Societe Generale seeks a sustainable development based on a diversified and balanced banking model with a strong European foothold and a global presence targeted on a few areas of strong business expertise. Risk appetite is declined in a global strategy which fulfills the following targets: 

• ■CET 1 ratio at 13% in 2026, under Basel IV;
• ■average annual revenue growth between 0% and 2% over 2022-2026;
• ■increased operational efficiency with cost-to-income ratio below 60% in 2026;
• ■return on tangible equity (ROTE) between 9% and 10% in 2026;
• ■best standards of risk monitoring with a NCR comprised between 25 and 30 bps on 2024-2026, and a non performing loan rate between 2,5% and 3% in 2026;
• ■maintaining a robust liquidity profile with an LCR superior or equal to 130% on 2024-2026 and a NSFR superior or equal to 112% on 2024-2026.

At 31 December 2023, the indicators of the Group’s risk appetite in terms of solvency, credit risk, market risk, operational risk and structural risks were within the risk appetite levels defined by the Group. They have not reached the tolerance thresholds defined by the Board.

In 31 December 2023, the Group complies with all regulatory requirements relating to solvency.

Concerning the internal economic approach of the ICAAP, the rate of coverage of the Group's internal capital requirement by the internal capital the end of 2023 is greater than 100% and respects the risk appetite validated by the Board

As of 31 December 2023, operational risk-weighted exposures represented EUR 50.1 billion, up to 8.9% compared to the end of 2022 (EUR +4.1 billion). This evolution is mainly explained by Lease Plan integration. These weighted exposures are mainly determined using the internal model (91% of the total). 

These weighted exposures amounted to EUR 12.5 billion at the end of 2023. Capital requirements for market risk decreased in 2023. This decrease is mainly reflected in VaR and capital add-ons, partially offset by an increase in risks calculated using the standard approach:

• ■the VaR capital requirement gradually decreased in 2023, mainly due to the decrease in the multiplier factor following the steady decline in the number of backtesting breaches in a rolling year;
• ■capital add-ons decreased, mainly due to the reserve variability, which is calculated over a 3-year rolling window and which has benefited from the gradual exit of the high variation scenarios of the Reserve Policies observed in 2020 during the COVID crisis;
• ■the risks calculated in the standard approach are increasing mainly due to the risks assessed for currency positions.
• Market risk-weighted exposures are mainly determined using internal models (74% of the total at the end of 2023). 

The increase in Société Générale's LCR between the end of 2022 and the end of 2023  is mainly due to additional cash raising in bond markets, with also a slight decrease in net cash outflows.

The increase in liquidity reserve of 37 billion EUR  to 316 billion EUR at the end of 2023 is mainly explained by an increase in central bank deposits (excluding reserve requirements) and level 1 liquid assets, these increases are the result of additional surges in the various funding markets (money market and bond market). 
 

In a parallel schock scenario where the interest rates increase, the impact of the changes of EVE (economic value of equity) in 2023 is -1,821 EUR million and 621 EUR million on interest margin. On the contrary, in a parallel schock scenario where the interest rates decrease,  the impact of the changes of EVE (economic value of equity) in 2023 is -1,231 EUR million and -741 EUR million on interest margin.

(See details  of Chapter 11 "Structural Interest Rate ans Exchange Rate Risks). 

Societe Generale, ALD’s majority shareholder, finalized the acquisition of 100% of LeasePlan’s capital by its subsidiary from a consortium led by TDR Capital in May. The combination of ALD and LeasePlan, now Ayvens, two leading players in the sector, is designed to create the world leader in sustainable mobility solutions. The impact of this acquisition on the CET1 capital ratio of the Société Générale group was around 40 basis points.

In addition, the Group remains fully committed to the Vision 2025 project to review the network of Societe Generale and Crédit du Nord branches.

Finally, the creation of the Bernstein joint venture with AllianceBernstein in cash and equity research activities is progressing well. The completion of the transaction remains subject to the required regulatory approvals. The capital impact is estimated at less than 10 basis points at the completion date of the transaction, expected in the first half of 2024.

This section identifies the main risk factors which, based on the Group's estimates, could have a significant effect on its business, profitability, solvency or access to financing.

Societe Generale has updated its risk typology as part of its internal risk management. For the purposes of this section, these different types of risks have been grouped into six main categories (4.1.1 to 4.1.6), in accordance with Article 16 of the Regulation (EU) 2017/1129, also known as “Prospectus 3” regulation of 14 June 2017, according to the main risk factors that the Group believes could impact the risk categories. Risk factors are presented based on an evaluation of their materiality, with the most material risks indicated first within each category.  

The diagram below illustrates how the categories of risks identified in the risk typology have been grouped into the six categories and which risk factors principally impact them.

As a global financial institution, the Group’s activities are sensitive to changes in financial markets and economic conditions in Europe, the United States and elsewhere around the world. The Group generates 40% of its business in France (in terms of net banking income for the financial year ended 31 December 2023), 38% in Europe, 8% in the Americas and 14% in the rest of the world. The Group could face significant worsening of market and economic conditions in particular resulting from crises affecting capital or credit markets, liquidity constraints, regional or global recessions and fluctuations in commodity prices, notably oil and natural gas. Other factors could explain such deteriorations, such as variations in currency exchange rates or interest rates, inflation or deflation, rating downgrades, restructuring or defaults of sovereign or private debt, or adverse geopolitical events (including acts of terrorism and military conflicts). In addition, the emergence of new pandemics such as Covid-19 cannot be ruled out. Such events, which can develop quickly and whose effects may not have been anticipated and hedged, could affect the Group’s operating environment for short or extended periods and have a material adverse effect on its financial position, the cost of risk and its results.

The economic and financial environment is exposed to intensifying geopolitical risks. The war in Ukraine, which began in February 2022, has sparked deep tensions between Russia and Western countries, impacting global growth, energy and raw materials prices, as well as the humanitarian situation. This has also prompted a large number of countries, particularly in Europe and the United States, to impose economic and financial sanctions on Russia. The war between Israel and Hamas, which began in October 2023, could have similar impacts or contribute to existing ones and pose a risk to the flow of goods and raw materials via the Suez Canal. The Group will continue to analyse in real time the global impact of these crisis and take necessary measures.

In Asia, relations between the US and China, China and Taiwan and China and the European Union are fraught with geopolitical and trade tensions, the relocation of production and the risk of technological fractures.

After a long period of low interest rates, the current inflationary environment is pushing the major central banks to raise interest rates. The entire economy has had to adapt to a context of higher interest rates. In addition to the impact on the valuation of equities, interest rate-sensitive sectors such as real estate are adjusting. The US Federal Reserve and the European Central Bank (ECB) are expected to maintain tight monetary conditions before starting to loosen them from 2024 onwards, as inflation recedes according to our forecasts.

The slowdown in economic activity could generate strong volatility on the financial markets and a significant drop in the price of certain financial assets, potentially leading to payment defaults, with consequences that are difficult to anticipate for the Group. In France, Group's main market , after the long period of low interest rates which fostered an upturn of the housing market, the ongoing reversal of activity in this area had an adverse effect on the Group’s asset value and on business by decreasing demand for loans and resulting in higher rates of non-performing loans. More generally, the higher interest rate environment in a context where public and private debts have tended to increase is an additional source of risk.

Considering the ensuing uncertainty, both in terms of duration and scale, these disruptions could persist throughout 2024 and have a significant impact on the activity and profitability of certain Group counterparties.

Recent attacks on merchant ships in the Bab-el-Mandeb strait, claimed by the Houthi movement, could also have an impact on gas and oil supplies, or on prices and delivery times.

In the longer term, the energy transition to a “low-carbon economy” could adversely affect fossil energy producers, energy-intensive sectors of activity and the countries that depend on them.

With the ALD/LeasePlan merger in 2023, the automotive sector represents a major exposure for the Group. It is currently undergoing major strategic transformations, including environmental (growing share of electric vehicles), technological, as well as competitive (arrival of Asian manufacturers in Europe on the electric vehicles market), the consequences of which could generate significant risks for the Group’s results and the value of its assets.

With regard to financial markets, the topic of non-equivalence of clearing houses (central counterparties, or CCPs) beyond 2025 remains a point that needs watching, with possible impacts on financial stability, notably in Europe, and therefore on the Group’s business. In addition, capital markets (including foreign exchange activity) and securities trading activities in emerging markets may be more volatile than those in developed markets and may also be vulnerable to certain specific risks such as political instability and currency volatility. These elements could negatively impact the Group’s activity and results.

The Group’s results are therefore exposed to the economic, financial, political and geopolitical conditions of the main markets in which the Group operates.

During its Capital Markets Day event, the Group presented its strategic plan, which is to :

• ■be a rock-solid bank: streamline business portfolio, enhance stewardship of capital, improve operational efficiency, maintain best-in-class risk management;
• ■foster high performance sustainable businesses: excel at what SG does, lead in ESG, foster a culture of performance and accountability.

This strategic plan is reflected in the following financial targets:

• ■a robust CET 1 ratio of 13% in 2026 after the implementation of Basel IV;
• ■average annual revenue growth of between 0% and 2% over the 2022-2026 period;
• ■an improved cost-to-income ratio lower than 60% in 2026 and ROTE of between 9% and 10% in 2026;
• ■a distribution rate between 40% and 50% of reported net income(1), applicable from 2023.

The Group is fully on track to achieving its strategic milestones:

• ■the Group’s “Vision 2025” project involves a review of the network of branches resulting from the merger of Crédit du Nord and Societe Generale. Although this project has been designed to achieve controlled execution, the merger could have a short-term material adverse effect on the Group’s business, financial position and costs. The project could lead to some staff departures, requiring their replacement and training efforts that could potentially generate additional costs. The merger could also lead to the departure of some of the Group’s clients, resulting in loss of revenue;
• ■Mobility and Leasing Services will leverage the full integration of LeasePlan by ALD to be a world leader in the mobility ecosystem. However, 2024 will be an intermediate period, with the implementation of gradual integrations. From 2025 onwards, the new entity will make the transition to the target business model, including the implementation and stabilisation of IT and operational processes. If the integration plan is not carried out as expected or within the planned schedule, this could have adverse effects on ALD, particularly by generating additional costs, which could have a negative impact on the Group’s activities and results.

The Group also announced in November 2022 the signing of a letter of intent with AllianceBernstein to combine the equity research and execution businesses in a joint venture to create a leading global franchise in these activities. This announcement was followed by the signature of an acquisition agreement in early February 2023.

The creation of the Bernstein joint venture with AllianceBernstein in cash and equity research is making good progress. The final documentation was signed on 2 November 2023, with a revised structure to accelerate completion of the transaction. At the closing date (expected in the first half of 2024), the joint venture will be organised under two separate legal entities, focusing respectively on North America and on Europe and Asia. The two entities will then be combined, subject to required regulatory approvals. This change should have no significant impact on the Group’s expected net contribution. The capital impact is estimated at less than 10 basis points on the closing date. The transaction remains fully aligned with the strategic priorities of our Global Banking and Investor Solutions franchise.

Societe Generale and Brookfield Asset Management announced on 11 September 2023 a strategic partnership to originate and distribute private debt investments.

The conclusion of final agreements on these strategic transactions depends on several stakeholders and, accordingly, is subject to a degree of uncertainty (legal terms, delays in the integration process of LeasePlan or in the merger of the Crédit du Nord agencies). More generally, any major difficulties encountered in implementing the main levers for executing the strategic plan, notably in simplifying business portfolios, allocating and using capital efficiently, improving operating efficiency and managing risks to the highest standards, could potentially weigh on Societe Generale’s share price.

Societe Generale has placed Environmental, Social and Governance (ESG) at the heart of its strategy in order to contribute to positive transformations in the environment and the development of local regions. In this respect, the Group has made new commitments during the Capital Market Day on 18 September 2023 such as:

• ■an 80% reduction in upstream Oil & Gas exposure by 2030 vs. 2019; with a 50% reduction by 2025;
• ■a EUR 1 billion transition investment fund with a focus on energy transition solutions and nature-based and impact-based projects supporting the UN’s Sustainable Development Goals.

Failure to comply with these commitments, and those that the Group may make in the future, could create legal and reputation risks. Furthermore, the rollout of these commitments may have an impact on the Group’s business model. Last, failure to make specific commitments, particularly in the event of changes in market practices, could also generate reputation and strategic risks.

The Group is governed by the laws of the jurisdictions in which it operates. This includes French, European and US legislation as well as other local laws in light of the Group’s cross-border activities, among other factors. The application of existing laws and the implementation of future legislation require significant resources that could affect the Group’s performance. In addition, possible failure to comply with laws could lead to fines, damage to the Group’s reputation and public image, the suspension of its operations and, in extreme cases, the withdrawal of operating licences.

Among the laws that could have a significant influence on the Group:

• ■several regulatory changes are still likely to significantly alter the framework for Market activities: (i) the strengthening of transparency conditions related to the implementation of the new requirements and investor protection measures (review of MiFID II/MiFIR, IDD, ELTIF (European Long-Term Investment Fund Regulation)), (ii) the implementation of the fundamental review of the trading book, or FRTB, which may significantly increase requirements applicable to European banks and (iii) possible relocations of clearing activities could be requested despite the European Commission’s decision of 8 February 2022 to extend the equivalence granted to UK central counterparties until 30 June 2025, (iv) the European Commission’s proposal to amend the regulation on benchmarks (European Parliament and EU Council, Regulation (EU) No. 2016/1011, 8 June 2016) with possible changes in scope and charges;
• ■the adoption of new obligations as part of the review of the EMIR regulation (EMIR 3.0); in particular, the information requirements for European financial actors towards their customers, the equity options regime and the calibration of requirements for active account funding in a European Union central counterparty;
• ■the implementation of technical standards (RTS) published by the European Banking Authority to clarify risk retention requirements to contribute to the development of a healthy, safe and sound securitisation market in the European Union published by the European Banking Authority on 12 April 2022;
• ■the implementation of the new directive on credit agreements for consumers (Directive (EU) 2023/2225, 18 October 2023), which strengthens consumer protection;

• ■the Retail Investment Strategy (RIS) presented by the European Commission on 24 May 2023, aimed at prioritisng the interests of retail investors and strengthening their confidence in the EU Capital Markets Union, including measures to regulate commission retrocessions in the case of non-advised transactions and to introduce a value-for-money test for investment products;
• ■new legal and regulatory obligations could also be imposed on the Group in the future, such as the continuation in France of consumer protection measures weighing on retail banks, and the potential obligation at European level to open up access to banking data to third-party service providers;
• ■the Commission’s proposal of 28 June 2023 for a regulation on the establishment of the digital euro, accompanying the initiatives taken by the ECB in this field;
• ■the strengthening of data quality and protection requirements and a future strengthening of cyber-resilience requirements in relation to the adoption by the Council on 28 November 2022 of the European Directive and regulation package on digital operational resilience for the financial sector (DORA). Added to this is the transposition of the NIS 2 Directive (Network and Information Security Directive, published in the Official Journal of the EU on 27 December 2022) expected before 18 October 2024, which extends the scope of application of the initial NIS Directive;
• ■the implementation of European regulatory frameworks related to due diligence under the so-called “CS3D” Directive proposal (Corporate Sustainability Due Diligence Directive), as well as to sustainable finance including the regulation on European green bonds, with an increase in non-financial reporting obligations, particularly under the CSRD Directive (Corporate Sustainability Reporting Directive), enhanced inclusion of environmental, social and governance issues in risk management activities and the inclusion of such risks in the supervisory review and assessment process (Supervisory Review and Evaluation Process, or SREP);
• ■the implementation of the requirements of the French “Green Industry” law (Loi Industrie verte) (no. 2023-973 of 23 October 2023), which aims to green up existing industries;
• ■new obligations arising from the Basel Committee’s proposed reform of banking regulations (the final text of Basel 3, also called Basel 4). This reform will be implemented in the European legislative corpus CRR (Regulation (EU) no. 575/2013) which, with a few exceptions, will become applicable on 1 January 2025, and CRD (Directive 2013/36/EU), which should be transposed into the applicable law of Member States no later than 18 months after its entry into force, i.e. by mid-2025;
• ■the European Commission’s initiative, published on 18 April 2023, aiming to strengthen the framework for bank crisis management and deposit insurance (CMDI). This proposal could lead to wider use of the guarantee and resolution funds and increase the Group’s contributions to the guarantee and resolution funds;
• ■European measures aimed at restoring banks’ balance sheets, notably through active management of Non-Performing Loans (NPLs), are leading to an increase in prudential requirements and require the Group to adapt its NPL management strategy. More generally, additional measures to define a best practices framework for loan origination (see the Loan origination guidelines published by the European Banking Authority) and loan monitoring could also have an impact on the Group. This new framework should ensure that newly granted loans are of high credit quality and contribute to reducing levels of non-performing loans in the future;
• ■in 2023, the “Interest Rate Risk in the Banking Book” (IRRBB) guidelines published by the European Banking Authority in October 2022 have applied:
  • -since 30 June 2023 for the IRRBB part,
  • -since 31 December 2023 for the “Credit Spread Risk arising from non-trading Book Activities” (CSRBB) section, requiring banks to calculate and manage the impact of a change in Credit Spread on the Bank’s value and revenues;
• ■in 2024, the following evolutions are expected:
  • -calculation and supervision of the Supervisory Outlier Test (SOT) for Net Interest Income (NII); this requirement has already been implemented by the Group,
  • -detailed reporting notably on IRRBB and CSRBB risks;
• ■new obligations arising from a package of proposed measures announced by the European Commission on 20 July 2021 aiming to strengthen the European supervisory framework around anti-money laundering and combating the financing of terrorism (AML-CFT), as well as the creation of a new European agency to combat money laundering.

The Group is also subject to complex tax rules in the countries where it operates. Changes in applicable tax rules, uncertainty regarding the interpretation of certain evolutions or their effects may have a negative impact on the Group’s business, financial position and costs.

In the US, as the implementation of the Dodd-Frank Act nears completion, the Securities and Exchange Commission (SEC) has embarked on a complete regulatory overhaul of markets that covers the equity market structure, treasury markets and derivatives markets, among others, which could lead to significant changes in the way these markets operate, the cost of market participation and the competitive landscape, among others.

Moreover, as an international bank that handles transactions with US persons, denominated in US dollars, or involving US financial institutions, the Group is subject to US regulations relating in particular to compliance with economic sanctions, the fight against corruption and market abuse. More generally, in the context of agreements with US and French authorities, the Group largely implemented, through a dedicated programme and a specific organisation, corrective actions to address identified deficiencies and strengthen its compliance programme. In the event of a failure to comply with relevant US regulations, or a breach of the Group’s commitments under these agreements, the Group could be exposed to the risk of (i) administrative sanctions, including fines, suspension of access to US markets, and even withdrawals of banking licences, (ii) criminal proceedings, and (iii) damage to its reputation.

Due to its international activity, the Group faces intense competition in the international and local markets in which it operates from banking or non-banking actors alike. As such, the Group is exposed to the risk of not being able to maintain or develop its market share in its various activities. This competition may also lead to pressure on margins, which would be detrimental to the profitability of the Group’s activities.

Consolidation in the financial services industry could result in competitors bolstering their capital, resources and an ability to offer a broader range of financial services. In France and in the other main markets where the Group operates, the presence of major domestic banking and financial actors, as well as new market participants (notably neo-banks and online financial services providers), has increased competition for virtually all products and services offered by the Group. New market participants such as “fintechs” and new services that are automated, scalable and based on new technologies (such as blockchain) are developing rapidly and are fundamentally changing the relationship between consumers and financial services providers, as well as the function of traditional retail bank networks. Competition with these new actors may be exacerbated by the emergence of substitutes for central bank currency (crypto-currencies, digital central bank currency, etc.), which themselves carry risks.

Moreover, competition is also heightened by the emergence of non-banking actors that, in some cases, may benefit from a regulatory framework that is more flexible and in particular less demanding in terms of equity capital requirements.

To address these challenges, the Group has implemented a strategy, notably the development of digital technologies and the creatioin of commercial or equity partnerships with these new actors. In this context, the Group may have to make additional investments to be able to offer new innovative services and compete with these new actors. Tougher competition could, however, adversely impact the Group’s business and results, both on the French market and internationally.

Environmental, social and governance (ESG) risks are defined as risks stemming from the current or prospective impacts of ESG factors on counterparties or invested assets of financial institutions. ESG risks are seen as aggravating factors to the traditional categories of risks (including credit risk, counterparty risk, market risk, non-financial risks, structural risks, business and strategy risks, other types of risk and other factors of risk). ESG risks are therefore likely to impact the Group’s activities, results and financial position in the short, medium and long-term.

The Group is consequently exposed to environmental risks, including climate change risks through certain of its financing, investment and service activities.

The Group could be exposed to physical risk resulting from a deterioration in the credit quality of its counterparties whose activity could be negatively affected by extreme climatic events or long-term gradual changes in climate, and through a decrease in the value of collateral received (particularly in the context of real estate financing in the absence of guarantee mechanisms provided by specialised financing companies). The Group could also be exposed to transition risk through the deterioration in the credit quality of its counterparties impacted by issues related to the process of transitioning to a low-carbon economy, linked for example to regulatory changes, technological disruptions or changes in consumer preferences.

Beyond the risks related to climate change, risks more generally related to environmental degradation (such as the risk of loss of biodiversity, water resources or pollution) are also aggravating factors to the Group’s risks. The Group could notably be exposed to credit risk on a portion of its portfolio, on back of lower profitability of some of its counterparties due, for example, to increasing legal and operating costs (due to the implementation of new environmental standards).

In addition, the Group is exposed to social risks, related for example to non-compliance by some of its counterparties with labour laws or workplace health and safety issues, which may trigger or aggravate reputation and credit risks for the Group.

Similarly, risks relating to governance of the Group’s counterparties and stakeholders (suppliers, service providers, etc.), such as an inadequate management of environmental and social issues, could generate credit and reputational risks for the Group.

Beyond the risks related to its counterparties or invested assets, the Group could also be exposed to risks related to its own activities. Hence, the Group is exposed to physical climate risk with respect to its ability to maintain its services in geographical areas affected by extreme events (floods, etc.).

The Group also remains exposed to specific social and governance risks, relating for example to the operational cost of implementation of regulations (in particular related to labour laws) and the management of its human resources.

All of these risks could have an impact on the Group’s business, results and reputation in the short, medium and long term.

Directive 2014/59/EU of the European Parliament and of the Council of the European Union of 15 May 2014 (BRRD) and Regulation (EU) No. 806/2014 of the European Parliament and of the Council of the European Union of 15 July 2014 (the Single Resolution Mechanism, or “SRM”) define, respectively, a European Union-wide framework and a Banking Union-wide framework for the recovery and resolution of credit institutions and investment firms. The BRRD provides the authorities with a set of tools to intervene early and quickly enough in an institution considered to be failing so as to ensure the continuity of the institution’s essential financial and economic functions while reducing the impact of the failure of an institution on the economy and the financial system (including the exposure of taxpayers to the consequences of the failure). Within the Banking Union, under the SRM Regulation, a centralised resolution authority is established and entrusted to the SRB and national resolution authorities.

The powers granted to the resolution authority under the BRRD and the SRM Regulations include write-down/conversion powers to ensure that capital instruments and eligible liabilities absorb the Group’s losses and recapitalise it in accordance with an established order of priority (the “Bail-in Tool”). Subject to certain exceptions, losses are borne first by the shareholders and then by the holders of additional Tier 1 and Tier 2 capital instruments, then by the non-preferred senior debt holders and finally by the senior preferred debt holders, all in the order of their claims in a normal insolvency proceeding. The conditions for resolution provided by the French Monetary and Financial Code implementing the BRRD are deemed to be met if: (i) the resolution authority or the competent supervisory authority determines that the institution is failing or likely to fail; (ii) there is no reasonable perspective that any measure other than a resolution measure could prevent the failure within a reasonable timeframe; and (iii) a resolution measure is necessary to achieve the resolutions’ objectives (in particular, ensuring the continuity of critical functions, avoiding a significant negative effect on the financial system, protecting public funds by minimising the recourse to extraordinary public financial support, and protecting customers’ funds and assets) and the winding-up of the institution under normal insolvency proceedings would not meet these objectives to the same extent.

The resolution authority could also, independently of a resolution measure or in combination with a resolution measure, proceed with the write-down or conversion of all or part of the Group’s capital instruments (including subordinated debt instruments) into Common Equity Tier 1 (CET1) instruments if it determines that the Group will no longer be viable unless it exercises this write-down or conversion power or if the Group requires extraordinary public financial support (except where the extraordinary public financial support is provided in the form defined in Article L. 613-48 III, paragraph 3 of the French Monetary and Financial Code).

The Bail-in Tool could result in the write-down or conversion of capital instruments in whole or in part into ordinary shares or other ownership instruments.

In addition to the Bail-in Tool, the BRRD provides the resolution authority with broader powers to implement other resolution measures with respect to institutions that meet the resolution requirements, which may include (without limitation) the sale of the institution’s business segments, the establishment of a bridge institution, the splitting of assets, the replacement or substitution of the institution as debtor of debt securities, changing the terms of the debt securities (including changing the maturity and/or amount of interest payable and/or the imposition of a temporary suspension of payments), the dismissal of management, the appointment of a provisional administrator and the suspension of the listing and admission to trading of financial instruments.

Before taking any resolution action, including the implementation of the Bail-in Tool, or exercising the power to write down or convert relevant capital instruments, the resolution authority must ensure that a fair, prudent and realistic valuation of the institution’s assets and liabilities is made by a third party independent of any public authority.

The application of any measure under the French implementing provisions of the BRRD or any suggestion of such application to the Group could have a material adverse effect on the Group’s ability to meet its obligations under its financial instrument and, as a result, holders of these securities could lose their entire investment.

In addition, if the Group’s financial condition deteriorates, the existence of the Bail-in Tool or the exercise of write-down or conversion powers or any other resolution tool by the resolution authority (independently of or in combination with a resolution) if it determines that Societe Generale or the Group will no longer be viable could result in a more rapid decline in the value of the Group’s financial instruments than in the absence of such powers.

The Pillar 3 report, published under the responsibility of Societe Generale Group’s Senior Management, sets out, in accordance with the CRR regulation, the quantitative and qualitative information on Societe Generale’s capital, liquidity and risk management to ensure transparency in respect of the various market players. This information has been prepared in compliance with the internal control procedures approved by the Board of Directors in the course of the validation of the Group Risk Appetite Framework and Group Risk Appetite Statement, and are based, among other things, on the annual review, by General Management in the Group Internal Control Coordination Committee (GICCC) and by the Risk Committee of the Board of Directors, of Societe Generale’s Risk division, particularly in its ability to exercise its role as the second line of defense for the entire Group.

Risk appetite is defined as the level of risk that the Group is prepared to accept to achieve its strategic goals.

Thus, risk appetite is part of the Group’s overall strategy, which has the following objectives:

• ■CET 1 ratio at 13% in 2026, under Basel IV;
• ■average annual revenue growth between 0% and 2% over 2022-2026;
• ■cost-to-income ratio below 60% in 2026 • Return on tangible equity (ROTE) between 9% and 10% in 2026;
• ■maintaining a risk management at the highest standards with a cost of risk between 25 and 30 bps over 2024-2026 and a rate of non performing loan between 2,5% and 3% in 2026;
• ■maintaining a strength liquidity profile with a short term liquidity ratio, Liquidity Coverage Ratio (LCR), greater or equal to 130% over 2024-2026 and a Net Stable Funding Ratio greater or equal to 112% over 2024-2026.

The Group seeks to achieve sustainable profitability, relying on a robust financial profile consistent with its diversified banking model, by:

• ■adjusting its activities portfolio according to performance criteria, synergy with the Group and extreme risk criteria;
• ■targeting profitable and resilient business development;
• ■maintaining a target rating allowing access to financial resources at a cost consistent with the development of the Group’s businesses and its competitive positioning;
• ■calibrating its capital indicators (consistent with the results of the ICAAP group process) to ensure:
  • -satisfaction of minimum regulatory requirements on CET1 ratio,
  • -financial conglomerate ratio requirement, which take into consideration the combined solvency of Group banking and insuring activities,
  • -coverage of one year of “internal capital requirement” using available CET1 capital,
  • -a sufficient level of creditor protection consistent with a debt issuance program that is particularly hybrid consistent with the Group’s objectives in terms of rating and regulatory ratios such as Tier 1, TLAC (“Total Loss Absorbing Capacity”), MREL (“Minimum Required Eligible Liabilities”), and the leverage ratio;
• ■ensuring resilience of its liabilities, which are calibrated by taking into account a survival horizon in a combined liquidity stress ratio (ILSI – Internal Liquidity Stress Indicator), compliance with LCR (Liquidity Coverage Ratio) and NSFR (Net Stable Funding Ratio) regulatory ratios and the level of dependence on short-term fundings and the foreign currencies needs business of the Group, notably in USD;
• ■controlling financial leverage.

Based on this model, the risk appetite is established and formalised at a Group level by type of risks.

Risk appetite is determined at Group level and attributed to the businesses and subsidiaries. Monitoring of risk appetite is performed according to the principles described in the Risk Appetite Framework governance and implementation mechanism, which are summarised below.

As part of the supervision of risk appetite, the Group relies on the following organisation:

• ■the Board of Directors:
  • -approves each year the Group Risk Appetite Statement and the Group Risk Appetite Framework, as well as the Group Risk Appetite Framework,
  • -approves in particular the main Group risk appetite indicators (Board of Directors indicators) validated beforehand by General Management,
  • -ensures that risk appetite is relevant to the Group’s strategic and financial objectives and its vision of the risks of the macroeconomic and financial environment,
  • -reviews quarterly the risk appetite dashboards presented to it, and is informed of risk appetite overruns and remediation action plans,
  • -sets the compensation of corporate officers, sets out the principles of the remuneration policy applicable in the Group, especially for regulated persons whose activities may have a significant impact on the Group’s risk profile, and ensures that they are in line with risk management objectives.
  • The Board of Directors relies primarily on the Risk Committee;
• ■General Management:
  • -approves the document summarising the Group’s risk appetite Statement and its Risk Appetite Framework based on the proposal of the Chief Risk Officer and the Chief Financial Officer,
  • -examines the risk appetite compliance dashboards presented to it quarterly and is informed of risk appetite breaches and the redemption action plans implemented,
  • -ensures the effectiveness and integrity of the risk appetite implementation system,
  • -ensures that the risk appetite for the Group’s Business Units and eligible subsidiaries/branches is formalised and translated into frameworks consistent with the Group’s risk appetite,
  • -ensures internal communication of risk appetite and its transposition in the Universal Registration Document.

As part of the Risk appetite Framework, General Management relies on several Committees: the Group Executive Committee (ExCo), the Group Risk Committee (CORISQ), the Finance Committee (COFI), the Assets and Liabilities Committee (ALCO), the Compliance Committee (COMCO), the responsible Commitments Committee (CORESP), the Group Provision Committee (COPRO), the Large Exposure Committee (CGR), and the Sogécap Board and its ALM & Risk Management Committee and the Group Internal Control Coordination Committee (CCCIG), with it chairs.

In addition, the main mission of the Risk Department is to draw up the document summarising the Group’s risk appetite, as well as the implementation of a risk management, monitoring and control system.

The Finance Department addresses, with Risk Department, this risk appetite in the framework of indicators under the responsibility of the Finance Committee (profitability, solvency and structural risks).

The Compliance Department is also responsible for instructing the risk appetite setting for indicators falling within its scope.

Implementing a high-performance and efficient risk management structure is a critical undertaking for Societe Generale Group in all businesses, markets and regions in which it operates, as is maintaining a balance between strong awareness of risks and promoting innovation. The Group’s risk management, supervised at the highest level, is compliant with the regulations in force, in particular the order of 3 November 2014 revised by the order of 25 February 2021 on the internal control of companies in the banking sector, Payment Services and Investment Services subject to the control of the French Prudential Supervisory and Resolution Authority (Autorité de Contrôle Prudentiel et de Résolution – ACPR) and the final version of European Basel 3 Regulations ((Capital Requirements Regulation/Capital Requirements Directive).  (See Corporate Governance-Role of Chairman of the Board of directors").

Two main high-level bodies govern Group risk management: the Board of Directors and General Management.

General Management presents regularly (more often if circumstances require so) the main aspects of, and notable changes to, the Group’s risk management strategy to the Board of Directors.

As part of the Board of Directors, the Risk Committee advises the Board of Directors on overall strategy and appetite regarding all kinds of risks, both current and future, and assists the Board when the latter verifies that the strategy is being rolled out.

The Board of Directors’ Audit and Internal Control Committee ensures that the risk control systems operate effectively.

Chaired by the general management, the bank’s executive committee, in terms of risks, is in charge of making sure that the Group has an efficient risks management frame and monitor and control this frame. This responsibility will be mainly assumed through the participation of the Executive Committee at the Group Risk Committee. In addition, the Executive Committee must:

• ■on an annual basis, review and validate the Group’s Risk Appetite Statement, before submitting it to the Société Générale Board of Directors; 
• ■on an annual basis, review and validate the Group’s Risk Appetite Framework, before submitting it to the Société Générale Board of Directors;
• ■ensure that the Group has effective segregation of duties between the first, second and third lines of defense;
• ■on an annual basis, review, challenge and take note of the report of the Chief Risk Officer on the risk control and self-assessment process, as well as the Group’s IT and cybersecurity risk assessment;
• ■on a monthly basis, review and challenge the Risk Report prepared by the Chief Risk Officer which includes: (a) an assessment of significant and emerging risks, risk deficiencies, risk management and mitigation within the Group and for all types of risks identified; (b) quantitative data on risk exposure and their use to enable the Executive Committee to regularly monitor compliance with the Group’s risk appetite, risk tolerance and risk capacity; and (c) a summary of the quarterly meetings of the Enterprise Risk Committee at the Pillar level;
• ■review and challenge the important post-mortem analysis presented to it by the Operational Risk Department, which constitute the important post-mortem subjects within the Group.

Chaired by General Management, the Committees responsible for central oversight of internal control and risk management are as follows:

• ■The Group Risk Committee (Group CORISQ), chaired by the Group CEO, has authority over the entire Société Générale Group and aims to:
  • -validate the main risk management processes, in particular the Group’s risk taxonomy, risk identification, risk management and stress testing frameworks,
  • -validate, before proposing to the Board of Directors, the Risk Appetite Framework (RAF),
  • -validate the Risk Inventory;
  • -for credit, counterparty, market, operational, model risks, ESG(8) and Country risk factors:
    • •ensure the annual validation (before review by the Group ExCo and before final validation by the Board of Directors) of the Group’s Risk Appetite (RAS) for these categories,
    • •define or validate the Group’s main guidelines in terms of risks policies in the context of the risk appetite previously validated by the Board of Directors, 
    • •monitor conformity with the Group’s risk appetite and the material topics of the Pillars/BUs Risk Appetite reporting to it,
    • •ensure a holistic view of all these risks through monthly risk reporting. 

The validation of the Group’s Risk Appetite (RAS), before being proposed to the Board of Directors for approval, is the responsibility of the Exco Group.

Along with the Risks Committee, the Large Exposures Committee (Comité Grands Risques) is an ad hoc Committee, responsible for approving the sales and marketing strategy and risk appetite regarding major client groups (Corporates, Insurance Companies and Asset Managers). The Large Exposures Committee is a decision-making body and has authority over the entire Société Générale Group. 

• ■the Finance Group Committee (COFI)
• The COFI is responsible for Société Générale Group’s financial strategy and for steering Société Générale Group’s strategic financial targets. In that capacity, the COFI oversees all key aspects of SG Group’s:
  • ( i )management of Société Générale Group’s strategic financial targets as defined in SG Group’s Risk Appetite: rating, profitability, capital, liquidity, balance sheet,
  • ( ii )ICAAP and ILAAP, including their validation ahead of submission to the Board of Directors for approval,
  • ( iii )funding strategy and funding plan,
  • ( iv )monitoring of Societe Generale’s rating by credit agencies,
  • ( v )recovery and resolution planning,
  • ( vi )monitoring of Societe Generale’s Group tax capacity,
  • ( vii )distribution policy and proposals,
  • ( viii )financial management of the Corporate Centre and intragroup re-invoicing.
• Operational management of structural risks within the Group Risk Appetite is addressed by the Group Assets and Liabilities Management Committee (“ALCO”).
• The COFI aims at setting and enforcing Société Générale’s own management practices while complying with all relevant regulations and ensuring the highest risk control standards.
• The COFI has a Group-wide authority excluding insurance activities. However, the COFI is competent for scarce resources management for the financial conglomerate (reunion of the banking and insurance activities). The COFI has authority in normal as well as in stressed circumstances, subject to the provisions of the Contingency Funding Plan and Recovery Plan.
• Some matters handled by the COFI are for its sole decision, while others are reviewed by the COFI ahead of the submission to the Board of Directors (e.g. ILAAP and ICAAP documents).
• The COFI is chaired by the CEO or its delegate as per usual general management delegation rules;
• ■the Group Assets and Liabilities Management Committee (ALCO)
• The ALCO is responsible for the management of SG Group’s structural risks within the Group Risk Appetite. Structural risks include:
  • ( i )interest rate risk and foreign exchange risk in the banking book,
  • ( ii )Group Structural risk,
  • ( iii )liquidity risk of the entire banking and trading book.
• The ALCO has a Group-wide authority in normal as well as in stressed circumstances, subject to the provisions of the Contingency Funding Plan and Recovery Plan.
• The ALCO aims at setting and enforcing Société Générale’s own management practices while complying with all relevant regulations and ensuring the highest risk control standards.
• Some matters handled by the ALCO are for its own decision only, while others are reviewed by the ALCO ahead of the submission to the Board of Directors.
• The ALCO is chaired by the CEO or his delegate as per usual general management delegation rules;
• ■the Compliance Committee (COMCO), this Committee reviews the risks of non-compliance, the main issues and defines the Group’s compliance principles and ensures the annual monitoring of the quality of the Sanctions & Embargoes risk management system:
  • ( i )review of the main compliance incidents of the period,
  • ( ii )review of key information related to relationships with supervisors,
  • ( iii )follow-up of potential ongoing remediations,
  • ( iv )review/challenge of compliance indicators on each non-compliance risk, including a biannual focus on financial crime prior to presentation to the Board of Directors,
  • ( v )validation of compliance risk appetite criteria and quarterly review of RAS indicators,
  • ( vi )review of permanent (CN1 and CN2) and periodic (IGAD) controls and main points of attention and Need for Action,
  • ( vii )monitoring of Group Policies and Procedures deployment,
  • ( viii )review of the Group annual mandatory trainings roadmap and validation of new modules for all employees,
  • ( ix )review of CACI/CR and Board documents not previously reviewed by DGLE,
  • ( x )ad hoc validation on Group compliance topics.
• The COMCO is chaired by the CEO;
• ■the Group Information Systems Committee (ISCO)
• The ISCO is responsible for SG Group’s Information System (“IS”) strategy and for steering SG Group’s strategic IS targets. In that capacity, the ISCO oversees all key aspects of SG Group’s:
  • ( i )validates major objectives of the IS sector,
  • ( ii )steers investments (CTB) and run costs (RTB) and approves major or strategic projects for the Group’s information systems, ensuring their consistency and alignment with the BU/SU Strategic Transformation Plans (TSP),
  • ( iii )oversees IS sector operating on its pillars (IT Financial Steering, IT strategy & Architecture, Project Portfolio and CTB Management, Digital and Data Assets & Capabilities, Resource Management (HR & sourcing) and Model delivery, Operations, Quality of Service and Obsolescence, Cyber security and resilience, Green IS, IT Risk Management) and associated KPIs (financial trajectory, validation of budget adjustments and arbitrations, asset mutualisation, CTB allocation, major projects risks, review of key post-mortem points on incidents, deployment of norms and standards),
  • ( iv )defines the priorities of the IS sector and, if necessary, arbitrates between local and global priorities.
• The Committee validates the elements that will be presented to the Board of Directors regarding strategies, risks, incidents, and status on IT production and projects;
• ■the Group Internal Control Coordination Committee (GICCC), is chaired by the Chief Executive Officer or, in his absence, by a Deputy Chief Executive Officer. The purpose of the GICCC is to ensure the consistency and effectiveness of the Group’s internal control, in response in particular to the obligation laid down in Art. 16 of the amended French Order of 3 November 2014. The Committee meets approximately 20 times a year to deal with cross-cutting topics as well as the annual review of each Business Unit and Service U;
• ■the Responsible Commitments Committee (CORESP), chaired by the Deputy Chief Executive Officer in charge of overseeing the ESG policy, deals with all matters falling within the Group’s responsibility in Environmental and Social matters, or those having an impact on the Group’s responsibility or reputation and not already covered by an existing Executive Management Committee. The Committee is decision-making and has authority over the whole Group;
• ■the Group Provisions Committee (COPRO), chaired by the Chief Executive Officer, meets quarterly, presents and validates the net cost of risk of the Group (provisions for credit risk) which will be accounted in the quarter.

Internal control is part of a strict regulatory framework applicable to all banking institutions.

In France, the conditions for conducting internal controls in banking institutions are defined in the Order of 3 November 2014, modified by the Order of 25 February 2021. This Order, which applies to all credit institutions and investment companies, defines the concept of internal control, together with a number of specific requirements relating to the assessment and management of the various risks inherent in the activities of the companies in question, and the procedures under which the supervisory body must assess and evaluate how the internal control is carried out.

The Basel Committee has defined four principles – independence, universality, impartiality, and sufficient resources – which underpin the internal control carried out by credit institutions.

The Board of Directors ensures that Societe Generale has a solid governance system and a clear organisation ensuring:

• ■a well-defined, transparent and coherent sharing of responsibilities;
• ■effective procedures for the detection, management, monitoring and reporting of risks to which the Company could be exposed.

The Board tasks the Group’s General Management with rolling out the Group’s strategic guidelines to implement this set-up.

The Audit and Internal Control Committee is a Board of Directors’ Committee that is specifically responsible for preparing the decisions of the Board in respect of internal control supervision.

As such, General Management and Risk Division submits reports to the Audit and Internal Control Committee on the internal control of the Group. The Committee monitors the implementation of remediation plans when it considers the risk level to be justified.

Internal control is based on a body of standards and procedures.

All Societe Generale Group activities are governed by rules and procedures contained in a set of documents referred to collectively as the “Standard Guidelines”, compiled in the Societe Generale Code, which:

• ■set out the rules for action and behavior applicable to Group staff;
• ■define the structures of the businesses and the sharing of roles and responsibilities;
• ■describe the management rules and internal procedures specific to each business and activity.

The Societe Generale Code groups together the standard guidelines which, in particular:

• ■define the governance of the Societe Generale Group, the structures and duties of its Business Units and Services Units, as well as the operating principles of the cross-business systems and processes (Codes of Conduct, charters, etc.);
• ■set out the operating framework of an activity and the management principles and rules applicable to products and services rendered, and also define internal procedures.

The Societe Generale Code has force of law within the Group and falls under the responsibility of the Group Corporate Secretary.

In addition to the Societe Generale Code, operating procedures specific to each Group activity are applied. The rules and procedures in force are designed to follow basic rules of internal control, such as:

• ■segregation of functions;
• ■immediate, irrevocable recording of all transactions;
• ■reconciliation of information from various sources.

Multiple and evolving by nature, risks are present in all business processes. Risk management and control systems are therefore key to the Bank’s ability to meet its targets.

The internal control system is represented by all methods which ensure that the operations carried out and the organisation and procedures implemented comply with:

• ■legal and regulatory provisions;
• ■professional and ethical practices;
• ■the internal rules and guidelines defined by the Company’s management body of the undertaking in its executive function.

Internal control in particular aims to:

• ■prevent malfunctions;
• ■assess the risks involved, and exercise sufficient control to ensure they are managed;
• ■ensure the adequacy and effectiveness of internal processes, particularly those which help safeguard assets;
• ■detect irregularities;
• ■guarantee the reliability, integrity and availability of financial and management information;
• ■check the quality of information and communication systems.

The internal control system is based on five basic principles:

• ■the comprehensive scope of the controls, which cover all risk types and apply to all the Group’s entities;
• ■the individual responsibility of each employee and each manager in managing the risks they take or supervise, and in overseeing the operations they handle or for which they are responsible;
• ■the responsibility of functions, in line with their expertise and independence, in defining normative controls and, for three of them, exercising second-level permanent control;
• ■the proportionality of the controls to the materiality of the risks involved;
• ■the independence of internal auditing.

The internal control framework is based on the “three lines of defence” model, in accordance with the Basel Committee and European Banking Authority guidelines:

• ■the first line of defence comprises all Group employees and operational management, both within the Business Units and the Services Units in respect of their own operations.
• Operational management is responsible for risks, their prevention and their management (by putting in place first-level permanent control measures, amongst other things) and for implementing corrective or remedial actions in response to any deficiencies identified by controls and/or process steering;
• ■the second line of defence is provided by the risk and compliance functions.
• Within the internal control framework, operational management is responsible for verifying the proper and continuous running of the risk security and management operation functions through the effective application of established standards, defined procedures, methods and requested controls.
• Accordingly, these functions must provide the necessary expertise to define in their respective fields the controls and other means of risk management to be implemented by the first line of defence, and to ensure that they are effectively implemented; they conduct second-level permanent control over all of the Group’s risks, based in particular on the controls they have defined, as well as those defined, if necessary, by other expert functions (e.g. sourcing, legal, tax, human resources, information system security, etc.) and by the businesses;
• ■the third line of defence is provided by the Internal Audit Department, which encompasses the General Inspection and Internal Audit functions. This department performs periodic internal audits that are strictly independent of the business lines and the permanent control function;
• ■internal control coordination, which falls under the responsibility of the Chief Risk Officer, is also provided at Group level and is rolled out in each of the departments and core businesses.

The Chief Executive Officer is responsible for ensuring the overall consistency and effectiveness of the internal control system.

The purpose of the Group Internal Control Coordination Committee (GICCC) is to ensure the consistency and effectiveness of the Group’s internal control, in response in particular to the obligation laid down in Art. 16 of the amended French Order of 3 November 2014. The Committee is chaired by the Chief Executive Officer, or in his absence, by a Deputy General Manager tasked with supervising the area under review. Organised by RISQ/NFR, the CCCIG convenes the Managers of the second line of defence (CPLE and RISQ), the Representatives appointed by the Heads of DFIN and RESG (including the Global CISO), the Manager of the third line of defence (IGAD), as well as the Heads of the level 2 permanent control central teams (RISQ/CTL, CPLE/CTL, DFIN/CTL).

The Committee meets approximately 20 times a year to deal with cross-cutting topics, as well as the annual review of each BU/SU.

Its roles and responsibilities are:

• ■provide a consolidated view of the Group’s internal control framework to General Management;
• ■evaluate the Group’s internal control framework in terms of effectiveness, consistency, and completeness;
• ■evaluate the operation Group’s permanent control framework based on the analysis of the Group’s quarterly permanent control dashboard, completed by cross-functional thematic reviews and by the independent reviews of RISQ and CPLE in their role as the Group’s second line of defense;
• ■examine and validate the annual report of the Group’s internal control (“RCI”);
• ■define or validate the roles and responsibilities of permanent control stakeholders and of the GICCC and ICCC;
• ■validate the operational principles of permanent control and governance;
• ■validate the sections dealing with internal control in the SG Code;
• ■review and “challenge” the BU/SU permanent control framework, in particular, validate the target organisation of permanent control in the major and significant entities;
• ■review other cross-functional subjects related to the Group’s permanent control:
  • ( i )the permanent control budget,
  • ( ii )validate of level 2 Control Plans,
  • ( iii )other cross-functional subjects concerning all or part of the Group, in particular risks (including ESG topics), requiring an assessment of the effectiveness of preventive measures and controls; two subjects are examined annually, due to their importance and the attention they receive from the supervisory authorities:
    • •control of information security framework, and
    • •control of essential outsourced services;
• ■follow up the Group’s permanent control framework with the permanent members of the Committee: review and comment on the status of the action plan prepared by RISQ/NFR and take appropriate decisions if necessary.

The GICCC is a decision-making body. It therefore has the authority to take appropriate measures to correct any deficiencies or weaknesses detected and communicated.

The GICCC is declined into BU/SU ICCCs, which are mandatory in each BU/SU (expect IGAD) and in the most significant subsidiaries.

The Group’s permanent control system comprises:

• ■the first-level permanent control, which is the basis of the Group’s permanent control, is performed by the businesses. Its purpose is to ensure the security, quality, regularity and validity of transactions completed at operational level;
• ■the second-level permanent control, which is independent of the businesses and concerns three departments, i.e. the Compliance, Risk and Finance Departments.

Permanent Level 1 controls, carried out on operations performed by BUs and the SUs, ensure the security and quality of transactions and the operations. These controls are defined as a set of provisions constantly implemented to ensure the regularity, validity, and security of the operations carried out at operational level.

The permanent Level 1 controls consist of:

• ■any combination of actions and/or devices that may limit the likelihood of a risk occurring or reduce the consequences for the Company: these include controls carried out on a regular and permanent basis by the businesses or by automated systems during the processing of transactions, automated or non-automated security rules and controls that are part of transaction processing, or controls included in operational procedures. Also falling into this category are the organisational arrangements (e.g., segregation of duties) or governance, training actions, when they directly contribute to controlling certain risks;
• ■controls performed by managers: line managers control the correct functioning of the devices for which they are responsible. As such, they must apply formal procedures on a regular basis to ensure that employees comply with rules and procedures, and that Level 1 controls are carried out effectively.

Defined by a Group entity within its scope, Level 1 controls include controls (automated or manual) that are integrated into the processing of operations, proximity controls included in operating procedures, safety rules, etc. They are carried out in the course of their daily activities by agents directly in charge of an activity or by their managers. These controls aim to:

• ■ensure the proper enforcement of existing procedures and control of all risks related to processes, transactions and/or accounts;
• ■alert management in the event of identified anomalies or malfunctions.

Permanent Level 1 controls are set by management and avoid, as far as possible, situations of self-assessment. They are defined in the procedures and must be traced without necessarily being formalised, e.g. preventive automated controls that reject transactions that do not comply with system-programmed rules.

In order to coordinate the operational risk management system and the permanent Level 1 control system, the BUs/SUs use a specific department called CORO (Controls & Operational Risks Office Department).

The permanent Level 2 control ensures that the Level 1 control works properly:

• ■the scope includes all permanent Level 1 checks, including managerial supervision checks and checks carried out by dedicated teams;
• ■this review and these audits aim to give an opinion on (i) the effectiveness of Level 1 controls, (ii) the quality of their implementation, (iii) their relevance (including, in terms of risk prevention), (iv) the definition of their modus operandi, (v) the relevance of remediation plans implemented following the detection of anomalies, and the quality of their follow-up, and thus contribute to the evaluation of the effectiveness of Level 1 controls.

The permanent level 2 control, control of the controls, is carried out by teams independent of the operational.

These controls are performed centrally by dedicated teams within Risk Service Unit (RISQ/CTL), Compliance Service Unit (CPLE/CTL) and Finance Service Unit (DFIN/CTL) and locally by the second-level control teams within the BU/SUs or entities.

There are many participants in the production of financial data:

• ■the Board of Directors, and more specifically its Audit and Internal Control Committee, has the task of examining the draft financial statements which are to be submitted to the Board, as well as verifying the conditions under which they were prepared and ensuring not only the relevance but also the consistency of the accounting principles and methods applied. The Audit and Internal Control Committee’s remit also is to monitor the independence of the Statutory Auditors, and the effectiveness of the internal control, measurement, supervision and control systems for risk related to the accounting and financial processes. The Statutory Auditors meet with the Audit and Internal Control Committee during the course of their engagement;
• ■the Group Finance Department gathers the accounting and management data compiled by the subsidiaries and the Business Units/Services Units in a set of standardised reports. It consolidates and verifies this information so that it can be used in the overall management of the Group and disclosed to third parties (supervisory bodies, investors, etc.). It also has a team in charge of the preparation of the Group regulatory reports.
• In the framework of these missions, it is in charge of:
  • -monitoring the financial aspects of the Group’s capital transactions and its financial structure,
  • -managing its assets and liabilities, and consequently defining, managing and controlling the Group’s financial position and structural risks,
  • -ensuring that the regulatory financial ratios are respected,
  • -defining accounting and regulatory standards, frameworks, principles and procedures for the Group, and ensuring that they are observed,
  • -verifying the accuracy of all financial and accounting data published by the Group;
• ■the Finance Departments of subsidiaries and Business Units/Services Units carry out certification of the accounting data and entries booked by the back offices and of the management data submitted by the front offices. They are accountable for the financial statements and regulatory information required at the local level and submit reports (accounting data, finance control, regulatory reports, etc.) to the Group Finance Department. They can perform these activities on their own or else delegate their tasks to Shared Service Centers operating in finance and placed under Group Finance Department governance;
• ■the Risk Department consolidates the risk monitoring data from the Group’s Business Units/Services Units and subsidiaries in order to control credit, market and operational risks. This information is used in Group communications to the Group’s governing bodies and to third parties. Furthermore, it ensures in collaboration with the Group Finance Department, its expert role on the dimensions of credit risk, structural liquidity risks, rates, exchange rates, on the issues of recovery and resolution and the responsibility of certain closing processes, notably the production of solvency ratios;
• ■the Back offices are responsible for all support functions to front offices and ensure contractual settlements and deliveries. Among other responsibilities, they check that financial transactions are economically justified, book transactions and manage means of payment.

Since January 2014, Societe Generale has been applied the new Basel III regulations implemented in the European Union through a regulation and a directive (CRR and CRD respectively).

The general framework defined by Basel III is structured around three pillars:

• ■Pillar 1 sets the minimum solvency, leverage and liquidity requirements and defines the rules that banks must use to measure risks and calculate the related capital requirements, according to standard or more advanced methods;
• ■Pillar 2 concerns the discretionary supervision implemented by the competent authority, which allows them – based on a constant dialogue with supervised credit institutions – to assess the capital adequacy calculated in accordance with Pillar 1, and to calibrate additional capital requirements taking into account all the risks faced by these institutions;
• ■Pillar 3 promotes market discipline by developing a set of reporting requirements, both quantitative and qualitative, that allow market participants to better assess the capital, risk exposure, risk assessment procedures and hence the capital adequacy of a given institution.

Several amendments to European regulatory standards were adopted in May 2019 (CRR2/CRD5). The majority of the provisions came into effect in June 2021.

The amendments concern in particular the following items:

• ■Leverage ratio: the minimum requirement of 3% to which will be added since January 2023, 50% of the buffer required as a systemic institution;
• ■Derivatives counterparty risk  (SA-CCR(1)): the “SA-CCR” method is the Basel method replacing the old CEM(2) method for determining the prudential exposure on derivatives under the standardised approach;
• ■Large Exposure: the main change is the calculation of the regulatory limit (25%) on Tier 1 capital (instead of total capital), as well as the introduction of a specific cross-limit on systemic institutions (15%);
• ■TLAC: the ratio requirement for G-SIB is introduced in CRR. According to the Basel text, G-SIBs must comply with an amount of capital and eligible debt equal to the highest between 18% + risk-weighted assets buffers and 6.75% leverage since 2022.

In December 2017, the Group of Central Bank Governors and Heads of Banking Supervision (GHOS), which oversees the Basel Committee on Banking Supervision, approved regulatory reforms to complement Basel 3.

The transposition into European law of the finalisation of Basel 3 in CRR3 and CRD6 was completed at the end of 2023. The new rules will apply from 1 January 2025.

One of the main novelties is the introduction of a global output floor: the Group’s risk-weighted assets (RWA) will be applied a floor corresponding to a percentage of the sum of the individual risk types (credit, market and operational) computed according to the standard method. The output floor level will gradually increase from 50% in 2025 to 72.5% in 2030.

Regarding FRTB, for the SA-Standard Approach: the reporting has been effective since the third quarter of 2021. The full implementation of FRTB, including the rules on the boundary between the banking and trading portfolio, should be aligned with the entry into force of CRR3. Nevertheless, the EU legislators reserve the right to postpone this application (up to 2 years) depending on how it is applied in other jurisdictions (in particular the US).

As part of the management of its capital management, the Group ensures, under the monitoring of the Finance Department and the control of the Risk Department, that its solvency level is always compatible with the following objectives:

• ■maintaining its financial strength while respecting risk Appetite;
• ■maintaining its financial flexibility to its internal and external development;
• ■appropriate allocation of capital between its various business lines in accordance with the Group’s strategic objectives;
• ■maintaining the Group’s resilience in the event of stress scenarios;
• ■meeting the expectations of its various stakeholders: supervisors, debt and capital investors, rating agencies, and shareholders.

The Group therefore determines its internal solvency target, in accordance with these objectives and compliance with regulatory thresholds.

The Group has an internal capital adequacy assessment process that measures and explains changes in the Group’s capital ratios over time, taking into account future regulatory constraints where appropriate.

This process is based on a selection of key metrics that are relevant to the Group in terms of risk and capital measurement, such as CET1, Tier 1 and Total Capital ratios. These regulatory indicators are supplemented by an assessment of the coverage of internal capital needs by available internal capital and thus confirming via an economic perspective, the relevance of the targets set in the risk appetite. Besides, this assessment takes into account the constraints arising from the other metrics of the risk appetite, such as rating, MREL and TLAC or leverage ratio.

All of these indicators are measured on a forward-looking basis in relation to their target on a quarterly or even monthly basis for the current year. During the preparation of the financial plan, they are also assessed on an annual basis over a minimum of three-year horizon according to at least a baseline and adverse scenarios, in order to demonstrate the resilience of the bank’s business model against adverse macroeconomic and financial uncertain environments. Capital adequacy is continuously monitored by the Executive Management and by the Board of Directors as part of the Group’s corporate governance process and is reviewed in depth during the preparation of the financial plan. It ensures that the bank always complies with its financial target and that its capital level is above the “Maximum Distributable Amount” (MDA) threshold.

Besides, the Group maintains a balanced capital allocation among its three strategic core businesses:

• ■French Retail Banking;
• ■International Retail Banking and Mobility & Leasing Services;
• ■Global Banking and Investor Solutions.

Each of the Group’s core businesses accounts for around a third of total Risk-Weighted Assets (RWA), with a predominance of credit risk (84% of total Group RWA, including counterparty credit risk).

At 31 December 2023, Group RWA were up by 8% to EUR 389 billion, compared with EUR 362 billion at end-December 2022.

The trend traced by the business lines’ RWA lies at the core of the operational management of the Group’s capital trajectory based on a detailed understanding of the drivers of variations. Where appropriate, the General Management may decide, upon a proposal from the Finance Department, to implement managerial actions to increase or reduce the share of the business lines, for instance by validating the execution of synthetic securitisation or of disposals of performing or non-performing portfolios. The Group Capital Committee and the capital contingency plan provide General Management with framework analysis, governance and several levers in order to adjust the capital management trajectory.

The Group’s prudential reporting scope includes all fully consolidated entities according to accounting rules except for insurance entities, which are subject to separate capital supervision.

Whenever relevant, subsidiaries may be excluded from prudential reporting scope notably if the sum of balance sheet and off balance sheet commitments are lower than EUR 10 million or 1% of the total balance sheet and off balance sheet of the legal entity owning the equity. Legal entities excluded from the prudential reporting scope are subject to periodic reviews, at least annually.

All regulated entities of the Group comply with their prudential commitments on an individual basis.

The following table provides the main differences between the accounting scope (consolidated Group) and the prudential scope (Banking Regulation requirements).

The following table provides a reconciliation between the consolidated balance sheet and the accounting balance sheet within the prudential scope.The amounts presented are accounting data, not a measure of RWA, EAD or prudential capital. Prudential filters related to entities and holdings not associated with an insurance activity are grouped together on account of their non-material weight (< 0.1%).

Reported in accordance with International Financial Reporting Standards (IFRS), Societe Generale’s regulatory capital consists of the following components:

According to the applicable regulations, Common Equity Tier 1 capital is made up primarily of the following:

• ■ordinary shares (net of repurchased shares and treasury shares) and related share premium accounts;
• ■retained earnings;
• ■components of other comprehensive income;
• ■other reserves;
• ■minority interests limited by CRR/CRD.

Deductions from Common Equity Tier 1 capital essentially involve the following:

• ■estimated dividend payments;
• ■goodwill and intangible assets, net of associated deferred tax liabilities;
• ■unrealised capital gains and losses on cash flow hedging;
• ■income on own credit risk;
• ■deferred tax assets on tax loss carryforwards;
• ■deferred tax assets on refundable tax credit;
• ■deferred tax assets resulting from temporary differences beyond a threshold;
• ■assets from defined benefit pension funds, net of deferred taxes;
• ■any positive difference between expected losses on customer loans and receivables managed under the internal ratings-based (IRB) approach, and the sum of related value adjustments and collective impairment losses;
• ■Pillar 1 NPL backstop;
• ■value adjustments resulting from the requirements of prudent valuation;
• ■securitisation exposures weighted at 1,250%, when these positions are excluded from the calculation of RWA.

The Basel III Accord has established the rules for calculating minimum capital requirements in order to more accurately assess the risks to which banks are exposed, taking into account the risk profile of transactions via two approaches intended for determining RWA: a standardised approach and an advanced one based on internal methods modelling the counterparties’ risk profiles.

2022 figures have been restated, in compliance with IFRS 17 and IFRS 9 for insurance entities

As at 31 December 2023, RWA (EUR 388.8 billion) were distributed as follows:

• ■credit and counterparty credit risks accounted for 84% of RWA (of which 37% for International Retail Banking and Financial Services);
• ■market risk accounted for 3% of RWA (of which 83% for Global Banking and Investor Solutions);
• ■operational risk accounted for 13% of RWA (of which 58% for Global Banking and Investor Solutions).

REVOIR LA POSITION DES MONTANTS DES 2 DERNIERES LIGNES / CELA DEVRAIT ETRE AU MILIEU DES COLONNES IRB ET STANDARD

The Total Loss Absorbing Capacity (TLAC) requirement which applies to Societe Generale is 18% of RWA since 1 January 2022, to which the conservation buffer of 2.5%, the G-SIB buffer of 1% and the countercyclical buffer must be added. As at 31 December 2023, the TLAC requirement thus stood at 22.06% of Group RWA.

The TLAC rule also provides for a minimum ratio of 6.75% of the leverage exposure January 2022.

As at 31 December 2023, Societe Generale reached a phased-in TLAC ratio of 28.4% excluding senior preferred debts. The phased-in ratio stands at 31.9% of RWA when considering the possibility to account for senior preferred debts up to 3.5% of RWA.

The TLAC ratio expressed as a percentage of leverage exposure is 8.7%.

Quantitative information on the TLAC ratio can be found in Chapter 1 (summary) and Section 5.10 (detail).

The Minimum Requirement for own funds and Eligible Liabilities (MREL) has applied to credit institutions and investment firms within the European Union since 2016.

Contrary to the TLAC ratio, the MREL requirement is tailored to each institution and regularly revised by the resolution authority. This requirement amounts to 25.7% in 2023. Throughout the year, Societe Generale complied with its requirements while MREL ratio as a percentage of RWA stands at 33.7% at the end of 2023.

Moreover, the MREL requirement as a percentage of leverage exposure amounts to 5.91% while the ratio stands at 9.2% at the end of 2023.

The Group calculates its leverage ratio according to the CRR2 rules applicable since June 2021.

Managing the leverage ratio means both calibrating the amount of Tier 1 capital (the numerator of the ratio) and controlling the Group’s leverage exposure (the denominator of the ratio) to achieve the target ratio levels that the Group sets for itself. To this end, the leverage exposure of the different businesses is monitored by the Finance Division.

The Group aims to maintain a consolidated leverage ratio that is significantly higher than the 3.5% minimum set in the Basel Committee’s recommendations, implemented in Europe via CRR2, including a fraction of the systemic buffer which is applicable to the Group.

At 31 December 2023, the leverage ratio of Societe Generale stood at 4.25% taking into account a Tier 1 capital amount of EUR 60.5 billion compared with a leverage exposure of EUR 1,422 billion (versus 4.37% at 31 December 2022, with EUR 58.7 billion and EUR 1,345 billion, respectively).

The CRR incorporates the provisions regulating large exposures. As such, Societe Generale must not have any exposure towards a single beneficiary which exceeds 25% of the Group’s capital.

The final rules of the Basel Committee on large exposures, transposed in Europe via CRR2, have been applicable since June 2021. The main changes compared with CRR reside in the calculation of the regulatory limit (25%), henceforth expressed as a proportion of Tier 1 (instead of cumulated Tier 1 and Tier 2), and in the introduction of a cross-specific limit on systemic institutions (15%).

The Societe Generale Group, also identified as a “Financial conglomerate”, is subject to additional supervision from the ECB.

At 31 December 2023, Societe Generale’s financial conglomerate equity covered the solvency requirements for both banking and insurance activities.

At 30 June 2023, the financial conglomerate ratio was 139%, consisting of a numerator “Own funds of the Financial Conglomerate” of EUR 79.4 billion, and a denominator “Regulatory requirement of the Financial Conglomerate” of EUR 56.9 billion.

As at 31 December 2022, the financial conglomerate ratio was 144%, consisting of a numerator “Own funds of the Financial Conglomerate”of EUR 75.5 billion, and a denominator “Regulatory requirement of the Financial Conglomerate” of EUR 52.3 billion.

Business Units translate the principles laid out in this section as necessary into credit policies, which must comply with all the following rules:

• ■a credit policy that defines lending criteria and, usually, limits on risk-taking by sector, type of loan, country/region or customer/customer category. These rules are defined particularly by the CORISQ and Credit Risk Committees (CRCs) and are drawn up in concert with the BU concerned;
• ■the credit policy forms part of the Group’s risk management strategy in accordance with its risk appetite;
• ■credit policies concerning major issues must be periodically approved by DGLE and the Group Risk Committee (CORISQ). Those involving smaller issues or more specific in scope can be approved at BU level;
• ■credit policies rest on the principle that any commitment entailing credit risks depends on:
  • -in-depth knowledge of the customer and their business,
  • -an understanding of the purpose and nature of the transaction structure and the sources of income that will generate fund repayment,
  • -the appropriateness of the transaction structure, to minimise risk of loss in the event of counterparty default;
• ■the analysis and the validation of the files, involving respectively and independently the responsibility of the Primary Customer Responsibility Unit (PCRU-SSC) and the dedicated risk units within the risk management function. To ensure a consistent approach to the Group’s risk-taking, this PCRU-SSC and/or and this risk unit reviews all applications for authorisation relating to a given customer or category of customers except in the case of credit delegations granted by the PCRU-SSC and RISQ to certain SG entities, the monitoring being conducted on a consolidated customer basis for all these authorisations. The PCRU-SSC and risk unit must operate independently of each another;
• ■the allocation of rating or score, which is a key criterion of the granting policy. These ratings are validated by the dedicated risk unit. Particular attention is paid to the regular review of the ratings. On retail scope, cf. infra “Specificities of retail portfolios”;
• ■for the non-retail scope, a delegation of authority regime, mainly based on the internal rating of counterparties, provides decision-making authority on the risk units on one hand and the PCRU-SSC on the other;
• ■proactive management and monitoring of counterparties whose situation has deteriorated to contain the risk of loss given a default of a counterparty.

The Group uses credit risk mitigation techniques for both market and commercial banking activities. These techniques provide partial or full protection against the risk of debtor insolvency.

There are two main categories:

• ■personal guarantees are commitments made by a third party to replace the primary debtor in the event of the latter’s default. These guarantees encompass the protection commitments and mechanisms provided by banks and similar credit institutions, specialised institutions such as mortgage guarantors (e.g.Crédit Logement in France), monoline or multiline insurers, export credit agencies, states in the context of the health crisis linked to Covid-19 and consequences of Ukraine conflict, etc. By extension, credit insurance and credit derivatives (purchase of protection) also belong to this category;
• ■collateral can consist of physical assets in the form of personal or real property, commodities or precious metals, as well as financial instruments such as cash, high-quality investments and securities, and also insurance policies.

Appropriate haircuts are applied to the value of collateral, reflecting its quality and liquidity.

In order to reduce its risk-taking, the Group is pursuing active management of its securities, in particular by diversifying them: physical collateral, personal guarantees and others (including Credit Default Swaps).

For information, the mortgage loans of retail customers in France benefit overwhelmingly from a guarantee provided by the financing company Crédit Logement, ensuring the payment of the mortgage to the Bank in the event of default by the borrower (under conditions of compliance with the terms of collateral call defined by Crédit Logement).

During the credit approval process, an assessment is performed on the value of guarantees and collateral, their legal enforceability and the guarantor’s ability to meet its obligations. This process also ensures that the collateral or guarantee successfully meets the criteria set forth in the Capital Requirements Directive (CRD) and in the Capital Requirements Regulation (CRR).

The guarantors are subject to an internal rating updated at least annually. Regarding collateral, regular revaluations are made based on an estimated disposal value composed of the market value of the asset and a discount. The market value corresponds to the value at which the good should be exchanged on the date of the valuation under conditions of normal competition. It is preferably obtained based on comparable assets, failing this by any other method deemed relevant (example: value in use). This value is subject to haircuts depending on the quality of the collateral and the liquidity conditions.

Regarding collateral used for credit risk mitigation and eligible for the RWA calculation, it should be noted that 95% of guarantors are investment grade. These guarantees are mainly provided by Crédit Logement, export credit agencies, the French State (within the Prêts Garantis par l’État framework of the loans guaranteed by the French State) and insurance companies.

In accordance with the requirements of European Regulation No. 575/2013 (CRR), the Group applies minimum collateralisation frequencies for all collateral held in the context of commitments granted (financial collateral, commercial real estate, residential real estate, other security interests, leasing guarantees).

More frequent valuations must be carried out in the event of a significant change in the market concerned, the default or litigation of the counterparty or at the request of the risk management function. In addition, the effectiveness of credit risk hedging policies is monitored as part of the LGD.

It is the responsibility of the risk management function to validate the operational procedures put in place by the business lines for the periodic valuation of collateral (guarantees and collateral), whether automatic valuations or on an expert opinion and whether during the credit decision for a new competition or during the annual renewal of the credit file.

The amount of guarantees and collateral is capped at the amount of outstanding loans less provisions, i.e. EUR 374.2 billion as at 31 December 2023 (compared with EUR 388.5 billion as at 31 December 2022), of which EUR 152.8 billion for retail customers and EUR 221.4 billion for other types of counterparties (compared with EUR 159.5 billion and EUR 229.1 billion as at 31 December 2022, respectively).

The outstanding loans covered by these guarantees and collateral correspond mainly to loans and receivables at amortised cost, which amounted to EUR 290.6 billion as at 31 December 2023, and to off-balance sheet commitments, which amounted to EUR 74.4 billion (compared with EUR 304.8 billion and EUR 75.2 billion as at 31 December 2022, respectively).

The amounts of guarantees and collateral received for performing outstanding loans (Stage 1) and under-performing loans (Stage 2) with payments past due amounted to EUR 3.8 billion as at 31 December 2023 (EUR 2.3 billion as at 31 December 2022), including EUR 1.2 billion on retail customers and EUR 2.6 billion on other types of counterparties (versus EUR 0.89 billion and EUR 1.4 billion at 31 December 2022 respectively).

The amount of guarantees and collateral received for non-performing outstanding loans as at 31 December 2023 amounted to EUR 5.6 billion (compared with EUR 5.8 billion as at 31 December 2022), of which EUR 1.5 billion on retail customers and EUR 4.1 billion on other types of counterparties (compared with EUR 1.4 billion and EUR 3.8 billion respectively as at 31 December 2022). These amounts are capped at the amount of outstanding.

Information relating to impairment can be found in Note 3.8 to the consolidated financial statements, which is part of Chapter 6 of the present Universal Registration Document.

Since 2007, Societe Generale has been authorised by its supervisory authorities to apply, for the majority of its exposures, the internal method (Internal Rating Based method – IRB) to calculate the capital required for credit risk.

The remaining exposures subject to the Standard approach mainly concern the portfolios of retail customers and SMEs (Small and Medium Enterprises) of the International Retail Banking activities. For exposures processed under the standard method excluding retail customers, which does not use the external note, the Group mainly uses external ratings from the Standard & Poor’s, Moody’s and Fitch rating agencies and the Banque de France. In the event that several Ratings are available for a third party, the second-best rating is applied.

In accordance with the texts published by the EBA as part of the “IRB Repair” program and following the review missions carried out by the ECB (TRIM – Targeted Review of Internal Models), the Group is reviewing its internal model system credit risk, so as to comply with these requirements, ensuring in particular:

• ■the simplification of the architecture of the models, and the improvement of its auditability: either by ex nihilo development of new models based on the New Definition of Default (NDoD), and natively integrating the expectations of the EBA and ECB, or by bringing certain existing models up to the new standards, or via RTLSA (Return To Less Sophisticated Approach) requests;
• ■improving the quality of data and its traceability throughout the chain;
• ■the right application of the roles and responsibilities of the LOD1 (first line of defense) and LOD2 (second line of defense) teams, particularly with regard to building and monitoring the system (ROE – Review Of Estimates);
• ■the rationalization and improvement of certain IT application bricks, particularly concerning the models referential and their monitoring;
• ■the establishment of a more complete normative base, and a more consistent relationship with the supervisor.

The remediation the changes of the IRB Group system are furthermore integrated into the Group roll-out plan.

As part of compliance with IRB Repair, evolutions to the rating systems and models have been and will be submitted to the ECB for validation.

To calculate its capital requirements under the IRB (Internal Rating Based)  method, Societe Generale estimates the Risk-Weighted Assets (RWA) and the Expected Loss (EL) that may be incurred in light of the nature of the transaction, the quality of the counterparty (via internal rating) and all measures taken to mitigate risk.

The calculation of RWA is based on the Basel parameters, which are estimated using the internal risk measurement system:

• ■the Exposure at Default (EAD) value is defined as the Group’s exposure in the event that the counterparty should default. The EAD includes exposures recorded on the balance sheet (such as loans, receivables, accrued income, etc.), and a proportion of off-balance sheet exposures calculated using internal or regulatory Credit Conversion Factors (CCF);
• ■the Probability of Default (PD): the probability that a counterparty will default within one year;
• ■the Loss Given Default (LGD): the ratio between the loss on an exposure in the event a counterparty defaults and the amount of the exposure at the time of the default.

The estimation of these parameters is based on a quantitative evaluation system which is sometimes supplemented by expert or business judgment.

In addition, a set of procedures sets out the rules relating to ratings (scope, frequency of review, grade approval procedure, etc.) as well as those for supervision, the review ROE – Review of Estimates – and the validation of models. These procedures allow, among other things, to facilitate critical human judgment, an essential complement to the models for non-retail portfolios.

The Group also takes into account:

• ■the impact of guarantees and credit derivatives, where applicable by substituting the PD, the LGD and the risk-weighting calculation of the guarantor for that of the obligor (the exposure is considered to be a direct exposure to the guarantor) in the event that the guarantor’s risk weighting is more favorable than that of the obligor;
• ■collateral used as guarantees (physical or financial) taken into account via the LGD level.

Societe Generale can also apply an IRB Foundation approach (where only the probability of default is estimated by the Bank, while the LGD and CCF parameters are determined directly by regulation) to a portfolio of specialised lending exposures, including those granted to the subsidiaries Franfinance Location, Sogelease and Star Lease.

Moreover, the Group has authorisation from the regulator to use the IAA (Internal Assessment Approach) method to calculate the regulatory capital requirement for ABCP (Asset-Backed Commercial Paper) securitisation.

In addition to the capital requirement calculation objectives under the IRBA method, the Group’s credit risk measurement models contribute to the management of the Group’s operational activities. They also constitute tools to structure, price and approve transactions and contribute to the setting of approval limits granted to business lines and the Risk function.

In case of capital requirement calculation in standard method, should an external rating be available, the corresponding exposure is assigned a risk weight according to the mapping tables provided in CRR (Articles 120-121-122) or more precisely to the tables published by the French supervisor ACPR (link: https://acpr.banque-france.fr/sites/default/
files/media/2021/07/08/20210707_notice_crdiv_college_clean.pdf).

In this section, the measurement used for credit exposures is the EAD – Exposure At Default (on- and off-balance sheet). Under the Standardised Approach, the EAD is calculated net of collateral and provisions. 

The grouping used is based on the main economic activity of counterparties. The EAD is broken down according to the guarantor’s characteristics, after taking into account the substitution effect (unless otherwise indicated).

The main metrics used in the following tables are:

• ■Exposure: defined as all assets (e.g. loans, receivables, accruals, etc.) associated with market or customer transactions, recorded on- and off-balance sheet;
• ■EAD (Exposure At Default) is defined as the bank’s exposure (on- and off-balance sheet) in the event of a counterparty’s default. Unless otherwise specifically indicated to the contrary, the EAD is reported post-CRM (Credit Risk Mitigation), after factoring in guarantees and collateral. Under the Standardised approach, EADs are presented net of specific provisions and financial collateral;
• ■Risk-Weighted Assets (RWA): are computed from the exposures and the associated level of risk, which depends on the debtors’ credit quality;
• ■Expected Loss (EL): potential loss incurred, given the quality of the structuring of a transaction and any risk mitigation measures such as collateral. Under the AIRB method, the following equation summarises the relation between these variables: EL = EAD x PD x LGD (except for defaulted exposures).

Counterparty credit risk is framed through a set of limits that reflect the Group’s appetite for risk.

Counterparty credit risk management mainly relies on dedicated first and second lines of defence as described below:

• ■the first lines of defence (LoD1) notably include the business lines that are subject to counterparty credit risk, the Primary Client Responsibility Unit that is in charge of handling the overall relationship with the client and the group to which it belongs, dedicated teams within Global Banking & Advisory and Global Markets Business Units responsible for monitoring and managing the risks within their respective scope of activities;
• ■the Risk Department acts as a second line of defence (LoD2) through the setup of a counterparty credit risk control system, which is based on standardised risk measures, to ensure the permanent and independent monitoring of counterparty credit risks.

The fundamental principles of limit granting policy are:

• ■dedicated LoD1 and LoD2 must be independent of each other;
• ■the Risk Department has a division dedicated to counterparty credit risk management in order to monitor and analyse the overall risks of counterparties whilst taking into account the specificities of counterparties;
• ■a system of delegated authorities, mainly based on the internal rating of counterparties, confers decision-making powers to LoD1 and LoD2;
• ■the limits and internal ratings defined for each counterparty are proposed by LoD1 and validated by the dedicated LoD2(1). The limits may be set individually, at the counterparty level, or globally through framing a (sub) set of counterparties (for example: supervision of stress test exposures).

These limits are subject to annual or ad hoc reviews depending on the needs and changes in market conditions.

A dedicated team within the Risk Department is in charge of production, reporting and controls on risk metrics, namely:

• ■ensuring the completeness and reliability of the risk calculation by taking into account all the transactions booked by the transaction processing department;
• ■producing daily certification and risk indicator analysis reports;
• ■controlling compliance with defined limits, at the frequency of metrics calculation, most often on a daily basis: breaches of limits are reported to Front Office and dedicated LoD2 for remediation actions.

In addition, a specific monitoring and approval process is implemented for the most sensitive counterparties or the most complex categories of financial instruments.

The Group uses various techniques to reduce this risk:

• ■the signing, in the most extensive way possible, of close-out netting agreements for over-the-counter (OTC) transactions and Securities Financing Transactions (SFT);
• ■the collateralisation of market operations, either through clearing houses for eligible products (listed products and certain of the more standardised OTC products), or through a bilateral margin call exchange mechanism which covers both current exposure (variation margins) but also future exposure (initial margins).

Societe Generale’s standard policy is to conclude master agreements including provisions for close-out netting.

These provisions allow on the one hand the immediate termination (close out) of all transactions governed by these agreements when one of the parties' defaults, and on the other hand the settlement of a net amount corresponding to the total value of the portfolio, after netting of mutual debts and claims. This balance may be the subject of a guarantee or collateralisation. It results in a single net claim owed by or to the counterparty.

In order to reduce the legal risk associated with documentation and to comply with key international standards, the Group documents these agreements under the main international standards as published by national or international professional associations such as International Swaps and Derivatives Association (ISDA), International Capital Market Association (ICMA), International Securities Lending Association (ISLA), French Banking Federation (FBF), etc.

These contracts establish a set of contractual terms generally recognised as standard and give way to the modification or addition of more specific provisions between the parties in the final contract, for example regarding the triggering events. This standardisation reduces implementation times and secures operations. The clauses negotiated by clients outside the bank’s standards are approved by the decision-making bodies in charge of the master agreements standards – Normative Committee and/or Arbitration Committee – made up of representatives of the Risk Division, the Business Units, the Legal Division and other decision-making departments of the Bank. In accordance with regulatory requirements, the clauses authorising global close-out netting and collateralisation are analysed by the Bank’s legal departments to ensure that they are enforceable under the legal provisions applicable to clients.

Audited I The measure of replacement risk is based on an internal model that determines the Group’s exposure profiles. As the value of the exposure to a counterparty is uncertain and variable over time, we estimate the potential future replacement costs over the lifetime of the transactions.

The future fair value of market transactions with each counterparty is estimated from Monte Carlo models based on a historical analysis of market risk factors.

The principle of the model is to represent the possible future financial markets conditions by simulating the evolutions of the main risk factors to which the institution’s portfolio is sensitive. For these simulations, the model uses different diffusion models to account for the characteristics inherent in the risk factors considered and uses a 10-year history for calibration.

The transactions with the various counterparties are then revalued according to these different scenarios at the different future dates until the maturity of the transactions, taking into account the terms and conditions defined in the contractual legal framework agreed and the credit mitigants, notably in terms of netting and collateralisation only to the extent we believe that the credit mitigants provisions are legally valid and enforceable.

The distribution of the counterparty exposures thus obtained allows the calculation of regulatory capital for counterparty credit risk and the economic monitoring of positions.

The Risk Department responsible for Model Risk Management at Group level, assesses the theoretical robustness (review of the design and development quality), the compliance of the implementation, the suitability of the use of the model and continuous monitoring of the relevance of the model over time. This independent review process ends with (i) a report that describes the scope of the review, the tests carried out, the results of the review, the conclusions or recommendations and (ii) review and approval Committees. This model review process gives rise to (i) recurring reports to the Risk Management Department within the framework of various Committees and processes (Group Model Risk Management Committee, Risk Appetite Statement/Risk Appetite Framework, monitoring of recommendations, etc.) and (ii) a yearly report to the Board of Directors (CORISQ).

With respect to the calculation of capital requirements for counterparty credit risk, the ECB, following the Targeted Review of Internal Models, has renewed the approval for using the internal model described above to determine the Effective Expected Positive Exposure (EEPE) indicator.

For products not covered by the internal model as well as for entities in the Societe Generale Group that have not been authorised by the supervisor to use the internal model, the Group uses the market-price valuation method for derivatives(4) and the general financial security-based method for securities financing transactions (SFT(5)).

The effects of compensation agreements and collateralisation are taken into account either by their simulation in the internal model when such credit risk mitigant or guarantees meet regulatory criteria, or by applying the rules as defined in the market-price valuation method or the financial security-based method, by subtracting the value of the collateral.

These exposures are then weighted by rates resulting from the credit quality of the counterparty to compute the Risk Weighted Assets (RWA). These rates can be determined by the standard approach or the advanced approach (IRBA).

As a general rule, when EAD is modelled in EEPE and weighted according to IRB approach, there is no adjustment of the LGD according to the collateral received as it is already taken into account in the EEPE calculation.

The RWA breakdown for each approach is available in the “Analysis of Counterparty Credit Risk Exposure by Approach” table in Section 4.6.3.4 “Quantitative Information”.

For the economic monitoring of positions, Societe Generale relies mainly on a maximum exposure indicator determined from the Monte Carlo simulation, called internally Credit Value-at-Risk (CVaR) or PFE (Potential Future Exposure). This is the maximum amount of loss that could occur after eliminating 1% of the most adverse occurrences. This indicator is calculated at different future dates, which are then aggregated into segments, each of them being framed by limits.

In order to monitor the CCR in an aggregated way at the level of its customer portfolio, the Group relies mainly on two metrics:

• ■Global Adverse Stressed Loss (GASEL), a CCR measure designed to holistically monitor the risks induced by market activities. This stress test assumes sudden market movements (identical to those applied on MARK trading desks) triggering a general increase in the probability of default among all counterparties. The market scenarios used by GASEL are the same as those used to manage market risks.
• ■the stress test on collateralised financing activities (STT FinCollat) that measures the aggregate stressed loss across all counterparties for an activity with significant adverse correlation risks (wrong-way risk), as collateral generally has lower liquidity under stressed market conditions.

Counterparty credit risk is broken down as follows:

The tables above feature amounts excluding the CVA (Credit Valuation Adjustment) which represents EUR 3 billion of risk-weighted assets (RWA) at 31 December 2023 (vs. EUR 2.8 billion at 31 December 2022).

This section presents information on Societe Generale’s securitisation activities, acquired or carried out for proprietary purposes or for its customers. It describes the risks associated with these activities and the management of those risks. Finally, it contains quantitative information to describe these activities during 2023 as well as the capital requirements for the Group’s regulatory banking book and trading book within the scope defined by prudential regulations.

As defined in prudential regulations, the term securitisation refers to a transaction or scheme, whereby the credit risk associated with an exposure or pool of exposures is divided into tranches, having the following characteristics :

• ■the transaction achieves significant risk transfer, in case of origination;
• ■payments in the transaction or scheme are contingent on the performance of the exposure or pool of exposures;
• ■subordination of some tranches determines the distribution of losses during the ongoing life of the transaction or risk transfer scheme.

The securitisation transactions are subject to the regulatory treatment defined:

• ■in Regulation (EU) No 2017/2401 amending Regulation (EU) No 575/2013 relating to the capital requirements applicable to credit institutions and to credit and investment firms;
• ■in Regulation (EU) No 2017/2402 creating a general framework for securitisation as well as a specific framework for simple, transparent, and standardised securitisations (STS).

Regulation No 2017/2401 presents the hierarchy of methods for weighting securitisation positions (see section 8.6). The floor weighting rate is 15% (10% for STS securitisations).

Regulation No 2017/2402 defines the criteria for the identification of “simple, transparent and standardised” (STS) securitisations to which specific and lower capital charges are applicable. The text also specifies the authorisation procedure for third-party organisations that will be involved in ensuring compliance with requirements relating to STS securitisations. The risk retention requirement for the transferor is set at a minimum level of 5%.

The securitisatin framework has been amended by 2 new regulations published on April 6th, 2021:

• ■regulation (EU) 2021/557 amending regulation (EU) 2017/2402 and creating a specific STS framework for synthetic on-balance sheet securitisations;
• ■regulation (EU) 2021/558 amending regulation (EU) no 575/2013, a specific prudential framework for non-performing exposures (NPE) securitisations.

Guidelines or Regulatory Technical Standards issued by the technical authorities, ESMA and the EBA, clarify some aspects of the level 1 European regulations.

The securitisation transactions that Societe Generale invests in (i.e. the Group invests directly in certain securitisation positions, is a liquidity provider or a counterparty of derivative exposures) are recognised in accordance with Group accounting principles, as set forth in the notes to the consolidated financial statements included in the 2023 Universal Registration Document.

In the financial statements, the classification of securitisation positions depends on their contractual characteristics and the way the entity manages those financial instruments.

When analysing the contractual cash flow of financial assets issued by a securitisation vehicle, the entity must analyse the contractual terms, as well as the credit risk of each tranche and the exposure to credit risk in the underlying pool of financial instruments. To that end, the entity must apply a “look-through approach” to identify the underlying instruments that are creating the cash flows.

Contractual flows that represent solely payments of principal and interest on the principal amount outstanding are consistent with a basic lending arrangement (SPPI flows: Solely Payments of Principal and Interest).

In the financial statements, the basic securitisation positions (SPPI) are classified into two categories, depending on the business model used to manage them:

• ■when they are managed under a “Collect and Sell” business model, the positions are classified as “Financial assets at fair value through other comprehensive income”. Accrued or earned income on these positions is recorded in profit or loss based on the effective interest rate, under Interest and similar income. At the reporting date, these instruments are measured at fair value, and changes in fair value, excluding income, are recorded under Unrealised or deferred gains and losses. Furthermore, as these financial assets are subject to impairment for credit risk, changes in expected credit losses are recorded in profit or losses under Cost of risk with a corresponding entry to Unrealised or deferred gains and losses;
• ■when they are managed under a “Hold to Collect” business model, the positions are measured at amortised cost. Subsequent to initial recognition, these positions are measured at amortised cost using the effective interest method, and their accrued or earned income is recorded in the income statement under Interest and similar income. Furthermore, as these financial assets are subject to impairment for credit risk, changes in expected credit losses are recorded in profit or loss under Cost of risk with a corresponding impairment of amortised cost under balance sheet assets.

The securitisation positions that are not basic (non–SPPI) will be measured at fair value through profit or loss, regardless of the business model for managing them.

At the balance sheet date, these assets are recorded in the balance sheet under Financial assets at fair value through profit or loss and changes in the fair value of these instruments (excluding interest income) are recorded in the income statement under Net gains or losses on financial instruments at fair value through profit or loss.

Interest income and expense are recorded in the income statement under Interest and similar income and Interest and similar expense.

Securitisation positions classified among the financial assets at amortised cost or among the financial assets at fair value through other comprehensive income, are systematically subject to impairment or a loss allowance for expected credit losses. These impairments and loss allowances are booked on initial recognition of the assets, without waiting for objective evidence of impairment to occur.

To determine the amount of impairment to be recorded at each reporting date, these assets are classified into one of three categories based on the increase in credit risk observed since initial recognition. Stage 1 exposures are impaired for the amount of credit losses that the Group expects to incur within 12 months; Stages 2 and 3 exposures are impaired for the amount of credit losses that the Group expects to incur over the life of the exposures.

For securitisation positions measured at fair value through profit or loss, their fair value includes already the expected credit loss, as assessed by the market participant, on the residual lifetime of the instrument.

Reclassification of securitisation positions is only required in the exceptional event that the Group changes the business model used to manage these assets.

Synthetic securitisations in the form of Credit Default Swaps follow accounting recognition rules specific to trading derivatives.

The securitisation transactions are derecognised when the contractual rights to the cash flows on the asset expire or when the Group has transferred the contractual rights to receive the cash flows and substantially all the risks and rewards linked to the ownership of the asset. Where the Group has transferred the cash flows of a financial asset but has neither transferred nor retained substantially all the risks and rewards of its ownership and has effectively not retained control of the financial asset, the Group derecognises it and, where necessary, recognises a separate asset or liability to cover any rights and obligations created or retained because of transferring the asset. If the Group has retained control of the asset, it continues to recognise it in the balance sheet to the extent of its continuing involvement in that asset.

Securitisation of securitised assets recognised in the Group balance sheet follow the same accounting treatment described above.

When a financial asset is derecognised in its entirety, a gain or loss on disposal is recorded in the income statement for an amount equal to the difference between the carrying value of the asset and the payment received for it, adjusted where necessary for any unrealised profit or loss previously recognised directly in equity.

A structured entity is an entity that has been designed so that voting or similar rights are not the dominant factor in deciding who controls the entity.

When assessing the existence of a control over a structured entity, all facts and circumstances shall be considered, among which:

• ■the purpose and design of the entity;
• ■the structuring of the entity (especially, the power to direct the relevant activities of the entity);
• ■risks to which the entity is exposed by way of its design and the Group’s exposure to some or all of these risks;
• ■potential returns and benefits for the Group.

Unconsolidated structured entities are those that are not exclusively controlled by the Group.

Within the framework of the consolidation of structured entities that are controlled by the Group, the shares of those entities that are not held by the Group are recognised under “Debt” in the balance sheet.

When customer loans are securitised and partially sold to external investors, the entities carrying the loans are consolidated if the Group retains control and remains exposed to the majority of the risks and benefits associated with these loans.

Any financial support outside of any binding contractual arrangement provided to unconsolidated entities, over securitised assets, would be recognised as a liability on balance sheet if it met the relevant IFRS criteria, or gave rise to a provision under IAS 37, and must be disclosed.

The management of risks associated with securitisation operations follows the rules established by the Group depending on whether these assets are recorded in the banking book (credit and counterparty credit risks) or in the trading book (market risk and counterparty credit risk).

The securitisation risk is monitored by the Client Relations and Financing and Advisory Solutions department (Global Banking & Advisory - GLBA) and, in respect of transactions for own account, by the Group Treasury Department of the Financial Department [DFIN/GTR/FUN] in LoD1 and supervised in the credit risk management system by the “Corporate and Investment Banking” division (CIB) of the Risks department in LoD2.

Only the Asset-Backed Products division of GLBA has the mandate to deal with transactions generating securitisation risk.

These operations consist in:

• ■structuring and/or primary distribution of ABS (Asset-Backed Securities), which can take the form of RMBS (Residential Mortgage-Backed Securities), CMBS (Commercial Mortgage-Backed Securities) and CLOs (Collateralised Loan Obligations), structured or co-arranged by Societe Generale, for the benefit of issuers (companies and specialised financial companies) also called “public securitisation”. These transactions do not generate any securitisation risk for the Group if no exposure is retained by Societe Generale;
• ■financing of customer needs, via commercial paper backed by assets issued by Societe Generale conduits or, marginally, on the balance sheet, also called “private securitisation”. These activities generate credit risk for Societe Generale and are overseen by the “Corporate and Investment Banking” (CIB) division of the Risk Department;
• ■structuring of securitisation transactions for its own (i.e., the underlying portfolio consisting of receivables booked on the Group’s balance sheet). This activity does not generate additional credit risk for the Group; the role of the Corporate and Investment Banking (CIB) division of the Risk Department [RISQ/CIB] is to ensure that the structure is robust;
• ■securitised products are also used as underlying on the secondary market in collateralised financing and trading transactions. These transactions generate both credit risk and market risk for the Group and are overseen by the “Corporate and Investment Banking” (CIB) and the Risks on Market Activities divisions of the Risk Department.

Securitisation activities allow the Group to raise liquidity or manage risk exposures, for proprietary purposes or on behalf of customers. Within the framework of these activities, the Group can act as originator, sponsor/arranger or investor:

• ■as an originator, the Group directly or indirectly participates in the initial agreement on assets which subsequently serve as underlying in securitisation transactions, primarily for refinancing purposes;
• ■as a sponsor, the Group establishes and manages a securitisation programme used to refinance customers’ assets, mainly via the Antalis and Barton conduits and via certain other special purpose vehicles;
• ■as an investor, the Group invests directly in certain securitisation positions, is a liquidity provider or a counterparty of derivative exposures.

This information must be considered within the context of the specific structure of each transaction and vehicle, which cannot be described in this report.

Securitisation initiatives are part of the portfolio management program. They are efficient tools for optimizing capital management and managing credit risk exposure while maintaining a strong level of commercial dynamic. Several transactions with significant risk transfer (SRT) have been executed since mid-2019, mostly under a synthetic format and on different portfolios, to manage underlying credit risks and associated capital requirement. The SRT policy is documented in terms of internal governance, control framework as well as ongoing monitoring and reporting.

Taken separately, the level of payments past due or in default does not provide sufficient information on the types of exposures securitised by the Group, mainly because the default criteria may vary from one transaction to another. Furthermore, these data reflect the situation of the underlying assets.

In securitisation transactions, past due exposures are generally managed via structural mechanisms that protect the most senior positions.

Impaired exposures belong mainly to CDOs of US subprime residential mortgages, dating back to 2014.

As part of its securitisation activities, the Group does not provide any implicit support in accordance with Article 250 of revised CRR (regulation (UE) 2017/2401).

Since the protection purchased is financed, there is no counterparty credit risk on the vendor of the insurance. The Group does not intend to purchase unfunded protection at this stage.

Positions in the securitisation trading book are exclusively high ranking and mezzanine tranches, and 79.7% are high ranking positions as of 31 December 2023. 

In the banking book senior thanches are more than 97% of securitisation exposures retained or purchased as of 31 December 2023.

Whenever traditional or synthetic securitisations, for which sponsorship, origination, structuring or management of Societe Generale is involved, achieve a substantial and documented risk transfer compliant with the regulatory framework, the underlying assets are excluded from the bank’s calculation of risk-weighted exposures for traditional credit risk.

For the securitisation positions that Societe Generale decides to hold either on- or off-balance sheet, capital requirements are determined based on the bank’s exposure, irrespective of its underlying strategy or role.

Institutions use one of the methods described in the hierarchy below to calculate the weighted exposure amounts:

• ■SEC-IRBA (approach based on internal ratings), when certain conditions are met;
• ■when the SEC-IRBA cannot be used, the intitution uses the SEC-SA (standardised approach);
• ■when the SEC-SA cannot be used, the institution uses the SEC-ERBA (approach based on external ratings) for positions with an external credit rating or those for which it is possible to infer such a note.

The unrated liquidity lines granted to ABCP programmes can be determined using the Internal Assessment Approach (IAA). Regarding the liquidity lines that the bank grants to the securitisation conduits it sponsors, Societe Generale obtained approval in 2009 to use the internal assessment approach. As such, Societe Generale has developed a rating model (IAA approach), which estimates the expected loss (Expected Loss - EL) for each Group’s exposure to securitisation conduits, which automatically leads to a capital weighting by application of a correspondence table defined by the regulations. The IAA model mainly applies to underlying assets such as trade receivables, auto loans and auto lease. An annual review of the model makes it possible to verify that the performance and conservatism of the model. Also, in-depth analyses are carried out on inputs (transaction details such as default, dilution, or reserve rates), model parameters (transition matrices, PD, LGD) and an EL backtest. The backtest of the outputs themselves being not feasible due to the limited number of transactions, the backtest of the IAA model consists in the backtest of the inputs (including for example default rate and default rate standard deviation) and the parameters as well as a model behavoir analysis. Methodological benchmarks are also regularly carried out in order to validate our internal approach in comparison with the best practices of the market. The relevance of the IAA approach is regularly monitored and reviewed by the Risk Department responsible for Model Risk Management at Group level, as second line of defense. The independent review process ends with (i) review and approval Committees and (ii) an independent review report detailing the scope of the review, the tests performed and their outcomes, the recommendations, and the conclusion of the review. The model control mechanism gives rise to recurrent reporting to the appropriate authorities.

In the other cases, the securitisation positions receive a risk weight of 1,250%.

List of SSPEs which acquire exposures originated by the institutions(1):

List of SSPEs sponsored by the institutions:

List of SSPEs and other legal entities for which the institutions provide securitisation-related services, such as advisory, asset servicing or management services:

On SGSS side, other asset managers are providing different categories of funds other than securitisation.

List of legal entities affiliated with the institutions and that invest in securitisations originated by the institutions or in securitisation positions issued by SSPEs sponsored by the institutions:

List of SPPEs included in the institutions’regulatory scope of consolidation

Although primary responsibility for managing risk exposure relies on the front office managers, the supervision system comes under the Market Risk Department of the Risk Department, which is independent from the businesses.

The main missions of this department are:

• ■the definition and proposal of the Group’s market risk appetite;
• ■the proposal of appropriate market risk limits by Group activity to the Group Risk Committee (CORISQ);
• ■the assessment of the limit requests submitted by the different businesses within the framework of the overall limits authorised by the Board of Directors and General Management, and based on the use of these limits;
• ■the permanent verification of the existence of an effective market risk monitoring framework based on suitable limits;
• ■coordination of the review by the Risk Department of the strategic initiatives of the Market Risk Department;
• ■the definition of the indicators used to monitor market risk;
• ■the daily calculation and certification of the market risk indicators, of the P&L resulting from market activities, based on formal and secure procedures, and then of the reporting and the analysis of these indicators;
• ■the daily monitoring of the limits set for each activity;
• ■the risk assessment of new products or market activities.

In order to perform its tasks, the department also defines the architecture and the functionalities of the information system used to produce the risk and P&L indicators for market transactions, and ensures it meets the needs of the different businesses and of the Market Risk Department.

This department contributes to the detection of possible rogue trading operations through a monitoring mechanism based on alert levels (on gross nominal value of positions for example) applied to all instruments and desks.

The business development strategy of the Group for market activities is primarily focused on meeting clients’ needs, with a comprehensive range of products and solutions. The risk resulting from these market activities is strictly managed through a set of limits for several indicators:

• ■the Value-at-Risk (VaR) and stressed Value-at-Risk (sVaR): these global indicators are used for market risk calculations for RWA and for the day-to-day monitoring of the market risks incurred by the Group within the scope of its trading activities;
• ■stress test measurements, based on decennial shock-type indicators, which make it possible to restrict the Group’s exposure to systemic risk and exceptional market shocks. These measurements can be global, multi-risk factor (based on historical or hypothetical scenarios), by activity or risk factor in order to take into account extreme risks on a specific market, or event-driven, to temporarily monitor a particular situation;
• ■sensitivity and nominal indicators used to manage the size of positions:
  • -sensitivities are used to monitor the risk incurred locally on a given type of position (e.g. sensitivity of an option to changes in the underlying asset),
  • -while nominal indicators are used for significant positions in terms of risk;
• ■additional indicators such as concentration risk or holding period, maximum maturity, etc.

The Market Risk Department is responsible for the assessment and validation of the limit requests submitted by the different business lines. These limits ensure that the Group complies with the market risk appetite approved by the Board of Directors.

Societe Generale monitors its exposure using stress test simulations to take into account exceptional market disruptions.

A stress test estimates the loss resulting from an extreme change in market parameters over a period corresponding to the time required to unwind or hedge the positions affected.

Two major metrics are defined and used:

• ■the Global Stress Test on market activities, which estimates the losses linked to market risks, market/counterparty cross-risk, and dislocation and carry risk on exotic activities, that could arise simultaneously in the event of a severe but plausible systemic crisis. This stress test is modeled on five scenarios;
• ■the Market Stress Test, which focuses solely on market risks, applying the same scenarios as the Global Stress Test and additional scenarios corresponding to different market conditions.

The various scenarios for those stress tests are reviewed by the Risk Division on a regular basis. These reviews are presented during dedicated biannual Committees, chaired by the Market Risk Department and attended by economists and representatives of Societe Generale’s trading activities. These Committees cover the following topics: changes in scenarios (introduction, removal, shock review), appropriate coverage of the risk factors by the scenarios, review of the approximations made in terms of calculation, correct documentation of the whole process. The delegation level needed to validate the changes in stress test methodology depends on the impact of the change in question.

The Global Stress Test on market activities limits and the Market Stress Test limits play a central role in the definition and the calibration of the Group’s appetite for market risk: these indicators cover all activities and the main market risk factors and related risks associated with a severe market crisis, this allows both to limit the overall amount of risk and to take into account any diversification effects.

This system is complemented by stress-testing frameworks on four risk factors on individual risk factors, in particular equities and interest rates, on which the Group has significant exposures.

The Global Stress Test on market activities is the main risk indicator used on this scope. It covers all the risks on market activities that would occur simultaneously in case of a severe, but plausible, market crisis. The impact is measured over a short period of time with an expected occurrence of once per decade. The Global Stress Test uses five market scenarios and has three components, each of which are considered in each of the five scenarios in order to ensure consistency within the same scenario:

• ■market risk;
• ■dislocation and carry risks on exotic activities related to concentration effects and crowded trades;
• ■market/counterparty cross-risks arising in transactions with weak counterparties (hedge funds and proprietary trading groups).

The Global Stress Test corresponds to the least favorable results arising from the five scenarios and their respective components.

It corresponds to: 

- the results of the Market Stress Test(4) restricted to scenarios that could cause dislocation effects on market positions and default by weak counterparties. These scenarios all simulate a sharp fall in the equity markets and a widening in credit spreads which could trigger dislocation effects. Following the last review of the scenarios at the end of 2020, it was decided to use for the calculation of the stress test three theoretical scenarios (generalised (i.e. financial crisis scenario), eurozone crisis, general decline in risk assets) and two historical scenarios focusing respectively on the period of early October 2008 and early March 2020. 

-This component includes the impact of the stress test scenario on the counterparty credit risk reserves (Credit Value Adjustment) and funding risk reserves (Funding Value Adjustment) whose variation in case of a crisis affects the trading activities.

Additional market risks to those assessed in the Market Stress Test can occur in market situation in which one or more participants – generally structured products sellers – have concentrated or crowded trades. Dynamic risk hedging strategies can cause larger market dislocations than those calibrated in the Market Stress Test, and these dislocations can extend beyond the shock timeline used due to an imbalance between supply and demand.

Equity, credit, fixed income, currency and commodity trading activities are regularly reviewed to identify these areas of risk and to define a scenario that takes into account the specific features of each activity and position. Each scenario associated with an identified area of risk is added to the market risk component if – and only if – it is compatible with the market scenario in question.

Some counterparties may be significantly affected by a major crisis on the financial markets and their probability of default may increase. The third component of the Global Stress Test therefore aims to take into account this increased risk on certain types of weak counterparties (hedge funds and proprietary trading groups).

Four measurements are used:

• ■the collateralised financing stress test: this stress test focuses on collateralised financing activities and more specifically on weak counterparties. It applies a dislocation shock to several asset classes with the assumption of extremely tight liquidity conditions. Collateral and counterparty default rates are stressed concomitantly, taking into account any consanguinity with the collateral posted;

• ■the adverse stress test on hedge funds and proprietary trading groups (PTG): this stress test applies three pairs of stress scenarios to all market transactions generating replacement regarding this type of counterparty. Each set of scenarios consists of a short-term scenario (scenario derived from the Market Stress Test) applied to positions with margin calls, and a long-term scenario (whose shocks are generally more severe) for positions without margin calls. Stressed current exposures are weighted by the probability of default of each counterparty and by the loss given default (LGD), then aggregated;
• ■the adverse stress test on products whose underlying is a hedge fund: this type of underlying poses a risk of illiquidity in the event of a crisis. The purpose of this stress test is to estimate the corresponding potential loss on transactions with this type of underlying and presenting a “gap risk”;
• ■the Clearing House (CCP) Member stress test: it estimates the potential loss in the event of a default of a CCP member of which Societe Generale is also a member.

This metric focuses on market risk and estimates the loss resulting from shocks on the set of risk factors. This stress test is based on 12 scenarios(5), three historical and nine hypothetical. The main principles are as follows:

• ■the scenario considered in the market stress test is the worst of the different scenarios defined;
• ■the shocks applied are calibrated on time horizons specific to each risk factor (the time horizon can range from five days for the most liquid risk factors to three months for the least liquid);
• ■risks are calculated every day for each of the Bank’s market activities (all products together), using each of the historical and hypothetical scenarios.

This method consists of an analysis of the major economic crises that have affected the financial markets: changes in the prices of financial assets (equities, interest rates, exchange rates, credit spreads, etc.) during each of these crises have been analysed in order to define scenarios for potential variations in these main risk factors which, when applied to the Bank’s trading positions, could generate significant losses. Accordingly, this approach makes it possible to determine the historical scenarios used for the calculation of the stress test. This set of scenarios is also the subject of regular reviews. In 2020, two new historical scenarios related to the Covid-19 crisis were integrated: a crisis scenario (marked by a decline in equity indices and an increase in credit spreads) as well as a rebound scenario (marked by an increase in equity indices and a decrease in credit spreads). In 2023, the historical rebound scenario in financial markets observed in 2020 was replaced by two hypothetical scenarios based on the same market context. Societe Generale is currently using three historical scenarios in the calculation of the stress test, which cover the periods from October to December 2008 and March 2020.

The hypothetical scenarios are defined with the Group’s economists and are designed to identify possible sequences of events that could lead to a major crisis in the financial markets (e.g. European crisis, a drop in assets, etc.). The Group’s aim is to select extreme but plausible events which would have major repercussions on all international markets. Accordingly, Societe Generale has defined nine hypothetical scenarios. In 2023, an obsolete scenario corresponding to the Russian crisis of 1998 was replaced by a new theoretical scenario centered on an inflationary crisis and two new hypothetical scenarios corresponding to bull markets were added.

The on- and off-balance sheet items must be allocated to one of the two portfolios defined by prudential regulations: the banking book or the trading book.

The banking book is defined by elimination: all on- and off-balance sheet items not included in the trading book are included by default in the banking book.

The trading book consists of all positions in financial instruments and commodities held by an institution either for trading purposes or in order to hedge other positions in the trading book. The trading interest is documented as part of the traders’ mandates.

The prudential classification of instruments and positions is governed as follows:

• ■the Finance Department’s prudential regulation experts are responsible for translating the regulations into procedures, together with the Risk Department for procedures related to holding period and liquidity. They also analyse specific cases and exceptions. They share these procedures to the business lines;
• ■the business lines comply with these procedures as 1st line of defense (LOD1). In particular, they document the trading interest of the positions taken by traders;
• ■the Risk Department is the 2nd line of defense (LOD2).

The following controls are implemented in order to ensure that activities are managed in accordance with their prudential classification:

• ■new product process: any new product or activity is subject to an approval process that covers its prudential classification and regulatory capital treatment for transactions subject to validation;
• ■holding period: the Market Risk Department has designed a control framework for the holding period of certain instruments;
• ■liquidity: on a case-by-case basis or on demand, the Market Risk Department performs liquidity controls based on certain criteria (negotiability/transferability, bid/ask size, market volumes, etc.);
• ■strict process for any change in prudential classification, involving the business line and the Finance and Risk Divisions;
• ■internal audit: through its various periodic assignments, Internal Audit verifies or questions the consistency of the prudential classification with policies/procedures as well as the suitability of the prudential treatment in light of existing regulations.

Management risk related to the valuation of financial products relies jointly on the Markets Department and the team of valuation experts (Valuation Group) within the Finance Department that both embody the first line of defense and by the team of independent review of valuation methodologies within the Market Risk Department.

Governance on valuation topics is enforced through three valuation Committees, both attended by representatives of the Global Markets Division, the Market Risk Department and the Finance Division:

• ■the Valuation Risk Committee meets quarterly to monitor and approve changes in the valuation risk management framework; monitor indicators on this risk and propose or set a risk appetite; evaluate the control system and the progress of recommendations; and finally, prioritize the tasks. This Committee is chaired by the Risk Department and organised by its independent review team of valuation methodologies;
• ■the Valuation Methodology Committee gathers whenever necessary to approve financial products valuation methodologies. This Committee, chaired by the Risk Department and organised by its independent review team of valuation methodologies, has global accountability with respect to the approval of the valuation policies;
• ■the MARK P&L Explanation Committee monthly analyses the main sources of economic P&L as well as changes in reserves and other accounting valuation adjustments. The analytical review of adjustments is carried out by the Valuation Group, which also provides a quarterly analytical review of adjustments under regulatory requirements for prudent valuation.

Lastly, a corpus of documents describes the valuation governance and specify the breakdown of responsibilities between the stakeholders.

The Group operational risk management framework, other than non-compliance risks detailed in Chapter 4.11 “Compliance risk” is structured around a three-level system comprising:

• ■a first line of defence in each core Business Units/Service Units, responsible for applying the framework and putting in place controls that ensure risks are identified, analysed, measured, monitored, managed, reported and contained with the limits set by the Group-defined risk appetite;
• ■a second line of defence, namely the Non-Financial Risk and permanent control Department in the Group’s Risk Division, in charge of the management of operational risks frameworks.
• As such, the Non-Financial Risk and permanent control Department:
  • -conducts a critical examination of the BU/SUs management of operational risks (including fraud risk, risks related to information systems and information security, and risks related to business continuity and crisis management),
  • -sets regulations and procedures for operational risk systems and production of cross Group analyses,
  • -produces risk and oversight indicators for operational risk frameworks.
• To cover the entire Group, the Non-Financial Risk and permanent control Department has a central team supported by regional hubs. The regional hubs report back to the department, providing all information necessary for a consolidated overview of the Bank’s risk profile that is holistic, prospective and valid for both internal oversight purposes and regulatory reporting.
• The regional hubs are responsible for implementing the Operational Risk Division’s briefs in accordance with the demands of their local regulators.
• The Non-Financial Risk and permanent control Department communicates with the first line of defence through a network of operational risk correspondents in each Business/Service Units.
• Concerning risks specifically linked to business continuity, crisis management and information, of persons and property, the Non-Financial Risk and permanent control Department carries out the critical review of the management of these risks in connection with the Group Security Division. Specifically, regarding IT risks, the Non-Financial Risk and permanent control Department carries out the critical review of the management of these risks in connection with the Resources and Digital Transformation Department;
• ■a third line of defence in charge of internal audits, carried out by the General Inspection and Audit Division.

The Group’s main frameworks for controlling operational risks are as follows:

• ■collection and analysis of internal operational losses and significant incidents that do not have a financial impact;
• ■risk and control self-assessment (RCSA);
• ■oversight of key risk indicators (KRI);
• ■development of scenario analyses;
• ■analysis of external losses;
• ■framework of new products and services;
• ■management of outsourced services;
• ■crisis management and business continuity;
• ■management of risks related to information and communication technologies (ICT).

Internal losses and significant incidents without any financial impact are compiled throughout the Group. The process:

• ■monitors the cost of operational risks as they have materialised in the Group and establishes a historical data base for modelling the calculation of capital to be allocated to operational risk;
• ■learns from past events to minimise future losses.

Since 2004, Societe Generale has used the Advanced Measurement Approach (AMA) allowed by the Capital Requirements Directive to measure operational risk. This approach, implemented across the main Group entities, notably makes it possible to:

• ■identify the businesses that have the greatest risk exposures;
• ■identify the types of risk that have the greatest impact on the Group’s risk profile and overall capital requirements;
• ■enhance the Group’s management of operational risks.

The statistical method used by the Group for operational risk modeling is based on the Loss Distribution Approach (LDA) for AMA internal model.

Under this approach, operational risks are modeled using segments, each segment representing a type of risk and a Group core business. The frequency and severity of operational risks, based on past internal losses, external losses, the internal and external environment, and scenario analyses, are estimated and the distribution of annual losses is calculated for each segment. This approach is supplemented by cross-business scenario analyses that measure cross-business risks for core businesses, such as cybercriminality and the flooding of the river Seine.

Aside from the individual risks associated with each segment or cross-business scenario analysis, the model takes into account the diversification between the various types of risk and the core businesses, dependency effects between extreme risks as well as the effect of insurance policies taken out by the Group. The Group’s regulatory capital requirements for operational risks within the scope covered by the (AMA) internal model are then defined as the 99.9% quantile of the Group’s annual loss distribution.

For some Group entities, notably in retail banking activities abroad, the standard method is applied: the calculation of capital requirements is defined as the average over the last three years of a financial aggregate based on the Product Net Banking multiplied by factors defined by the regulator and corresponding to each category of activity. To make the calculation, all of the Group’s business lines are broken down into the eight regulatory activities.

Societe Generale’s total capital requirements for operational risks were EUR 4.0 billion at the end of 2023, representing EUR 50 billion in risk-weighted assets. This assessment includes the capital requirement of AMA and Standard perimeters.

Societe Generale’s capital requirements for operational risk are mainly calculated using the Advanced Measurement Approach (AMA) via its internal model (91% in 2023).

The amount of RWA on the AMA scope increased in 2023 (EUR +4.1 billion, i.e. +8.9%). This increase is mainly linked to LeasePlan integration.

The following table breaks down the Group’s risk-weighted assets and the corresponding capital requirements at 31 December 2023.

Since 1993, Societe Generale has implemented a global policy of hedging Group operational risks through insurance.

This consists of searching the market for the most extensive cover available for the risks incurred and enabling all entities to benefit from such cover wherever possible. Policies are taken out with leading insurers. Where required by local legislation, local policies are taken out, which are then reinsured by insurers that are part of the global program.

In addition, special insurance policies may be taken out by entities that perform specific activities.

A Group internal reinsurance company intervenes in several policies in order to pool high-frequency, low-level risks between entities. This approach contributes to the improvement of the Group’s knowledge and management of its risks.

The principles and standards for managing these risks are defined at the Group level. The entities are first and foremost responsible for managing these risks. The ALM (Asset and Liability Management) Department within the Group’s Finance Division leads the control framework of the first line of defence. The ALM department of the Risk Department assumes the role of second line of defence supervision.

The purpose of the Group ALM Committee is to:

• ■validate and ensure the adequacy of the system for monitoring, managing and supervising structural risks;
• ■review changes in the Group’s structural risks through consolidated reporting;
• ■review and validate the measures and the adjustments proposed by the Group's Finance Department.

The Group ALM Committee gives delegation to the Global Rate Forex Committee chaired by the Finance Department and the Risk Division for the validation of frameworks not exceeding defined amounts.

Structural interest rate risk is generated by commercial transactions and their hedging, as well as the management operations specific to each of the consolidated entities.

The Group's objective is to ensure that each entity's exposure to interest rate risk remains within the Risk Appetite defined by the Group.

To this end, the Board of Directors, the Group ALM Committee, the Global Rate and Exchange Committee and the ALM Committees of the Business Units set variation limits (in terms of value and income) for the Group, the BUs/SUs and the entities respectively.

Structural exchange rate risk, understood as resulting from all transactions that do not belong to the Trading Book, results from:

• ■exposures related to net investments abroad in foreign currencies, i.e in subsidiaries and branches. FX positions generated by an imperfect hedge are valued through other comprehensive income;
• ■ exposures related to activities made by entities in currencies that are not their reporting currency;
• ■open positions taken on the balance sheet with the aim of making the CET1 ratio insensitive to changes in the exchange rate of currencies against the euro.

To achieve its objective of making the CET1 ratio insensitive to fluctuations in exchange rates against the euro, the following actions are taken:

• ■Group entities are asked to individually hedge the results related to activities in currencies other than their reporting currency;
• ■the foreign exchange position generated by investments in foreign holdings and branches, as well as by the conversion of their results into euros, is partially covered centrally: at the level of the Group Finance Division. Societe Generale retains a target exposure multiplied by the RWA generated in this currency in each RWA constituent currency equivalent to the level of the CET1 Target Group ratio and covers the balance by borrowings or forward foreign exchange transactions denominated in the currency of investments and recognised as investment hedging instruments (cf. Note 3.2).

For each currency, the difference between actual and target exposure is governed by limits validated by the Finance Committee and the Board of Directors.

Similarly, the sensitivities of the CET1 ratio to shocks of +/-10% per currency are framed.

The liquidity and funding management set up at Societe Generale aims at ensuring that the Group can:

(i) fulfil its payment obligations at any moment in time, during normal course of business or under lasting financial stress conditions (management of liquidity risks); 

(ii) raise funding resources in a sustainable manner, at a competitive cost compared to peers (management of funding risks). Doing so, the liquidity and funding management ensures compliance with risk appetite and regulatory requirements.

To achieve these objectives, Societe Generale has adopted the following guiding principles:

• ■liquidity risk management is centralised at Group level, ensuring pooling of resources, optimisation of costs and consistent risk management. Businesses must comply with static liquidity deadlocks in normal situations, within the limits of their supervision and the operation of their activities, by carrying out operations with the “own management” entity, where appropriate, according to an internal refinancing schedule. Assets and liabilities with no contractual maturity are assigned maturities according to agreements or quantitative models proposed by the Finance Department and by the business lines and validated by the Risk Division;
• ■funding resources are based on business development needs and the risk appetite defined by the Board of Directors (see  section 2);
• ■financing resources are diversified by currencies, investor pools, maturities and formats (vanilla issues, structured, secured notes, etc.). Most of the debt is issued by the parent company. However, Societe Generale also relies on certain subsidiaries to raise resources in foreign currencies and from pools of investors complementary to those of the parent company;
• ■liquid reserves are built up and maintained in such a way as to respect the stress survival horizon defined by the Board of Directors. Liquid reserves are available in the form of cash held in central banks and securities that can be liquidated quickly and housed either in the banking book, under direct or indirect management of the Group Treasury, or in the trading book within the market activities under the supervision of the Group Treasury;
• ■the Group has options that can be activated at any time under stress, through an Emergency Financing Plan (EFP) at Group level (except for insurance activities, which have a separate contingency plan), defining leading indicators for monitoring the evolution of the liquidity situation, operating procedures and remedial actions that can be activated in a crisis situation.

The key operational steps of liquidity and funding management are as follows:

• ■risk identification is a process which is set out and documented by the Risk Division, in charge of establishing a mapping of liquidity risks. This process is conducted yearly with each Business Unit and within the Group Treasury Department, aimed at screening all material risks and checking their proper measurement and capturing the control framework. In addition, a Reverse Stress Testing process exists, which aims at identifying and quantifying the risk drivers which may weigh most on the liquidity profile under assumptions even more severe than used in the regular stress test metrics;
• ■definition, implementation and periodic review of liquidity models and conventions used to assess the duration of assets and liabilities and to assess the liquidity profile under stress. Liquidity models are managed along the overall Model Risk Management governance, also applicable to other risk factors (market, credit, operational), controlled by the Group Risk division;
• ■yearly definition of the risk appetite for liquidity and funding risks, whereby the Board of Directors approves financial indicators framing that have been proposed by General Management. Such risk appetite targets are then cascaded down per Business Units. The risk appetite is framed along the following metrics:
  • -key regulatory indicators (LCR, Adjusted LCR excess in USD, and NSFR),
  • -the footprint of the Group in Short-Term Wholesale funding markets,
  • -the survival horizon under an adverse stress scenario, combining a severe market and systemic shock and an idiosyncratic shock. In addition to the main adverse scenario, Societe Generale also checks its survival horizon under an extreme stress scenario. For both scenarios, the idiosyncratic shock is characterised by one of its main consequences, which would be an immediate 3-notch downgrade of Societe Generale’s long-term rating. In such adverse or extreme scenarios, the liquidity position of the Group is assessed over time, taking into account the negative impacts of the scenarios, such as deposit outflows, drawing by clients of the committed facilities provided by Societe Generale, increase in margin calls related to derivatives portfolios, etc. The survival horizon is the moment in time when the net liquidity position under such assumptions becomes negative,
  • -the overall transformation position of the Group (static liquidity deadlock in normal situation matured up to a maturity of 5 years),
  • -the amount of free collaterals providing an immediate access to central bank funding, in case of an emergency (only collaterals which do not contribute to the numerator of the LCR are considered, i.e. non-HQLA collaterals);
• ■the financial trajectories under baseline and stressed scenarios are determined within the framework of the funding plan to respect the risk appetite. The budget’s baseline scenario reflects the central assumptions for the macro-economic environment and the business strategy of the Group, while the stressed scenario is factoring both an adverse macro-economic environment and idiosyncratic issues;
• ■the funding plan comprises both the long-term funding program, which frames the issuance of plain vanilla bonds and structured notes, and the plan to raise short-term funding resources in money markets;
• ■the Funds Transfer Pricing (FTP) mechanism, drawn up and maintained within the Group Treasury, provides internal refinancing schedules that enable businesses to recover their excess liquidity and finance their needs through transactions carried out with its own management;
• ■production and broadcasting of periodic liquidity reports, at various frequencies (daily indicators, weekly indicators, monthly indicators), leveraging in most part on the central data repository, operated by a dedicated central production team. The net liquidity position under the combined (idiosyncratic and market/systemic) stress scenario is reassessed on a monthly basis and can be analysed along multiple axes (per product, Business Unit, currency, legal entity). Each key metric (LCR, NSFR, transformation positions, net liquidity position under combined stress) is reviewed formally on a monthly basis by the Group Finance and Risk divisions. Forecasts are made and revised weekly by the Strategic and Financial Steering Department and reviewed during a Weekly Liquidity Committee chaired by the Head of Group Treasury. This Weekly Liquidity Committee gives tactical instructions to Business Units, with the objective to adjust in permanence the liquidity and funding risk profile, within the limits and taking into account business requirements and market conditions;
• ■preparation of a Contingency Funding Plan, which is applicable Group-wide, and provides for: (i) a set of early warning indicators (e.g. market parameters or internal indicators); (ii) the operating model and governance to be adopted in case of an activation of a crisis management mode (and the interplay with other regimes, in particular Recovery management); (iii) the main remediation actions to be considered as part of the crisis management.

These various operational steps are part of the ILAAP (Internal Liquidity Adequacy Assessment Process) framework of Societe Generale.

Every year, Societe Generale produces for its supervisor, the ECB, a self-assessment of the liquidity risk framework in which key liquidity and funding risks are identified, quantified and analysed with both a backward and a multi-year forward-looking perspective. The adequacy self-assessment also describes qualitatively the risk management set up (methods, processes, resources, etc.), supplemented by an assessment of the adequacy of the Group’s liquidity.

The main liquidity risk governance bodies are as follows:

• ■the Board of Directors, which:
  • -sets yearly the level of liquidity risk tolerance as part of the Group’s risk appetite, based on a set of key metrics, which includes both internal and regulatory metrics, in particular the period of time during which the Group can operate under stressed conditions (“survival horizon”),
  • -approves financial indicators framing including the scarce resources indicators framing,
  • -reviews at least quarterly the Group’s liquidity and funding situation: key liquidity metrics, including stressed liquidity gap metrics as evaluated through Societe Generale group models, the regulatory metrics LCR and NSFR, the pace of execution of the funding plan and the related cost of funds;
• ■General Management, which:
  • -allocates liquidity and funding targets to the various Business Units and the Group Treasury entity, upon proposal from the Group Finance division,
  • -defines and implements the liquidity and funding risk strategy, based on inputs from the Finance and Risk Divisions and the Business Units. In particular, the General Management chairs the Finance Committee, held every 6 weeks and attended by representatives from the Finance and Risk Divisions and Business Units, which is responsible for monitoring structural risks and managing scarce resources:
    • •validation and monitoring of the set of limits for structural risks, including liquidity risk,
    • •monitoring of budget targets and decisions in case of a deviation from the budget,
    • •definition of principles and methods related to liquidity risk management (e.g. definition of stress scenarios),
    • •assessment of any regulatory changes and their impacts;
• ■the Group Finance Division, which is responsible for the liquidity and funding risks as first line of defence, interacting closely with Business Units. Within the Group Finance Division, there are three main departments involved respectively in the preparation and implementation of decisions taken by the abovementioned bodies:
  • -the Strategic and Financial Steering Department is responsible for framing and steering the Group’s scarce resources, including liquidity, within the Group’s risk appetite and financial indicators framing,
  • -the Group Treasury Department is in charge of all aspects of the operational management of liquidity and funding across the Group, including managing the liquidity position, executing the funding plan, supervising and coordinating treasury functions, providing operational expertise in target setting, managing the liquidity reserves and the collateral used in funding transactions, managing the corporate centre,
  • -the Asset and Liability Management Department is in charge of the definition of modelling and monitoring structural risks, including liquidity risk alongside interest rate and foreign exchange risks in the Banking Book;
  • -also sitting with the Group Finance Division, the Metrics Production Department runs the management information system regarding liquidity and funding risks across the Group. For liquidity metrics, the Group relies on a centralised system architecture, with all Business Units feeding a central data repository from which all metrics are produced, either regulatory metrics (e.g. the LCR or the NSFR) or metrics used for internal steering (e.g. stress test indicators);
• ■the ALM Risk Department, which perform as the second line of defence functions, ensure the supervision of liquidity risks and evaluates the management system for these risks. As such, it is in charge of:
  • -defining liquidity indicators and the setting of the main existing limits within the Group;
  • -defining the normative framework for measuring, modelling methods and monitoring these risks.

In addition, by delegation of MRM, this department ensures the validation of ALM models for which it organises and chairs the Validation Committee of Models.

Finally, it ensures the correct interpretation of the regulatory framework as well as an adequate implementation in the Societe Generale environment.

An asset shall be treated as encumbered if it has been pledged or if it is subject to any form of arrangement to secure, collateralise or credit enhance any transaction from which it cannot be freely withdrawn.

Total Group encumbrance amounts to 34.7% over 2023, measured according to the EBA(1) definition Securities encumbrance is 77.3%, while loan encumbrance is 12.6%.

The majority of the Group's encumbered assets (around 80%) is in the form of securities as a result of the relative size of capital market activities, mainly through repos, reverse repos and collateral swaps.

Securities encumbrance is concentrated in Société Générale parent entity and its branches, where Group market activities are located.

The main sources of encumbrance are repo-like operations and debt securities issued. Encumbrance of assets in US dollars stems mainly from debt securities.

The level of encumbered loans varies among Group entities mainly due to their respective business models, funding strategies and the type of underlying loans, as well as to the law governing them. The main sources of loans encumbrance are in EUR and to a lesser extent in USD. A few points are noteworthy:

• ■at Société Générale parent entity level, the loan encumbrance rate amounts to close to 24%(2) at 2023 year-end, stemming mainly from housing loans. Encumbered loans are affected as collateral for the ECB’s TLTRO operations as well as long-term refinancing mechanisms which are broadly used by banks for covered bonds (SG Société de Financement de l’Habitat, SG Société de Crédit Foncier and Caisse de Refinancement de l’Habitat), securitisations or specific mechanisms;
• ■at subsidiary level, the loan encumbrance rate stands at 16.2% (2) overall, with variance between entities due to different funding strategies. The highest levels of secured funding relate to entities which contribute to the pooling scheme (see below) or have implemented external funding programmes through securitisations such as BDK (Bank Deutsches Kraftfahrzeuggewerbe) and Ayvens, or other forms of secured funding.

As far as loan encumbrance is concerned, there is a pooling scheme in which subsidiaries (Boursorama, Sogefinancement, and to a lesser extent BFCOI, Genefim, and Sogefimur) bring a share of their loan portfolio to the Group in order to supply refinancing schemes (such as the SG Société de Financement de l’Habitat Covered Bond vehicle). Not all the assets brought to Covered Bond vehicles are effectively encumbered from a Group-consolidated perspective, because Covered Bonds issued are in part self-retained by Société Générale as opposed to being distributed to investors. The portion of subsidiaries’ loan portfolio encumbered at subsidiary level but not encumbered from a Group-consolidated perspective amounts to EUR 5.7 billion.

Over 2023 (median level over the year), Société Générale was holding itself EUR 35.6 billion of self-issued Covered Bonds and EUR 16.6 billion of self-issued Asset Back Securities, with underlying collateral portfolios of respectively EUR 43.8 and 18.1 billion. These underlying collateral portfolios were indirectly encumbered in proportions of respectively 57.4% for Covered Bond assets and 51.4% for Asset Back Securities assets, through TLTRO drawings or market reverse purchase transactions.

With respect to the two main Covered Bond vehicles of the Société Générale Group, namely SG Société de Crédit Foncier et and SG Société de Financement de l’Habitat, their level of over-collateralisation was respectively at 133% and 120% at the end of 2023.

As far as SG Société de Financement de l’Habitat is concerned, collaterals are made of mortgage loans guaranteed by Crédit Logement. Regarding SG Société de Crédit Foncier, collaterals are made of loans to the public sector.

The unencumbered “Other Assets” (excluding loans), in the EBA template, include derivatives and options positions (interest rate swaps, cross currency swaps, currency options, warrants, futures, forward contracts…) in an amount of EUR 94 billion as of end 2023, as well as some other assets that cannot be encumbered in the normal course of business, including goodwill, fixed assets, deferred tax, adjustment accounts, sundry debtors and other assets. Overall, assets that cannot be encumbered (derivatives products and other assets listed above) represent 17% of the total balance sheet as of end 2023.