Strategic Shareholder Climate and Risk Financial Financial Barclays PLC 184 report information sustainability report Governance review review statements Annual Report 2022 Directors’ report: Board Risk Committee report (continued) Areas of focus Matters addressed Role of Committee Conclusion/action taken The Committee approved and recommended to the The Group’s operational • To track operational risk key Operational risk risk capital requirements indicators. Board the 2022 Operational Risk Appetite Statement. and operational and any material changes • To consider specific areas of resilience The Committee received regular reporting on key to the Group’s operational operational risks, including fraud, operational risk indicators and was briefed by i.e. the risk of loss risk profile and conduct risk, cyber risk, execution management on a number of operational risks topics, performance of specific arising from risk, technology and data, including including those relating to third party risk management, operational risks against inadequate or the controls that had been put in hybrid working, fraud, erroneous payments, agreed risk appetite. place for managing and avoiding failed processes cybersecurity and the use of cloud platforms and the risk such risks. and systems, associated with new business activities. • To review Barclays’ approach to human factors or The Committee continued to monitor the review of the scenario analyses as a risk due to external processes for new and amended product approvals management tool. events within the Group. • To consider the operational The Committee also considered operational resilience, resilience tolerance statement and including approving a new operational resilience review status against it. tolerance statement. The Committee received updates on cyber resilience and reviewed the results of, and recommended the outcome of, the PRA cyber stress test to the Board for its approval. The Committee also considered the analysis of a severe and prolonged ransomware cyber-attack scenario and, consequently, the importance of the ongoing Operational resilience work. Model risk governance. ▪ To evaluate the appropriateness of The Committee reviewed and discussed regular updates Model risk the Model risk management on Model risk including the ongoing validation of the i.e. the potential framework and monitor progress on Group’s models and whether model assumptions for adverse the implementation of an enhanced needed to be updated given the rapidly changing consequences modelling framework, including economic climate. receiving updates on findings in from decisions Through quarterly updates, the Committee monitored relation to specific modelling based on incorrect improvements to the Model risk management processes. or misused model framework, including the introduction of a Model outputs and Strategy and Oversight function to steer the approach to model development across the Group. reports Conduct robust reviews • To receive updates from During 2022, the Committee was provided with regular Conduct risk of any current and management on Conduct risk and updates on Conduct risk, and assessments of potential i.e. the risk of poor emerging risks arising consider performance against key risks to the Group following market events. The outcomes to from the delivery of Conduct risk indicators and the Committee also received updates on lessons learned customers, clients Barclays' products and status of initiatives in place to reviews undertaken in response to industry services. address those risks to further developments and events, and continued to monitor and markets, strengthen the culture of the ongoing remediation activities. arising from the business. delivery of the The Committee considered the heightened risks • To review the effectiveness of the Group's products associated with the rapidly changing Russian sanctions Conduct risk framework. regime and the impact to clients and customers of and services • To review the Compliance challenging market conditions. The Committee also function’s Annual Compliance Plan. received regular updates on the management of the Group’s financial crime risk. The Committee received briefings on the Group’s implementation plans for the FCA’s new Consumer Duty and the conduct and risk culture within the Group. During the year, the Committee reviewed the Compliance function's effectiveness and performance of activities against its Compliance Plan for 2022, and towards year end approved the Annual Compliance Plan for 2023.