Risk Management Framework

The Risk Management Framework is the overarching framework for managing risk in an organisation. At a high level, the Bank for International Settlements (BIS) indicates that for banks, the following are crucial elements of an effective risk management framework – for any bank size:

• governance by the board and senior management: how the organisation manages risk internally thorugh its committees and the board
• consistent risk oversight methodology for identifying, assessing, scoring risks and controls and ensuring risks are appropriately controlled, as well as monitor and report on the risks and their assciated controls
• a strong risk management culture
• a strong internal control culture, including clear lines of reporting and responsibility, and segregation of duties
• day to day risk management: this activity is inseparable from good business management and must be owned by the business lines (risk takers/risk owners) – not the risk management function
• effective independent and empowered risk and compliance functions
• effective independent internal audit function
• contingency planning
• specific risk policies that support the risk appetite statement and risk management framework document. These policies set out senior management responsibilities for managing particular types of risk and the delegated authorities for decision making for executives and board committees

Furthermore, for the risk management framework to be effectively implemented, it is crucial the involvement of the board of directors at inception. Some responsibilities of the board of directors include:

• determining the organisation’s approach to risk, including setting of approving its Risk Appetite
• defining and embedding the right risk culture throughout the organisation
• monitoring the organisation’s exposure to risk and the top key risks that could affect the organisation and undermine its strategy, affect its reputation or risk its long-term viability
• identifying the risks inherent in the company’s business model and business strategy, including risks originating in external sources
• overseeing the effectiveness of senior management’s mitigation processes, systems and controls, and ensuring the organisation has effective crisis and business continuity systems implemented and regularly tested

 

Our recent articles about Risk Management Framework (RMF)

• 3 Analysis Models All Risk Leaders Should Know
• The Risk Librarian: 5 Free Online Sources for Risk Professionals
• Speaking in Risk Management Tongues
• How to Get The Most Out of a Risk Heatmap
• BIS: Market Risk Capital Requirements FAQ
• How to Create a Risk Heatmap in Excel - Part 2
• Residual Risk Scoring Matrix Example
• How to Create a Risk Heatmap in Excel - Part 1
• FREE COURSE: Mastering Data Analysis in Excel
• EBOOK: Reimagining Risk: An integrated Approach to Enterprise Risk Management
• INFOGRAPHIC: Banks Risk Management Survey 2016 by EY
• EBOOK: Enterprise Risk Management
• VIDEO: Risk Management For Project Leaders Webinar
• Updated Rules for Markets in Financial Instruments: MiFID 2
• BIS on Operational Risk
• SREP: How Europe’s Banks can Adapt to the New Risk-Based Supervisory Playbook
• Key Risk Management Issues for 2016