Strategic Shareholder Climate and Risk Financial Financial Barclays PLC 295 report information sustainability report Governance review review statements Annual Report 2022 Principal risk management (continued) • communications are sufficient, targeted legislative action, loss of existing and identification of legal risks by legal and distributed to recipients whom potential client business, reduced professionals, engagement of legal professionals in situations that have the Barclays knows or reasonably believes workforce morale and difficulties in may stand to benefit from the recruiting talent. Ultimately it may destroy potential for legal risk, and escalation of communication, and are communicated shareholder value. legal risk as necessary. Notwithstanding in a manner and style that will be these mitigating actions, the Group Organisation, roles and responsibilities understood by the average recipient (or operates with a level of residual legal risk, Barclays PLC Board is the most senior for which the Group has limited tolerance. likely recipient), body responsible for reviewing and • communications are withdrawn from Organisation, roles and responsibilities monitoring the effectiveness of the further circulation when they are no Group’s management of reputation risk. The Group's businesses and functions longer accurate or fit for purpose, and have responsibility for identifying and The Group Chief Compliance Officer is escalating to the Legal Function legal risk in • customers do not receive inadequate accountable for developing a Reputation their area, as well as responsibility for advice, misleading information, Risk Management Framework (RRMF), and adherence to control requirements. unsuitable products or unacceptable the Group Head of Public Policy and service. Corporate Responsibility is responsible for The Legal Function organisation and coverage model aligns legal expertise to developing a reputation risk policy and Our processes include a review of relevant associated standards, including tolerances businesses, functions, products, activities communications which are supported by against which data is monitored, reported and geographic locations so that the the Compliance, Privacy and Legal on and escalated, as required. The RRMF Group receives legal advice and support functions to help ensure we meet both sets out what is required to manage from appropriate legal professionals, internal customer engagement standards working in partnership proactively to reputation risk across the Group. and we are compliant with external identify, manage and escalate legal risks as The primary responsibility for identifying regulations. Furthermore annual necessary. and managing reputation risk and mandatory training is completed by adherence to the control requirements The senior management of the Legal marketing colleagues. The training covers sits with the business and support Function oversees, challenges and key customer and brand standards along monitors the legal risk profile and functions where the risk arises. with the role and key policies set by effectiveness of the legal risk control external regulators e.g. regulatory Barclays Bank Group and Barclays Bank UK environment across the Group. The Legal requirements may require Group are required to operate within Function does not sit in any of the three communications to be provided that are established reputation risk appetite, and lines of defence but supports them all. accessible to customers, or provide their component businesses prepare Except in relation to the legal advice it customers with the option to 'opt out'. reports highlighting their most significant provides or procures, the Legal Function is current and potential reputation risks and Remediation and redress subject to oversight from the second line issues and how they are being managed. Barclays recognises that customer of defence. These reports are a key internal source of detriment may occur as a result of our information for the quarterly reputation The Group General Counsel is responsible error, actions or inactions, and that we risk reports which are prepared for for developing and maintaining a Group- must undertake appropriate activity Barclays Group ExCo and reviewed by the wide legal risk management framework. designed to ensure our customers are put Group Board twice-yearly. This includes defining the relevant legal risk back in the position they would have been policies, developing Group-wide risk The Group Reputation Risk Committee is a in had the issue not occurred. appetite for legal risk, and oversight of the sub-committee of the Group Executive Remediation can be proactive, where we implementation of controls to manage and Committee, authorised to manage have identified the issue ourselves (for escalate legal risk. material reputation risks and issues as they example through identifying a pattern in are brought to the attention of the The legal risk profile and control customer complaints), or reactive, where committee via relevant reputation risk environment is reviewed by management identified by a third party such as a assessment and escalation processes. through business risk committees and regulator of Barclays. control committees. The Group Risk Legal Risk management Where it is appropriate, Barclays works to Committee is the most senior executive The risk of loss or imposition of penalties, ensure the operation of consistent body responsible for reviewing and damages or fines from the failure of the principles for remediation which includes monitoring the effectiveness of risk Group to meet its legal obligations, timely notification to the relevant management across the Group. Escalation including regulatory or contractual regulatory bodies. paths from this committee exist to the requirements. Barclays PLC Board Risk Committee. Reputation Risk management Overview The risk that an action, transaction, The Group has no tolerance for wilful investment, event, decision, or business breaches of laws, regulations or other legal relationship will reduce trust in the Group’s obligations. However, the multitude of laws integrity and/or competence. and regulations across the globe are highly Overview dynamic and their application to particular A reduction of trust in the Group’s integrity circumstances is often unclear. This and competence may reduce the results in a high level of inherent legal risk attractiveness of the Group to which the Group seeks to mitigate through stakeholders and could lead to negative the operation of a Group-wide legal risk publicity, loss of revenue, regulatory or management framework, which requires