The role played by the different BBVA bodies in relation to the Group's Operational Risk model is described below.
6.8.1. Board of Directors
As set out in article 17 of its Regulations, its powers include approving the risk control and management policy and regularly monitoring the internal information and control systems. This is therefore the body that sets and establishes the Group's general profile and risk positioning, defining top-level general policies on this matter.
6.8.2. Executive Committee
The Executive Committee, under a delegation powers from the Board of Directors, is responsible for developing the corporate policies based on the general policies established by that body, and also monitors the Group's risks on a regular basis to check that they are in line with those corporate policies.
6.8.3. Risk Committee
As set out in the Risk Committee Regulations, this body analyzes and assesses the proposals on the Group's risk strategy and corporate policies and submits them to the Executive Committee for approval. It is also responsible for ensuring that the risks assumed match the established profile and for supervising compliance with the general policies set by the Board of Directors and the corporate policies developed by the Executive Committee.
6.8.4. Global Risk Management Committee
The Global Risk Management Committee (GRMC), as BBVA Group's top executive body with respect to risks, develops the necessary strategies, policies, procedures and infrastructures for identifying, assessing, measuring and managing the material risks facing BBVA Group.
6.8.5. Area ORM Committee
The Area Operational Risk Management Committee ensures that OR is managed in accordance with this policy and is the vehicle for mitigating OR in its field. The meetings are held at least quarterly. The Committee is chaired by the Area's Director, and the Operational Risk Manager (ORM) acts as Secretary. Other members responsible for the Area and the Country's Control Specialists attend the meetings. The Committee's meetings are documented in minutes in accordance with a predefined content and its responsibilities are as follows:
- To endorse the Target Risk proposal put forward by the ORM for submission to and authorization by the Area's Director.
- To ensure proper implementation and maintenance of the OR tools in the Area.
- To address the relevant aspects of the OR model.
- For the model's risk factors with a gap between the residual risk and the target risk, to take mitigation decisions in accordance with the framework proposed by the Specialists and reflect them in action plans detailing the measures to be taken, the area responsible for undertaking them and the implementation schedule.
- To monitor the mitigation plans.
- To address any matter related to OR at the proposal of the Specialists.
6.8.6. Corporate Assurance
Aside from the above, the Group has designed a system called Corporate Assurance that constitutes one of the components of the Group's Internal Control model and seeks to identify and prioritize the most relevant control weaknesses at Group and country level. To this end, Corporate Assurance establishes a governance scheme through a structure of committees, at both local and corporate level, to enable the smooth flow of information and support from Management to the business areas. This forum can be used by the specialists to raise any issues they deem appropriate so as to collateral an adequate control environment in the businesses.