Cyber-resilience: Range of Practices
After completing this reading, you should be able to: Define cyber-resilience and compare recent regulatory initiatives in the area of cyber-resilience. Describe current practices by banks and supervisors in the governance of a cyber risk management framework, including roles and…
Risk Identification
After completing this reading, you should be able to: Compare different top-down and bottom-up approaches and tools for identifying operational risks. Describe best practices in the process of scenario analysis for operational risk. Describe and apply an operational risk…
Risk Reporting
After completing this reading, you should be able to: Identify roles and responsibilities of different organizational committees and explain how risk reports should be developed for each committee or business function. Describe components of operational risk reports and explain best…
Case Study: Model Risk and Model Validation
After completing this reading, you should be able to: Define a model and describe different ways financial institutions can become exposed to model risk. Describe the role of the model risk management function and explain best practices in the model…
Sound Management of Risks Related to Money Laundering and Financing of Terrorism
After completing this reading, the candidate should be able to: Explain best practices recommended by the Basel Committee for the assessment, management, mitigation and monitoring of money laundering and financial terrorism (ML/FT) risks. Describe recommended practices for the acceptance, verification…
Case Study: Investor Protection and Compliance Risks in Investment Activities
After completing this reading, you should be able to: Summarize important regulations designed to protect investors in financial instruments, including MiFiD, MiFiD II, and Dodd-Frank. Describe and provide lessons learned from the case studies involving violations of investor protection or…
Case Study: Third-party Risk Management
After completing this reading, you should be able to: Explain how risks related to the use of third parties can arise and describe characteristics of an effective third-party risk management framework. Describe the lessons learned from the case study involving…
Risk Governance
After completing this reading, you should be able to: Explain Basel regulatory expectations for an operational risk management framework’s governance. Describe and compare the roles of different committees and the board of directors in operational risk governance. Describe the “three…
Case Study: Financial Crime and Fraud
After completing this reading, you should be able to: Describe elements of a control framework to manage financial fraud and money laundering risk. Summarize the regulatory findings and describe the lessons learned from the USAA case study. This chapter discusses…
Case Study: Cyberthreats and Information Security Risk
After completing this reading, you should be able to: Provide examples of cyber threats and information security risks and describe frameworks and best practices for managing cyber risks. Describe lessons learned from the Equifax case study. Examples of Cyber Threats…
