Chapter 9: Risk Oversight and Corporate Governance

Question 1

Who is responsible for corporate governance?

Answer 1

Director

Question 2

What are the 3 lines of defence in Risk Oversight and what to they do?

Answer 2

1. Business managers and staff manage their risks
2. Risk and compliance work independently alongside to supervise
3. Audit function to assess both risk and business

Question 3

What areas of risk does the board of directors cover?

Answer 3

Risk appetite
Instilling the correct culture
Monitoring risk exposure
Identifying risks

Question 4

What is the purpose of a risk comittee?

Answer 4

Independently identify, asses and control risks.

Question 5

What is the non-financial risk?

Answer 5

Operational risk, strategic risk

Question 6

Who sits on the risk committee? 4 people

Answer 6

non-executive director (NED)
Chief risk office (CRO)
Chief financial officer (CFO)
Chief investment officer (CIO)

Question 7

What is a non-executive director

Answer 7

Member of the board who is not involved in day-to-day operations. Typically appointed for expertise.

Question 8

What are the 3 lines of defence (shortened)

Answer 8

1. Business Management
2. Independent Risk Functions
3. Internal Audit

Question 9

What is the difference in upwards and downwards communication between risk-takers and risk managers?

Answer 9

Upwards: Risk Managers prepare reports to describe the risks they are taking
Downwards: Risk Managers set policies and risk limits

Question 10

Why should risk staff be autonomous?

Answer 10

So that they are segregated from revenue generating roles and are free to make independent and objective reports