Role of business functions

Risk Management

The Chief Risk Officer oversees control activities as the risk management Function by identifying the risks to which the company is exposed and ensuring their constant monitoring in terms of both periodic monitoring and governance, planning any mitigation actions for relevant risks. AMCO defines the risk governance and management structure in its Risk Policy, while the Risk Framework defines the type and level of risks the company is willing to accept to achieve its strategic objectives.

Compliance and Anti-Money Laundering

The Compliance and AML Department is responsible for managing the risk of noncompliance, which is the “risk of incurring judicial or administrative sanctions, significant financial losses, or reputational damage as a result of violations of mandatory (laws, regulations) or self-regulatory rules (e.g., articles of associations, codes of conduct, self-regulatory codes).”

The Head of the Department also holds the role of Data Protection Officer (“DPO”) under the General Data Protection Regulation 679/2016.

In relation to Anti-Money Laundering, the Department defines and oversees operational processes for preventing and combating money laundering of illicit origin and the financing of terrorism. Among its main responsibilities, as a second-level control function, the Department assesses risk profiles, oversees and monitors customer due diligence processes, and monitors relationships and transactions to prevent and report suspicious transactions to the Financial Intelligence Unit (“FIU”) established at the Bank of Italy, in the spirit of active collaboration required by the standard.

The Officer is also assigned the role of Suspicious Transaction Reporting Officer.

Internal Audit

The Internal Audit Department, with the role of internal audit function, ensures constant, independent and objective evaluation of the overall Internal Control System, pursuing the improvement of the organisation’s effectiveness and efficiency.

In particular, it periodically verifies, with a view to third-level controls, the regular performance of the company’s operations and the evolution of risks as well as assesses the completeness, adequacy, functionality and reliability of the organisational structure, the risk management process and other components of the Internal Control System, bringing to the attention of the Corporate Bodies the results of the activity carried out and possible improvements. The Head of the Internal Audit Department also serves as the Head of Corruption Prevention.