Back Custom print Link Text Only Rich Text Print

  • RM-1.1 RM-1.1 General Requirements

    • Board of Directors

      • RM-1.1.1

        The board of directors of licensees must take responsibility for the establishment of an adequate and effective framework for identifying, monitoring and managing risks across all its operations.

        July 2014

      • RM-1.1.2

        The CBB expects the board to be able to demonstrate that it provides suitable oversight and establishes, in relation to all the risks the licensee is exposed to, a risk management framework that includes approving and monitoring policies, systems, tools and controls.

        July 2014

      • RM-1.1.3

        Although authority for the management of a licensee's risks is likely to be delegated to some degree to individuals at all levels of the organisation, the overall responsibility for this activity should not be delegated from its governing body and relevant senior managers.

        July 2014

      • RM-1.1.4

        A licensee's failure to establish an adequate risk management framework to the satisfaction of the CBB will result in it being in breach of Condition 6 of the Licensing Conditions of Section AU-2.6. This failure may result in the CBB withdrawing the licence or imposing other restrictions on the licensee, or the licensee being required to inject more capital.

        July 2014

      • RM-1.1.5

        The board of directors must ensure that there is adequate documentation of the licensee's risk management framework, and that the documentation is reviewed at least annually to ensure the framework continues to meet the needs of the licensee and complies with CBB requirements.

        July 2014

    • Senior Management

      • RM-1.1.6

        The responsibilities of the senior management of the licensee must include:

        (a) Implementing the overall risk strategy approved by the Board of Directors;
        (b) Ensuring that the strategy is implemented consistently throughout the whole organisation;
        (c) Ensuring that all levels of staff understand their responsibilities with respect to risk management;
        (d) Ensuring that each member of staff has the requisite knowledge, skills, and understanding of the principles and practices of risk management to discharge their duties effectively; and
        (e) Developing and implementing policies, processes and procedures for managing risk in all of the licensee's products, activities, processes and systems.
        July 2014

    • Systems and Controls

      • RM-1.1.7

        The risk management framework of a licensee must describe the systems and controls which are appropriate to their business, so as to identify, measure, mitigate, and monitor risks to which the licensee may be exposed.

        July 2014

      • RM-1.1.8

        The board must ensure that the licensee undertakes a timely review and evaluation of all internal systems and control weaknesses identified by external and/or internal auditors, the risk management function and management, and that actions are implemented to effectively mitigate such control weaknesses.

        July 2014

      • RM-1.1.9

        Licensees must establish mechanisms to verify that controls, once established, are implemented effectively at all times.

        July 2014

    • The Role of Internal Audit

      • RM-1.1.10

        The internal audit function, which may be outsourced subject to the conditions outlined in Chapter RM-4 must, on an on-going basis, monitor, assess, and evaluate the system of internal controls.

        July 2014