquidity, balance interest tax, exchange and operational tax risks. The definition of the Group’s risk profile is Executive Commission’s responsibility, which determines the general risk management and control principles, making sure that BES detains the necessary competences and resources to the prosecution of such objectives;
• Environmental and Social Risk: BES Group’s main social and environmental impacts, whether positive or negative, are indirect impacts arising from its financing or financial advisory activities. The Bank has been developing and fine-tuning methodologies permitting a regular analysis of the projects which it finances that have high social and environmental impacts. The assessment of environmental and social aspects is part of the process of risks assessment used by Group BES Project Finance analysts. These criteria are supported by the Equator Principles, subscripted in 2005.

Bribery

UK Bribery Act

Driven by regulatory changes, namely the UK Bribery Policy Act, BES decided in to adjust its bribery systems, including changes in bribery policy. In adherence to these ongoing efforts, and BES Group belief in carrying out business fairly, honestly and with integrity, we have established a Anti-Bribery and Corruption policy evidencing BES Group commitment to achieving the required objectives proposed by the UK Bribery Act 2010.

For demonstration of practices implemented, entities are required to adopt six principles:

1. Procedures commensurate with the risk exposure;
2. Commitment to superior hierarchy of legal entity;
3. Due Diligence;
4. Regular assessment of risk;
5. Communication (internal information, policies);
6. Monitoring and evaluation.

Please consult Anti-Bribery Policy