Risk Recognition and Assessment
HC-1.2.10
The board is responsible for ensuring that the systems and controls framework, including the board structure and organisational structure of the
licensee , is appropriate for the business and associated risks (see Paragraph HC-1.2.3 (c)). The board must ensure that collectively it has sufficient expertise to identify, understand and measure the significant risks to which thelicensee is exposed in its business activities.The board must regularly assess the systems and controls framework of the
licensee . In its assessments, the board must demonstrate to the CBB that:(a) Thelicensee's operations, individually and collectively are measured, monitored and controlled by appropriate, effective and prudent risk management systems commensurate with the scope of its activities;(b) Thelicensee's operations are supported by an appropriate control environment. The compliance, internal audit, risk management and financial reporting functions must be adequately resourced, independent of business lines and must be run by individuals not involved with the day-to-day running of the various business areas. The board must additionally ensure that management develops, implements and oversees the effectiveness of comprehensive know your customer standards, as well as on-going monitoring of accounts and transactions, in keeping with the requirements of relevant law, regulations and best practice (with particular regard to anti-money laundering measures). The control environment must maintain necessary client confidentiality and ensure that the privacy of thelicensee is not violated, and ensure that clients' rights and assets are properly safeguarded; and(c) Where the board has identified any significant issues related to thelicensee's adopted governance framework, appropriate and timely action is taken to address any identified adverse deviations from the requirements of this Module.January 2014HC-1.2.11
The board must adopt a formal board charter or other statement specifying matters which are reserved to it, which should include but need not be limited to the specific requirements and responsibilities of
directors . This charter must cover the points in Paragraphs HC-1.2.1 to HC-1.2.10.January 2014