CTRL 7.1.5 Risks to be addressed

An authorised firm’s risk management framework must address, at least, the following risks (where they are material to the firm’s operations):

(a) credit or asset risk;
(b) liquidity risk;
(c) market/investment risk;
(d) operational risk;
(e) strategy and planning risk;
(f) technology risk;
(g) market conduct risk;
(h) money laundering and terrorism financing risk;
(i) compliance, legal, reputational and regulatory risk;
(j) insurance underwriting;
(k) any other risks that, singly or in combination, could have a significant effect on the firm.


Derived from QFCRA RM/2020-4 (as from 1st July 2021)