In accordance with the provisions of Zban-3, a banking group must be organised in such a way that the parent bank in the banking group is able to manage the risks to which the group is or could be exposed in its operations. The parent bank and all other members of the banking group must establish and implement a risk management system at the group level in such a way as to enable the smooth preparation of all data and information relevant to supervision on a consolidated basis.

The NLB Group, which is organised as a so-called corporate group, consists of NLB d.d. and members of the NLB Group. As a rule, these are long-term financial investments in stake or shares of banks and other companies. NLB must comply with the provisions of the Capital Requirements Regulation (CRR) together with all applicable delegated acts, the Companies Act (ZGD-1), the Banking Act (ZBan-3) and the Regulation on Internal Governance Arrangements, the Management Body and the Internal Capital Adequacy Assessment Process for Banks and Savings Banks, as well as the relevant EBA Guidelines, which regulate, among other things, the Bank’s obligation to establish and maintain adequate internal control and risk management systems, and other relevant national laws applicable to NLB and national laws in the countries in which the members of the NLB Group operate.

In accordance with the above, the NLB Group must be organised in such a way that NLB, as the parent bank, can manage the risks to which the NLB Group is or could be exposed in its operations. The parent bank and all other members of the Group must establish and implement a risk management system at the Group level in such a way as to enable the smooth preparation of all data and information relevant to supervision on a consolidated basis.

The NLB Group consists of NLB and the members of the NLB Group, which represent:

• core financial members: banks, leasing companies, and asset management companies,
• non-financial core financial members: real estate management companies and other non-financial companies,
• non-core members: companies in the process of being dissolved or companies that are not strategic for the NLB Group.

Core (financial and non-financial) members are important for the NLB Group in the long term.

With regard to ownership, as well as organisational and management structure, the members of the NLB Group are:

• subsidiaries (banks, financial organisations and companies),
• joint ventures,
• affiliates.

Members of the NLB Group are independent legal entities with their own management bodies^[1] and statutory duties and responsibilities. Any activities that take place at the Group level are carried out in a way that does not interfere with their independence. 

[1] The term management body refers to a supervisory body (supervisory board and/or board of directors) and management body (governing board or management board).

The governance of the NLB Group consists of three pillars:

1. corporate governance, which is carried out in accordance with the basic corporate rules and principles of governance, which consists of: 

• voting of shareholders at the General Meeting of the NLB Group members,
• proposing candidates for supervisory bodies of the NLB Group members,
• providing expert support to the supervisory bodies of the NLB Group members,
• providing expert support in the selection of candidates for the management of the NLB Group members,
• proposing candidates for various committees of the NLB Group members,

2. business governance, which is carried out through mechanisms that ensure effective management and control of operations:

• establishment of a formal framework of business governance by Group Steering (i.e., this policy and accompanying documents),
• standardisation and harmonisation of operations in the NLB Group through competence lines.

3. control functions as the second and third lines of defence, which, in addition to standardisation and harmonisation in their respective areas, also supervise the implementation of the Group’s rules and requirements: internal audit, risk management and compliance of operations, which also includes anti-money laundering, information security, prevention of fraud and physical security.