Global Citizenship Report 2017

Managing Compliance Risk The Independent Compliance Risk Management team is responsible for helping to drive a culture of ethical conduct at Citi by establishing policies, programs and procedures that guide and support our employees in making ethical decisions and adhering to appropriate standards of conduct. Through an integrated compliance risk management framework, this group protects Citi by setting standards; providing guidance, training and advice to our businesses regarding compliance risk; and driving ownership and accountability for managing compliance risk in accordance with Citi standards across the firm. Managing compliance risk is the responsibility of all of our employees and requires not only adherence to applicable laws, regulations, policies and relevant standards of conduct, but also the promotion of business behavior and activity that is consistent with the values and conduct expectations outlined by our Mission and Value Proposition, Leadership Standards and Code of Conduct. Citi’s global Compliance organization is headed by our Chief Compliance Officer, who reports directly to our CEO and provides regular reports on the performance of the compliance program to our Board of Directors, as well as its Audit, Risk Management and Ethics and Culture Committees. Anti-Bribery Program We continually enhance our Anti-Bribery Program with respect to the areas outlined in the Citi Anti-Bribery Program Statement — which is updated at least annually — and in our Code of Conduct, which summarizes our Anti-Bribery Policy. Citi complies with all applicable anti-bribery laws and regu- lations, including the US Foreign Corrupt Practices Act, the UK Bribery Act, and the applicable local anti-bribery laws of the countries in which we operate. Our Anti-Bribery Program Statement expressly prohibits bribery in any form for our employees as well as our suppliers. We have written policies, procedures and internal controls designed to comply with anti-bribery laws. We conduct an annual bribery risk assessment of all global business lines. The risk assessment addresses many areas of risk, including gifts and entertainment, hiring practices and third-party relationships. The Anti-Bribery Program is overseen by the Chief Compliance Officer, and information on anti-bribery compliance is disseminated to senior management at both the regional and enterprise levels and with the Board of Directors or a committee of the Board, as appropriate. We provide our staff with anti-bribery training annually and supplement it with targeted training and communications as needed. We give staff multiple ways, including the Ethics Hotline, to escalate bribery-related concerns and to prompt investigations, where necessary. We have been rebuilding our credibility, our relationships with our regulators and, very importantly, a culture that’s based on ethics and execution. – Michael Corbat, CEO at 2017 Citi Investor Day Citi 2017 Global Citizenship Report 19 CONTENTS    INTRODUCTION    HOW WE DO BUSINESS     SOLUTIONS FOR IMPACT    APPENDICES Conduct and Culture     Digital Innovation    Talent and Diversity    Human Rights    Environmental and Social Risk Management    Operations and Supply Chain