BANK 4.2.2 Policies — general credit risk environment

A banking business firm's credit risk management policy must establish:

(a) a well-documented and effectively-implemented process for assuming credit risk that does not rely unduly on external credit ratings;
(b) well-defined criteria for approving credit (including prudent underwriting standards), and renewing, refinancing and restructuring existing credit;
(c) a process for identifying the approving authority for credit, given its size and complexity;
(d) effective credit risk administration, including:
(i) regular analysis of counterparties' ability and willingness to repay; and
(ii) monitoring of documents, legal covenants, contractual requirements, and collateral and other CRM techniques;
(e) effective systems for the accurate and timely identification, measurement, evaluation, management and control or mitigation of credit risk, and reporting to the firm's governing body and senior management;
(f) procedures for tracking and reporting exceptions to, and deviations from, credit limits or policies;
(g) prudent and appropriate credit limits that are consistent with the firm's risk tolerance, risk profile and capital; and
(h) effective controls for the quality, reliability and relevance of data and validation procedures.
Amended by QFCRA RM/2015-3 (as from 1st January 2016).