Strategic Shareholder Climate and Risk Financial Financial Barclays PLC 294 report information sustainability report Governance review review statements Annual Report 2022 Principal risk management (continued) compliance with Group Resolution first and second lines of defence with clear this by operating two processes, which Planning Prudential regulatory escalation and reporting lines to the Board. together form our product design and requirements. The Barclays Group and Barclays Bank review risk framework. Group Risk Committee and the Barclays We have a process that supports the Connected risks Bank UK Group Risk Committee are the Group in the approval and implementation Barclays also recognises that there are primary second line governance of New and Amended Products and certain threats/risk drivers which are committees for the oversight of the Approval process (known as the NAPA interconnected and have the potential to Conduct Risk Profile. The risk committees’ Process, set out in the Barclays NAPA impact the Group’s strategic objectives. responsibilities include the identification Policy and Standards). These are referred to as Connected Risks and discussion of any emerging conduct This process outlines the requirements and require an overarching and integrated risks exposures in their respective entities. and risk assessment standards that must risk management and/or reporting Conduct be met to help ensure that new and approach. The Group’s Connected Risks amended products and services are include Cyber, Data, Resilience and Third- By effectively managing Conduct risks, we appropriately designed prior to their Party Service Providers. can continue to strengthen the culture of launch. Barclays. For definitions of the Group’s Operational Risk + Categories and connected risks, refer to the In addition we have a complementary Culture and conduct management of operational risk section in the Barclays process that reviews the existing portfolio PLC Pillar 3 Report 2022. We believe the stronger our culture, the of products and services throughout their better the choices our people will make; Conduct Risk management lifecycle (known as the Product Review and the stronger our business will be for all Process, set out in the Barclays Product The risk of poor outcomes for, or harm to, our stakeholders. While our culture helps Review Policy and Standard). This process customers, clients and markets, arising us reduce the impact of poor conduct on considers information about the from the delivery of the Group’s products our customers, we also do not intend to performance and operation of the product and services. repeat the errors of the past. or service through a conduct lens. Overview Our most senior leaders spend significant Wherever a product or service is found to The Group defines, manages and time setting the right tone at Barclays and be outside appetite, the product or service mitigates conduct risk with the objective of our Purpose and Values are now deeply owner must seek to ensure actions are providing good customer and client embedded in their messages. The Barclays taken to address it. These actions are outcomes and protecting market integrity. Way sets out the standards and behaviour validated by functional areas, including all employees must demonstrate and Conduct risk incorporates market Legal and Compliance. guides the execution of our business. We integrity, customer protection, financial Areas of Barclays that undertake also strengthen our culture with clear and crime and product design and review risks. Investment activity also operate additional effective controls. We continue investing Organisation, roles and responsibilities product governance processes and to enhance our controls to support our The Conduct Risk Management controls, reflecting the higher risk of these commitment to conducting all activities Framework (CRMF) outlines how the more complex products and the with integrity. Group manages and measures its conduct importance of products and services For details of the Board's role in embedding our risk profile. The Group Chief Compliance meeting the needs of our Clients. + Culture, Purpose, Values and Mindset, please refer to Officer is accountable for developing, page 154 of the Directors' Report. The BPLC, BBPLC and BBUKPLC Board Risk maintaining and overseeing the CRMF. + Committees review, on behalf of their respective Boards, the management of Conduct risk and the The Barclays Mindset This includes defining and owning the Conduct risk profile for their respective entities. relevant conduct risk policies which detail Our Mindset acts as an operating manual Please refer to the report of the BPLC Board Risk the control objectives, principles and other for how to get things done at Barclays. It Committee on pages 179 and 184 and the reports of core requirements for the activities of the the BBPLC and BBUKPLC Board Risk Committees focuses on three key elements that are within the BBPLC and BBUKPLC 2022 Annual Reports Group. It is the responsibility of the first line core to our success – Empower, Challenge available at home.barclays/investor-relations/reports- of defence to establish controls to manage and-events/annual-reports/ for more information. and Drive. Our research shows that when its performance and assess conformance we demonstrate behaviours aligned to to these policies and controls. Customer communications these three elements, outcomes are better, colleagues are more engaged and Senior managers are accountable within It is important that our engagement with they are more likely to stay longer to build their areas of responsibility for owning and our customers is open and honest and that their career at Barclays. managing conduct risk in accordance with we treat them fairly to avoid foreseeable the CRMF, as defined within their harm and to make sure they are not For further details, see page 31 in the Strategic + Report for more information on the Barclays regulatory Statement of Responsibilities. exploited or misled. Barclays continues to Mindset. take steps to ensure that our customers’ Compliance as an independent second line needs and priorities are understood before function oversees that conduct risks are Managing Conduct risks making recommendations and that the effectively identified, managed, monitored See page 184 in the Directors' report in addition to pages , 279 and 368 in the risk review section for more information communications we provide allow and escalated, and has a key role in helping on how the Group defines, manages and mitigates Conduct informed decisions to be made. We work Barclays achieve the right conduct risks. to achieve this through a number of outcomes and evolve a conduct-focused Product design and review risk controls which focus on ensuring our culture. It is important that the design of our customers receive clear information in The governance of conduct risk within the products and services meets the needs of order to understand the risks and benefits Group is fulfilled through management clients, customers, markets as well as of the products we offer. For example: committees and forums operated by the being aligned with Barclays' policies. We do

Barclays PLC - Annual Report - 2022 - Page 296 Barclays PLC - Annual Report - 2022 Page 295 Page 297