Skip to content

Risk Management

Risk Management

The audit considerations for this aspect include:

 Checking whether the bank has adequate risk management process, sound risk measurement procedures, sound information systems, continuous risk monitoring and frequent management reporting for treasury operations.

 Examining whether the mid-office monitors the exchange and gap positions for cut loss limits, overnight limits, daylight limit, liquidity, counter party exposure limit and aggregate gap limit fixed in the banks trading policy/ guidelines.

 Reviewing the adequacy and effectiveness of the overall risk management system, including compliance with policies, and procedures.

 Investigating unusual occurrences such as significant breaches of limits, unauthorized trades and unreconciled valuation or accounting differences.

 Inquiring whether there is a ‘New Product Approval’ process prior to undertaking transactions in new or structured derivative products and verifying whether the ‘New Product Paper’ for all new derivative products is approved and signed-off by the Chief Compliance Officer of the bank.

 Obtaining the ‘Risk Management Policy’ of the bank and verifying whether risk management pertaining to derivative transactions is an integral part of the policy.

 Verify whether the Policy is updated on a periodic basis in line with the dynamic market and regulatory changes.

 Verifying that the ‘Risk Management Policy’ for derivative transactions has been approved by the Board. Verifying that the policy inter alia covers the following aspects:

(i). Defines the approved derivative products and the authorized derivative activities;

(ii). Details requirements for the evaluation and approval of new products or activities;

(iii). Ensures appropriate structure and staffing for the key risk control functions, including internal audit;

(iv). Establishes management responsibilities;

(v). Identifies the various types of risks faced by the bank and establishes a clear and comprehensive set of limits to control these;

(vi). Establishes risk measurement methodologies which are consistent
with the nature and scale of the derivative activities;

(vii). Requires stress testing of risk positions;

(viii). Details the type and frequency of reports for monitoring risks which are submitted to the Board (or committees of the Board);

(ix). Typical risks and commonly used risk limits in respect of derivative transactions.

 

Bank Audit | Tina Saha |