Navigation Map

Download our best practices
Interactive navigation is a tool that goes beyond the standard navigation of the integrated content (available in the report drop-down bar). New approach allowed to navigate in the two additional business dimensions of the PZU Group, i.e .:
  • strategy (insurance, health, investments, finances);
  • sustainable development (sales, employees, social responsibility, natural environment and ethics).
The above-mentioned areas were additionally supplemented with related GRI indicators, within each selected issue.

In the Chapter


Corporate governance and risk management, considering ESG and climate factors

Annual Report 2019 > Corporate governance and risk management, considering ESG and climate factors
Facebook Twitter All
Integrated Navigation
Best Pratices in PZU
Honesty is important to us - “honesty means more to us than just acting in accordance with the law. It also means admitting to the errors we have committed and drawing conclusions from them. It also signifies the skill and courage of voicing our own opinions, fulfilling the promises we have undertaken, openly expressing recognition and doubts.”

The PZU joint stock company was established on 23 December 1991, transformed from the state-owned Państwowy Zakład Ubezpieczeń. PZU conducts its operations under the Insurance and Reinsurance Activity Act of 11 September 2015 (Journal of Laws of 2017, item 1170, as amended). A milestone in the PZU Group development was the public offering of its shares on the Warsaw Stock Exchange. The public offering of PZU shares on the Warsaw Stock Exchange took place on 10 May 2010. PZU follows the Best Practices of Companies Listed on the WSE.

Until 31 December 2019, PZU had been included in the RESPECT Index - the first index of socially responsible companies in Central and Eastern Europe. Since early 2020, PZU, Bank Pekao and Alior Bank have become part of the new WIG-ESG index.

In PZU, ethical matters are managed by the Compliance Department - an independent organizational unit reporting to the President of the Management Board. The Compliance Department is responsible for system-based management of compliance risk and other quality-related risks. The Director of the Compliance Department is responsible for oversight over the key compliance function. The Managing Director for Regulations, overseeing the Compliance Department, as well as the Director of the Compliance Department, have direct access to the members of the Company’s Management Board and Supervisory Board, to whom the compliance function reports. The reporting proceeds in monthly and annual reports for the Management Board and quarterly risk reports to the Audit Committee of the Supervisory Board and the Supervisory Board itself, as well as in the form of ad hoc information provided to the members of the Company’s statutory bodies if need arises. At the same time, every year the PZU Management Board approves a Compliance Analysis Plan for a given year, which specifies additional areas to be subject to analysis, also including the ethical matters.

Bank Pekao, as well as Alior Bank, have designated an independent organizational unit reporting directly to the President of the Management Board. In Bank Pekao, ethical matters are managed within the Compliance Department; in Alior Bank, they are managed by the of Regulation Compliance Department. Each of those departments prepares and presents to the Management Board and the Audit Committee of the Supervisory Board (quarterly) reports of compliance risk monitoring, including information on the identified compliance risk level in the individual area and the recommendations made to mitigate or eliminate the identified risk. The annual action plans of the compliance units and an annual report on compliance risk management is submitted annually to the Management Board, the Audit Committee of the Supervisory Board and the Supervisory Board.

Compliance and ethical matters management structure:


Bank Pekao

Alior Bank

Group’s Organizational Structure

Shareholder Meeting

The highest corporate body of PZU is the Shareholder Meeting, operating pursuant to the Commercial Company Code and the Articles of Association. The Shareholder Meeting adopts decisions regarding PZU organization and operation. Resolutions are adopted by an absolute majority of votes, except in special cases provided for in the relevant laws.

Supervisory Board

The Supervisory Board exercises continuous oversight over PZU operations. It is composed from seven to eleven members. The Board’s organization and work are defined in the Rules and Regulations of PZU Supervisory Board, adopted in February 2016.

Supervisory structure of PZU and PZU Życie in 2019:

Maciej Łopiński - Chairman of the Supervisory Board Paweł Surówka - Chairman of the Supervisory Board
Paweł Górecki - Vice-chairman of the Supervisory Board Piotr Głod - Vice-chairman of the Supervisory Board
Alojzy Nowak - Secretary of the Supervisory Board Marcin Szuba - Secretary of the Supervisory Board
Marcin Chludziński - Member of the Supervisory Board Beata Teresa Bieńkowska - Member of the Supervisory Board
Agata Górnicka - Member of the Supervisory Board Norbert Dworak - Member of the supervisory Board
Robert Jastrzębski - Member of the Supervisory Board  
Tomasz Kuczur - Member of the Supervisory Board  
Elżbieta Mączyńska-Ziemacka - Member of the Supervisory Board  
Krzysztof Opolski - Member of the Supervisory Board  
Robert Śnitko - Member of the Supervisory Board  
Maciej Zaborowski - Member of the Supervisory Board  

Management Board

The Management Board exercises any and all rights related to managing PZU which are not otherwise reserved by law or the provisions of the Articles of Association to the Shareholder Meeting or the Supervisory Board. Two Management Board members acting jointly or one Management Board member acting with a commercial proxy, are authorized to represent the Company. The Management Board adopts its rules and regulations, which are approved by the Supervisory Board. The Management Board is composed of three to eight members appointed for a shared term of three years.

Management structure of PZU and PZU Życie as at 31 December 2019:

Paweł Surówka - President of the Management Board Roman Pałac - President of the Management Board
Aleksandra Agatowska- Management Board Member Aleksandra Agatowska- Management Board Member
Adam Brzozowski - Management Board Member Marcin Eckert - Management Board Member
Marcin Eckert - Management Board Member Elżbieta Hauser-Schoneich - Management Board Member
Elżbieta Hauser-Schoneich - Management Board Member Tomasz Kulik - Management Board Member
Tomasz Kulik - Management Board Member Maciej Rapkiewicz - Management Board Member
Maciej Rapkiewicz - Management Board Member Bartłomiej Litwińczuk - Management Board Member
Małgorzata Sadurska - Management Board Member Dorota Macieja - Management Board Member
  Małgorzata Sadurska - Management Board Member

The current composition of the PZU and PZU Życie Management Board is stated at our website at

Audit Committee

The Audit Committee is appointed by the PZU Supervisory Board. The majority of the Audit Committee members, including the chairperson, satisfy the independence criteria defined in the Act of 11 May 2017 on Statutory Auditors, Audit Firms and Public Supervision, and at least one member has knowledge and skills of accounting or audit of financial statements in accordance with the Act. The Audit Committee is an advisory and consultative body to the Supervisory Board and is appointed to improve the effectiveness of the Supervisory Board’s oversight activities in respect of the correctness of financial reporting, the effectiveness of internal control system, including internal audit, and the risk management system.

Committees are collegial bodies operating in the Head Offices of PZU and PZU Życie, which are established and liquidated by the Management Board. Committees issue opinions and make decisions in matters within their area of competence defined in rules and regulations of each committee. In 2019, the following committees operated in PZU and PZU Życie:

  • Data Governance Committee;
  • Innovations Committee;
  • Investment Committee
  • Cost Committee;
  • PZU Group’s Risk Committee;
  • Investment Risk Committee
  • Sponsorship, Prevention and CSR Committee;
  • Property Sales Committee;
  • Procurement Committee;
  • Asset-Liability Management Committee;
  • Initiatives Management Committee;
  • Crisis Management Center (a collegiate body acting as a committee, whose responsibilities are defined in the Company’s Business Continuity Plan).

PZU additionally operated the PZU Pricing Committee.


PZU operates a compliance system, which supports the organization in conducting its business in a purposeful, lawful an ethical way. This system comprises standards of conduct and ethical norms, which support the organization in the mitigation of compliance, corruption and conflict of interests risks, and in the identification and prevention of irregularities. The following functions within the compliance system:

  • “PZU Group’s Best Practices”;
  • Anti-Corruption Programme at PZU and PZU Życie;
  • Rules for acceptance and giving of gift at PZU and PZU Życie;
  • Rules for managing conflicts of interest at PZU and PZU Życie;
  • Whistleblowing Procedure at PZU and PZU Życie.

The compliance system in PZU’s direct or indirect subsidiaries, with which agreements have been concluded on cooperation or exchange of information, is based on, and consistent with, the principles deployed by PZU.

More information about the system of management for ethical matters, compliance and corporate governance of the Alior Bank Group and the Pekao Group can be found in separate reports on the operation of those entities.

In 2019, a new e-learning compliance training course was developed and, at the beginning of 2020, it was made available to all PZU and PZU Życie employees as part of the educational platform. Additionally, a functionality enabling collection of PZU and PZU Życie employee representations on familiarization and compliance with the Anti-Corruption Program and the legal sanctions related to corruption was implemented in the internal HR system in PZU.


The main elements of the PZU Group’s risk management system have been implemented to ensure sectoral consistency and the execution of the various entities’ strategic plans and the overall PZU Group’s business objectives.

PZU exercises supervision over the PZU Group’s risk management system by the power of mutual cooperation agreements entered into with other Group entities and the information provided thereunder. It manages risk at the PZU Group level on an aggregate basis, especially with respect to capital requirements. The cooperation agreements signed with the PZU Group subsidiaries enable the collection and processing of information necessary for appropriate and effective management of risk at the PZU Group level. They also guarantee that the various risks generated by the individual companies in the PZU Group are assessed and are based on the same standards, taking into account the requirements and restrictions arising from the applicable law.

The Risk Management Strategy in the PZU Group is the basis of operation of the risk management system in the PZU Group.

The Group has introduced risk management rules for the affiliates identified in the strategy. The rules constitute a recommendation issued by PZU regarding the organization of the risk management system in subsidiaries. Additionally, guidelines regulating the various risk management processes in the PZU Group entities are also issued from time to time.

The management boards of PZU Group companies from the financial sector are responsible for fulfilling their own duties in accordance with the generally applicable provisions of national and international law. In particular, they are responsible for the implementation of an adequate and effective risk management system.

Subsidiaries from outside of the financial sector introduce the risk management rules including the allocation of roles and responsibilities and the catalog of risks associated with the relevant activity. The determination of the appropriate level of risk in each company is the management board’s responsibility, whereas a review of the risk management system, especially the risk appetite level, is conducted once a year by the unit responsible for risk, with all actions being coordinated at the PZU Group level.

Risk appetite is defined in the Risk management Strategy based on the values as the minimum value of the PZU Group’s solvency ratio on a consolidated basis and PZU on a standalone basis.

Once a year, the internal audit unit prepares an annual activity report, which includes in particular evaluation of the internal control and risk management system. The procedure for preparing the report and its scope are governed by separate internal regulations. For the purposes of report, the risk unit prepares information as to the adequacy and effectiveness of the risk management system.

PZU Group’s policies [UoR]

Risk management, taking into account non-financial risk

Risk management is one of the key internal processes in the PZU Group. The risk management system in place in PZU is based on three lines of defense. Its framework reflects the standards prevailing in the insurance sector and the guidelines laid down in regulatory regulations. The overriding objective of the PZU Group’s risk management system is to ensure early identification and adequate management of material risks associated with the activities of the PZU Group and its individual entities. The non-financial risk management processes are part of a broader risk management process in the Group.

Risk categories in the PZU Group:

 Operational risk - The risk of suffering a loss resulting from improper or erroneous internal processes, human activities, system failures or external events.  Market risk - The risk of a loss or an adverse change in the financial situation resulting, directly or indirectly, from fluctuations in the level and in the volatility of market prices of assets, credit spread, as well as value of liabilities and financial instruments.
 Model risk - The risk of incurring financial losses, incorrectly estimating data reported to the regulatory authority, taking incorrect decision or losing reputation as a result of errors in the development, implementation or application of models.  Liquidity risk - The possibility of losing the capacity to settle, on an ongoing basis, the company’s liabilities to its clients or business partners. The aim of the liquidity risk management system is to maintain the capacity of fulfilling the company's liabilities on an ongoing basis. The company maintains the required level of liquidity of the investment portfolio.
 Actuarial risk - The likelihood of a loss or an adverse change in the value of liabilities under the existing insurance contracts and insurance guarantee agreements, due to inadequate assumptions regarding premium pricing and technical provisions.  Credit risk - The risk of loss or adverse change in the financial situation, resulting from fluctuations in the credit standing of issuers of securities, counterparties and any debtors, which materializes in the form of a counterparty’s default on a liability or an increase in credit spread.
 Compliance risk - The risk that the PZU Group may infringe on the law, internal regulations and adopted standards of conduct, including ethical standards, which results or may result in being subject to legal sanctions, or incurring financial loss or else loss of reputation or credibility.  Concentration risk - The possibility of incurring loss stemming either from lack of diversification in the asset portfolio or from large exposure to default risk by a single issuer of securities or a group of related issuers.

The risk management process consists of the following stages:

Key non-financial information

From the perspective of the impact on issues related to social, employee, environmental, human rights and prevention of corruption, compliance risk and operational risk are of special importance. In addition, the PZU Group identifies environmental risk in the process of financing entities.

The PZU Group has implemented an operational risk management system under which it prevents operational risk incidents and reduces operational losses. The operational risk management principles and structure in PZU are based on the adopted operational risk management policy. Operational risk is controlled on multiple levels in the organization. Supervision over the operational risk management system is exercised by an independent, dedicated unit within the Risk Department structure.

The key tool used to monitor operational risk is the key risk indicator system, covering areas with special exposure to operational risk. The indicators are subject to regular reviews: at least once a year.

As part of the compliance risk and operational risk, employee, environmental, social, ethical and prevention of corruption issues have been identified. Below is a list of key issues.

Employees and respecting human rights

Risk category Risk description Description of the approach to risk management
The risk associated with the difficulty of hiring qualified staff  Difficulties of hiring qualified staff pertain, in particular, to areas characterized by narrow specialization and those where candidates with unique competences are sought.  The risk is mitigated owing to the high PZU brand awareness among labor market participants, a highly valued range of fringe benefits, as well as candidate searches in alternative sources, such as social media and industry portals.
The risk associated with quickly changing regulations and necessity to update the knowledge about prevailing regulations and obligatory operating methods  The necessity to update the knowledge about prevailing regulations and obligatory operating methods on an ongoing basis. Examples include new types of responsibilities regarding verification of competences associated with the requirements of the insurance distribution act and introduction of the so-called Chinese wall method in connection with the inclusion of banks into the PZU Group. As a rule, verification of the competences and transfer of knowledge on the prevailing standards apply to a large number of employees over a short period of time.  Obligatory training courses are organized in the PZU Group,
mainly in the form of e-learning, which allows an efficient transfer
of knowledge in an optimally short time to all employees to which
the scope pertains. Training courses contain tests verifying the
effectiveness of the acquired knowledge and allow for monitoring
whether the information has reached the target group. 
The risk of failure to respect employee rights by unequal  treatment of employees, discrimination of employees and  cases of mobbing and discrimination  Actions and behaviors pertaining to or against an employee, involving persistent and lasting harassment or intimidation of an employee, impairing  their professional self-esteem, causing or aimed at humiliating or ridiculing  an employee, isolating them or eliminating them from the team of associates.  No actions or behaviors having the features of mobbing are
tolerated by the employer in any way. The approach to prevention
of mobbing and discrimination is described in SECTION DIVERSITY AND RESPECTING HUMAN RIGHTS. Relevant preventive, training, procedural and process measures have been implemented. 
Risk related to the lack of effective dialog with the trade unions (collective dispute)  A collective dispute of employees with the employer may pertain to terms of work, pay or social benefits and rights and freedoms of trade union employees or other groups entitled to association in trade unions. The employer has appointed a Social Dialog Team in the HR Management Department. The team is supervised directly by the Director of the HR Management Department/Managing HR Director in the PZU Group. The team is composed of employees with many years of experience in social dialog, specialized in collective labor law. The social dialog policy is shaped directly by the company's Management Board and the Managing HR Director in the PZU Group. The Social Dialog Team employees conduct talks and participate in dedicated meetings with trade unions and respond on an ongoing basis to the needs of social partners. Meetings in the company's head office are held on average every two weeks and last minimum two days.
The risk of overrunning the personnel budget  The need to hire an employee for an amount higher than budgeted in connection with lack of qualified employees in the labor market. Unbudgeted employee hiring. Financial planning procedure in the PZU Group. Looking for financing sources for such hiring or, as a last resort, using the central budget reserve. Due to its limited size, there is a risk of overrunning the budget.
Risk of failure to ensure a safe and healthy work environment  Exposing employees to accidents at work. To prevent accidents the PZU Group focuses on providing proper work conditions as well as controlling and eliminating hazards that might lead to an accident on an ongoing basis. For the purpose of shaping and raising the awareness of hazards and safe employee behaviors, a broad range of methods is used, including, among others, classroom and e-learning courses, courses and workshops in the field of rendering first aid. 

Products and client relations

Risk category Risk description  Description of the approach to risk management 
Compliance risk in the marketing communication pursued by PZU Conducting marketing activities is, by definition, associated with the risk ofnon-compliance with generally prevailing laws and guidelines of state authorities, as well as with reputational risk. Therefore, marketing materials need to be verified before publication for the perspective of, among others, transparency, truthfulness and accuracy of presented information. The Marketing Department uses the practice of verification of planned marketing messages with other PZU units, in particular the Legal Department and Compliance Department (for compliance risk, including with regard tocompliance with the law – risk of misleading the consumer, use of messages infringing the addressees’ interests) and pertinent departments responsible for given products (consistency of the message with the facts – risk of misleading the consumer). To ensure reliable and ethical communication, the Group has introduced “Principles for issuing opinions on marketing activities and internal and corporate communication activities,” and all marketing activities are conducted on the basis of the Code of Ethics in Advertising. SECTION RESPONSIBLE SALES
Risk of misselling The risk associated with unfair communication with clients as regards PZU Group’s offers through unreliable or inaccurate description of the risks associated with PZU Group’s offers. To prevent misselling, the PZU Group hasimplemented Policies for the fair design and sale of financial products and services which have been described in more detail in SECTION RESPONSIBLE SALES.Additionally, meeting the requirements ofthe PRIIP Regulation*, the PZU Group has developed Key Information Documents (KID) for all products covered by the regulation. The KID, prepared individually for each product, is aimed at facilitating comparison of the products of different companies and supporting clear communication of information that is important to the client.
The risk pertaining to disclosure of personal data and data subject to insurance secrecy to unauthorized persons  The risk pertaining to disclosure of personal data and data subject to insurance secrecy to unauthorized persons.  PZU and PZU Życie have implemented principles for client identification and provision of information depending on the client's requests. In addition, access to personal data and data subject to insurance secrecy is granted only to authorized persons using the Central Information Security Management System (CSZBI). Additionally, PZU has implemented a DLP class monitoring system, which comprises appropriate rules minimizing the risk of disclosure of information, including personal data, to unauthorized persons. 

* Regulation (EU) No. 1286/2014 of the European Parliament and of the Council of 26 November 2014 on key information documents for packaged retail and insurance-based
investment products.

Corruption prevention area

Risk category Risk description Description of the approach to risk management 
Risk of abuse in the PZU Group The risk associated with inappropriate implementation in the Group’s structure of anti-corruption procedures, including ensuring protection for whistleblowers. There is zero tolerance for any form of corruption in the PZU Group. Therefore, the Group companies have in place corruption prevention policies and rules for acceptance and giving of gifts. Additionally, PZU and PZU Życie have implemented an Anti-Corruption Program, which defines examples of corruption and division of responsibilities to control the risk. SECTION TRANSACTION SECURITY
The risk associated with insurance crime and frauds The risk associated with inappropriate designand implementation of solutions in the area of compliance and anti-fraud structures in the organization. The PZU Group has in place special security procedures in the crime prevention area. SECTION COOPERATION WITH SUPPLIERS

Protection of natural environment and climate

The extent to which chances and risks related to the climate change will affect the insurance industry depends on a specific product or offered services and the planned investment. The processes of preparation of policies, pricings, reinsurance strategies, as well as the banking and investment activities take into account climate risks based on the short-term perspective. PZU can perceive the potential adverse influence of frequent and increasingly more severe weather phenomena on the financial results. Therefore PZU incorporates the possibility of catastrophic phenomena in the economic strategies and models it prepares. This way we want to increase our resilience level in case of materialization of possible scenarios.

The probability that the risk that arise from the transition to a low-carbon and climate-resilient economy (transition risk) will materialize is much higher than the probability that the most extreme physical risk related to the climate change will materialize. PZU takes measures aimed to limit the probability that the transition risk will materialize through investments for low-carbon economy. On the other hand, we are aware that the materialization of the most extreme physical risk would constitute a threat for the whole insurance sector. The effects of the escalating climate changes might contribute to the materialization of risks, the related insurance of which might become unaffordable.

Risk category Risk description Description of the approach to risk management 
Transition risks The risk of incurring excessive costs with the process of transition of the present economy into a lowcarbon and climate-resilient economy The PZU Group is aware of its indirect impact on the natural environment through the actions of its clients, especially those who extensively use natural resources in their operations. Therefore, the PZU Group takes measures that support the policy of limitation of green house gas emissions, among others, by new insurance productsoffered for renewable energy source (RES) installations. The PZU Group is the insurer of Poland’s largest wind farms and hydroelectric power plants. Furthermore, PZU’s offer covers insurance programs for townships which co-finance RES installations and upgrades in conventional power plants (resulting in a reduction of exhaust emissions by desulfurization or denitrification installations or filter systems) and thermal waste neutralization installations.
The PZU Group supports also activities aimed to increase electrification intransport. Bank Pekao’s offer includes PrzEKOrzystny (Mega Beneficial) loan,which is intended for funding RES generation in the form of the borrower’s use of photovoltaic panels for own needs. The loan issecured with a gratuitous BGK Biznesmax guarantee,  which lets the clients obtain a preferential interest rate and, during the first three years of loan repayment, also a a refund of interest up to 5% of the loan amount.
Moreover, Pekao has signed an agreement with the European Investment Bank to provide funding for the execution of projects aimed at improving energy efficiency, including modernization of thermal insulations, replacement of machinery and use of renewable energy sources, owing to which business operators in Kujawsko-Pomorskie Voivodship can obtain a low-interest loan. The Energy Saving Loan is only available from Bank Pekao. The bank is able to offer the low interest rate thanks to funding from the EU’s Regional Operational Program.
The physical risk of pollution of natural environment and natural disasters resulting from climate changes The physical risk related to effects of climate changes:acute physical risk, (among others severe storms, long-term heat waves, frostperiods, droughts and fires) as well as chronic physical risk, i.e. the risk of persisting changes such as the increase in the average temperature.This group of risks include scases related to direct devastating effects of natural disasters (destruction ofproperty) and risks caused indirectly (disturbances in the supply chain, deficit of natural resources). PZU takes measures for better understanding of the catastrophicrisk factors, taking into account in particular the flood risk. For this purpose, the PZU Group runs periodic analyses of its exposure to natural disasters. In addition, a division of the insurance portfolio into zones according to specific degrees of exposure to the risk offloods and cyclones has been introduced. Each such zone covered by the analysis is assigned a value of potential losses corresponding to the assumed probability levels. As part of the annual design of the reinsurance coverage program, changes are introduced in the frequency and scale of catastrophic events and places of their occurrence.
In its insurance activity, PZU uses a clause concerning extendedliability for losses arising in connection with the release of hazardous substances into the air, water or soil and in respect of costs associated with the removal, treatment and disposal of any pollutants. PZU also offers insurance cover for clients and their property in the case of natural disasters.
PZU also tailors its product offer to the identified risk factors, among others by an offer for sectors of the economy exposed to the highest climate risks, such as agriculture. For more informationabout tailoring the product offer to risk factors see SECTION OUR BUSINESS IN THE FACE OF CLIMATE CHANGE. As part of its products, PZU also provides an insurance guarantee forperformance of obligations on account of rectificationand remedial of the negative effects for the environment anddamages to the environment. Thanks to that it is possible for clientsfor obtain the required permits, among others:
  • decision approving the hazardous waste management program;
  • permit to conduct waste recycling and neutralization activity;
  • permit to construct waste landfills;
  • cover for negative effects in the environment (e.g. river water pollution);
  • permit for cross-border transport of waste.
The PZU Group employs also weather scenarios as a basis for the construction of the reinsurance program and for the calculation of capital requirements. The capital requirements provide a guarantee that even in the event of catastrophic floods or cyclones the PZU Group will have the capacity to pay its liabilities to clients.
The reputation risk and the compliance risk in connection with the direct environmental impact The risk associated with failure to comply with environmental norms and standards by the company, its suppliers and business partners The PZU Group monitors the consumption of energy resources and environmental resources (energy, fuels, water, paper). An Environmental Protection Officer has been appointed to take measures for reduction of direct environmental footprint of the PZU Group and provision of compliance with the applicable laws. PZU has in place internal procedures regarding business partners, which require compliance with environmental norms and standards. A Code of CSR Best Practices for PZU Suppliers has been developed and compliance with its provisions by the business partners is incorporated into their contracts with PZU.

Risk management responsibility

The management boards of the PZU Group companies are responsible for fulfilling their own duties in accordance with the generally applicable provisions of national and international law. In particular, they are responsible for the implementation of an adequate and effective risk management system.

Supervision over the risk management systems in the various financial sector entities is exercised by supervisory boards. PZU designates its representatives to the supervisory boards of its subsidiaries, including in particular the Alior Bank Group and the Pekao Group.

Chart of the organizational structure for the risk management system