Guidance on Managing Outsourcing Risk
After completing this reading, you should be able to: Explain how risks can arise through outsourcing activities to third-party service providers and describe elements of an effective program to manage outsourcing risk. Explain how financial institutions should perform due…
Risk Mitigation
After completing this reading, you should be able to: Explain different ways firms address their operational risk exposures. Compare different types of internal controls and provide examples of each type of internal control. Describe control automation, internal control design, and…
Risk Measurement and Assessment
After completing this reading, you should be able to: Explain best practices for the collection of operational loss data and reporting of operational loss incidents, including regulatory expectations. Explain operational risk-assessment processes and tools, including risk control self-assessments (RCSAs), likelihood…
Supervisory Guidance on Model Risk Management
After completing this reading, you should be able to: Describe model risk and explain how model risk can arise in the implementation of a model. Describe elements of an effective process to manage model risk. Explain the best practices for…
Cyber-resilience: Range of Practices
After completing this reading, you should be able to: Define cyber-resilience and compare recent regulatory initiatives in the area of cyber-resilience. Describe current practices by banks and supervisors in the governance of a cyber risk management framework, including roles and…
Risk Identification
After completing this reading, you should be able to: Compare different top-down and bottom-up approaches and tools for identifying operational risks. Describe best practices in the process of scenario analysis for operational risk. Describe and apply an operational risk…
Risk Reporting
After completing this reading, you should be able to: Identify roles and responsibilities of different organizational committees and explain how risk reports should be developed for each committee or business function. Describe components of operational risk reports and explain best…
Case Study: Model Risk and Model Validation
After completing this reading, you should be able to: Define a model and describe different ways financial institutions can become exposed to model risk. Describe the role of the model risk management function and explain best practices in the model…
Sound Management of Risks Related to Money Laundering and Financing of Terrorism
After completing this reading, the candidate should be able to: Explain best practices recommended by the Basel Committee for the assessment, management, mitigation and monitoring of money laundering and financial terrorism (ML/FT) risks. Describe recommended practices for the acceptance, verification…
Case Study: Investor Protection and Compliance Risks in Investment Activities
After completing this reading, you should be able to: Summarize important regulations designed to protect investors in financial instruments, including MiFiD, MiFiD II, and Dodd-Frank. Describe and provide lessons learned from the case studies involving violations of investor protection or…
