Operational risk

In order to grant a complete analysis of company risks, the Generali Group has defined and monitored the risk of loss arising from inadequate or failed internal processes, personnel or systems, or from external events.

The management of operational risks is essentially the responsibility of each business unit. These units are asked to draw up operational plans aligned with the targets set by the Parent Company and to identify and implement all actions to mitigate any risk which could potentially jeopardize it. The overall assessment of these risks and the consistency of the various mitigating actions are guaranteed by the Group Risk Management department.

The Parent Company has set some common principles for this kind of risks:

  • policies and basic requirements to handle specific risks-ources;
  • a detailed operational risk classification and standard criteria to be applied to the whole Group in order to identify and evaluate operational risks within business processes;
  • criteria to evaluate operational risks and to collect major loss events;
  • common methodologies and principles guiding the internal audit activities, set by the Group Internal Audit department, in order to identify the most relevant processes to audit.

Operational risk also includes the following risks:

  • financial reporting risk, defined as the risk of a transaction error which could entail an untrue and incorrect representation of the situation of the assets, liabilities, profit or loss in the Company’s financial statements, in the yearly and half-yearly consolidated financial statements and in any other financial release;
  • A model coherent with international frameworks (COSO, COBIT) has been defined to manage the financial reporting risk; the Manager charged with the preparation of the company’s financial reports of the Parent Company defines, with the support of the Group Financial Reporting Risk unit, its operational and organizational aspects in application of the powers and means provided for by Law 262 of 28 December 2005;
  • compliance risk, defined as the risk of legal or regulatory sanctions, material financial loss or loss to reputation the Company may suffer as a result of not complying withlaws, regulations and administrative provisions applicableto its activities.

The Group has introduced a “Group Compliance Policy” which sets out principles and provides guidelines for carrying out the
compliance activities and provides, as part of the management and coordination activities of the Parent Company, that the
compliance functions of the Group companies establish an information flow between them and the Parent Company.
For further information please see the Corporate Governance Report.



Assicurazioni Generali S.p.A. - C.F. e P.IVA 00079760328