Back Custom print Link Text Only Rich Text Print

  • Risk Recognition and Assessment

    • HC-1.2.6

      The Board is responsible for ensuring that the systems and controls framework, including the Board structure and organisational structure of the bank is appropriate for the bank's business and associated risks (see HC-1.2.3 (c)). The Board must ensure that collectively it has sufficient expertise to identify, understand and measure the significant risks to which the bank is exposed in its business activities.

      In assessing the systems and controls framework, the BMA expects the Board to demonstrate that the bank's operations, individually and collectively:

      (a) Are measured, monitored and controlled by appropriate, effective and prudent risk management systems commensurate with the scope of the bank's activities. The Board should ensure that senior management have put in place appropriate systems of control for the business of the bank and the information needs of the Board; in particular, there should be appropriate systems and functions for identifying as well as for monitoring risk, the financial position of the bank, and compliance with applicable laws, regulations and best practice standards. The systems should produce information on a timely basis; and
      (b) Are supported by an appropriate control environment. The compliance, risk management and financial reporting functions must be adequately resourced, independent of business lines and must be run by individuals not involved with the day-to-day running of the various business areas. The Board must additionally ensure that management develops, implements and oversees the effectiveness of comprehensive know your customer standards, as well as ongoing monitoring of accounts and transactions, in keeping with the requirements of relevant law, regulations and best practice (with particular regard to anti-money laundering measures). The control environment should maintain necessary client confidentiality and ensure that the privacy of the bank is not violated, and ensure that clients rights and assets are properly safeguarded.

    • HC-1.2.7

      In its review of the systems and controls framework, the Board should:

      (a) Effectively make use of the work of internal and external auditors. The Board should ensure the integrity of the bank's accounting and financial reporting systems through regular independent review (by internal and external audit). Audit findings should be used as an independent check on the information received from management about the bank's operations and performance and the effectiveness of internal controls; and
      (b) Identify any significant issues related to the bank's adopted governance framework, processes and practices and ensure that appropriate and timely action is taken to address identified adverse deviations from the requirements of this Module.

      The determinations under HC-1.2.6 and this paragraph might be made through the use of self-assessments, stress/scenario tests, and/or independent judgments made by external advisors. The Board may appoint supporting committees, and engage senior management to assist it in the oversight of risk management, but the Board may not delegate its ultimate responsibility to ensure that an adequate, effective, comprehensive and transparent corporate governance process is in place.