Beruflich Dokumente
Kultur Dokumente
Agenda
Decision
to be
Risk Based
Risk
Monitoring
And
Reporting
Set a
Risk
Context
Set Risk
Appetite
Risk
Control
Risk
Identification
Risk
Mitigation
Risk
Measurement
Included in ARROW
Decision
to be
Risk Based
Decision
to be
Risk Based
Decision
to be
Risk Based
11
Decision
to be
Risk Based
12
Set a
Risk
Context
Risk context
Set a
Risk
Context
14
Set a
Risk
Context
Risk channels
Set a
Risk
Context
External
Financial failure of firms
Misconduct and mismanagement by firms
Consumer understanding
Financial fraud
Market abuse
Money laundering
Market quality
Internal
Delivery of FSAs Strategic Priorities
FSAs reputation
Economy and efficiency of FSAs operations
16
Set Risk
Appetite
Set Risk
Appetite
Impact
High
Medium
High
Medium
Low
Low
No
mitigation
Close &
Continuous
monitoring
Justify
mitigation
Enhanced
monitoring
Mitigation
(justify
inaction)
Watchlist
Upward
escalation
Mitigation
High
intensity
watchlist
Upward
escalation
Remediation
High
intensity
watchlist
Upward
escalation
No action
Baseline
monitoring
Justify
mitigation
Monitoring
Mitigation
(justify
inaction)
Watchlist
Upward
escalation
Mitigation
High
intensity
watchlist
Upward
escalation
Remediation
High
intensity
watchlist
Upward
escalation
No Action
Baseline
monitoring
Justify
mitigation
Monitoring
Mitigation
(justify
inaction)
Monitoring
Mitigation
Watchlist
Upward
escalation
Remediation
Watchlist
Upward
escalation
No Action
Baseline
monitoring
No Action
Baseline
monitoring
No Action
Baseline
monitoring
Thematic
mitigation
Baseline
monitoring
Remediation
Baseline
monitoring
Low
Medium
Low
High
Crystallised
RISK APPETITE
(FIRM RISKS)
Medium
High
Probability
19
Risk
Identification
Risk identification
Risk
Identification
21
Risk
Identification
Supervision of firms
Visits to firms (either as part of a
supervisory assessment, enforcement
action, or other)
Information provided by firms (either on
FSA request or firms initiative)
Monitoring of returns and similar data,
and transaction monitoring
Information provided by others (e.g.
Financial Ombudsman, overseas
regulators, external auditors)
Thematic work
Project work
Retail intelligence
Market monitoring
Other external sources (e.g. press,
other regulators, analysts, trade bodies
and special-interest groups)
22
Risk
Measurement
Risk Measurement
Risk
Measurement
PRIORITY
for the FSA
IMPACT
of the problem
if it occurs
Risk
Measurement
PROBABILITY
of the problem
occurring
Size of firm
No. of retail consumers
Perceived importance
Business Risk
Control Measures
Consumer risk
25
Risk
Measurement
Probability
High
Crystallised
Medium-high
High
Medium-low
Medium-high
Low
Medium-low
Low
26
Risk
Measurement
Impact
Priority
risks
High
Med.
High
Med.
Low
Low
Probability
27
Business risks
Control risks
Strategy
Market, credit,
insurance and
operational risk
Financial soundness
Treatment of customers
Organisation
Nature of customers,
products and services
Risk
Measurement
28
Risk
Measurement
29
Risk
Measurement
Misconduct
/ mismanagement
Consumer
understanding
Fraud &
dishonesty
Market
abuse
Money
laundering
Market
quality
Strategy
Market, Credit & Op
Financial soundness
Customers / products
TOTAL BUSINESS RISK
Treatment of customers
Organisation
Systems & controls
Board, Management
Culture
TOTAL CONTROL RISK
NET PROBABILITY
Market
Consumer
confidence protection
Public
awareness
Financial
crime
30
Risk
Mitigation
Risk mitigation
Risk
Mitigation
32
Risk
Mitigation
Supervision of firms
Thematic work
33
Risk
Mitigation
34
Presentation of risks
Risk Today
High
Impact
Risk
Mitigation
Mediumhigh
Mitigation
Mediumlow
Target Level
Low
Low
Mediumlow
Mediumhigh
High
Probability
Crystallised
35
Risk
Monitoring
And
Reporting
Risk
Monitoring
And
Reporting
37
Presentation of risks
Initial Risk
High
Impact
Risk
Monitoring
And
Reporting
Mediumhigh
Mediumlow
Risk Today
Target Level
Low
Low
Mediumlow
Mediumhigh
High
Probability
Crystallised
38
Risk
Monitoring
And
Reporting
Classification of Risks
Succession Planning
ENVIRONMENTAL RISK,
Economic Environment
Accepting Customers
Policy
Legislative/Political Risk
Client Classification
Methodology
Competition Risk
Resources
Sales Process,
Record Keeping
Monitoring
Conflicts of interest
Financial Capability
Market surveillance
Improving transparency
Transaction Monitoring
Independence
Suitability
Suspicious Transaction
Monitoring and Reporting
Product Disclosure
Structured Products
Financial Promotions
Internal Audit,
Post Sale Handling of Customers, Methodology
Dealing and Managing
Resources
Reporting
Independence
Switching Products
Financial Control,
Switching Providers
Complaints Handling
Security of Client Assets
CORPORATE CONTROLS,
Risk Management
Credit Risk
Business Culture
Management Information
Corporate Governance
Relationship with Regulators
Priority Delivery,
Treating Customers Fairly
Retention
Recruitment
Processes (non-IS),
Inadequacy
Not followed
Not comprehensive
Processes (IS),
Inadequacy
Availability
Dependency
Information,
Not sufficient
Lost
Vulnerable
Market Risk
Insurance Risk
Financial Stability
Operational Risk
IT Controls
Business Continuity
Liquidity Risk
Business Continuity
Consumer
Financial Crime
Finance,
Quality of Management
Quality of Strategy
Succession Planning
Business Culture
Management Information
Corporate Governance
Political Risk
Reputational Risk
Risk Management
Identification
Measurement
Monitoring
Control
External risks
Independence
Policies and Procedures and
Controls
Audit
Priorities
Methodology
Resources
Independence
Sectors
Compliance
Data Protection
Freedom of Information
Health & Safety
Membership Arrangements
Legal Risk
Market Cleanliness
Methodology
MANAGEMENT GOVERNANCE
AND CULTURE,
Internal Risk,
Resources
Management,
Skills
Independence
Quality of Management
Quantity
Suspicious Transaction
Monitoring and Reporting
Quality of Strategy
Turnover
Legal
People
Management,
Internal risks
Personnel
Conflicts of interest
39
Risk
Monitoring
And
Reporting
40
Risk
Control
Risk controls
Risk
Control
42
Challenge
Risk
Control
43
Risk
Control
Risk
Control
45
Risk
Control
Staff tend to be risk-averse; tendency to overscore impact and probability unless challenged.
Requiring clearer ownership of risks imposes
better accountability and discipline.
The only way to track mitigation effectively is
to describe the risk and target outcome very
specifically.
Relies on adequate risk management skills and
experience among staff to work.
46
Evaluation
We believe that ARROW is at the forefront of supervisory
best practice
requests for technical assistance are high
recent UK government reports such as Hampton
and Arculus have praised our approach (compared
with other UK regulators)
Effective risk management is a journey and not a
destination, so it needs to evolve:
as our experience grows
as our needs grow (e.g. from our recent adoption
of Mortgage & General Insurance regulation)
as our expectations grow
48
49
ARROW 3 ?
ARROW 2.5
ARROW 2.0
ARROW
RATE,
FIBSPAM
Outcome-based
models
Individual
risk-based methods
Assessment
models
X Current position
50