The entire Compliance system (organisation, procedures, training initiatives) creates an environment that is conducive to strengthening the Group's Control system. Nevertheless, should the preventive measures fail, any malfunction that arises should be:
- detected and analysed as soon as possible;
- brought to the attention of line managers, governance bodies and the appropriate compliance functions within each business line;
- monitored and rectified, with its causes being eliminated.
By using the reporting process, which is outlined in a special procedure updated in 2012, to centralise malfunctions, Crédit Agricole S.A.’s exposure to compliance risk can be assessed at the highest level. As soon as an employee observes or has reason to suspect a Compliance malfunction, they should notify their line manager, who in turn will inform the Compliance function. If an employee notices an irregularity in the normal malfunction reporting process or suspects they might be pressured into creating a malfunction, they have the option of going above their line manager and alerting their entity's Compliance Officer directly. The employee retains anonymity while the alert is being processed. The Compliance Officers of each entity report on the malfunctions observed to the Group Compliance Department, which in turn presents them to the Compliance Management Committee. The Committee examines and approves remedial proposals and action plans.