CTRL 1.2.3 What is a firm’s risk management framework?

(1) An authorised firm’s governing body must establish a risk management framework.
Note For the firm’s risk management framework, see rule 7.1.2.
(2) The firm’s risk management framework is made up of:
(a) the firm’s systems for identifying, measuring, evaluating, monitoring, reporting, and controlling or mitigating risks that may affect the firm’s ability to meet its obligations; and
(b) the structures, policies, processes and people that support those systems.
Derived from QFCRA RM/2020-4 (as from 1st July 2021)