Strategic Shareholder Climate and Risk Financial Financial Barclays PLC 56 report information sustainability report Governance review review statements Annual Report 2022 Managing risk The second line of defence is made up of Risk and Compliance and oversees the first line by Prudently managing risk setting limits, rules and constraints on their To support the Group’s operations, consistent with the risk appetite. The third line of defence is comprised of Internal for stakeholders ambition to be a net zero Audit, providing independent assurance to the bank by 2050, Climate risk Board and Executive Committee on the Barclays is exposed to internal and external risks as effectiveness of governance, risk management became a Principal Risk at part of its ongoing activities. These risks are managed and control over current, systemic and evolving risks. the start of 2022. as part of our business model. The Legal function provides support to all areas of the business and is not formally part of any of Enterprise Risk Management Risk appetite the three lines of defence, The Legal function is During 2022, Barclays ran a stress test to assess Framework (ERMF) responsible for the identification of all legal and Risk appetite defines the level of risk we are its capital adequacy and resilience under a severe regulatory risks. Except in relation to the legal prepared to accept across the different risk At Barclays, risks are identified and overseen in but plausible macroeconomic scenario. The advice it provides or procures, it is subject to types, taking into consideration varying levels of accordance with the ERMF, which supports the internal stress test was informed by the Bank of second line oversight with respect to its own financial and operational stress. Risk appetite is business in its aim to embed effective risk England 2022 regulatory stress test featuring operational and conduct risks, as well as with key to our decision-making processes, including management and a strong risk management high and persistent inflation, rising global interest respect to the legal and regulatory risks to which ongoing business planning and setting of culture. rates, a severe UK recession brought by falling the Group is exposed. strategy, new product approvals and business household real incomes, job losses leading to a The ERMF governs the way in which Barclays change initiatives. high unemployment rate, energy and cost of Monitoring the risk profile identifies and manages its risks. The Group sets its risk appetite in terms of goods shocks, increasing corporate defaults, and Together with a strong governance process, The management of risk is then embedded into performance metrics as well as a set of mandate severe house and real estate price shocks. For using business and Group level Risk Committees each level of the business, with all colleagues and scale limits to monitor risks (i.e. to ensure further details of the stress test, please refer to as well as Board level forums, the Board receives being responsible for identifying and controlling business activities are aligned with expectations page 59. regular information in respect of the risk profile of risk. and are of an appropriate scale relative to the risk the Group, and has ultimate responsibility for We believe that our structure and governance Given the increasing risks associated with climate and reward of the underlying activities). During Group risk appetite and capital plans. Information supports us in managing risk in the changing change, and to support the Group’s ambition to 2022, the Group’s performance remained within received includes measures of risk profile against economic, political and market environments. be a net zero bank by 2050, Climate risk became its risk appetite limits. risk appetite as well as the identification of new For further detailed analysis of approach to risk a Principal Risk at the start of 2022. + management and risk performance, please see our full Risk and emerging risks, which are derived by Three lines of defence review on pages 266 to 377 of Part 3 of the Annual Report mapping risk drivers, identified through horizon The first line of defence is comprised of the scanning, to risk themes, and similar analysis. revenue-generating and client-facing areas, along with all associated support functions, including Finance, Treasury, Human Resources and Operations and Technology. The first line identifies the risks, sets the controls and escalates risk events to the second line of defence. Employees in the first line have primary responsibility for their risks and their activities are subject to oversight from the relevant parts of the second and third lines.