CTRL 6.2.2 What makes up authorised firm’s risk management function?

(1) An authorised firm’s risk management function is made up of:
(a) the individual (if any) who is approved to exercise the risk management function for the firm;
(b) any other employees allocated to the function;
(c) the part of the firm’s resources (other than staff) allocated to the function;
(d) the firm’s risk management strategy;
(e) the firm’s risk management policy; and
(f) the records that the firm keeps in relation to risk management.
Note 1 For the requirements relating to the risk management strategy, see rule 7.1.4.
Note 2 There are also specific requirements in PINS for a QFC insurer’s risk management strategy and policy. See PINS, Chapter 2.
(2) The purpose of an authorised firm’s risk management function is to monitor and control the firm’s risk exposure.
(3) The risk management function must provide for timely monitoring of, advising on, investigating and reporting on all reasonably foreseeable material risks.

 

Derived from QFCRA RM/2020-4 (as from 1st July 2021)