CISI Risk - Chapter 1 Flashcards
Why is credit, market and liquidity risk in the center of the Risk-Related regulation and policy diagram?
The management of these risks lies at the heart of the complex financial transactions performed by the industry.
What is investment risk?
Providing the ‘Right’ level of return to the investor
What is operational risk?
Risk arising from people, processes, systems and external events. These are the four key components of operational risk
What are the four key points of Operational risk?
People, Processes, systems and external events.
Difference between risk and uncertanity?
Risk - Variables that can be quantified
Uncertainty - Variable that can NOT be quantified
How is the ‘Risk Score’ calculated?
Probability X impact
Where does Risk Governance & Risk polices sit ?
At board level
Who performs risk oversight?
The business unit (the first line of defense)
Risk oversight - Who do action plans get reported to?
Independent Risk Management function
What are the four tasks performed by the Independent Risk Management function?
Identifying risks
Assessing Risks
Ensuring risks are appropriately controlled
Monitoring and reporting
Who performs Day to Day risk management?
Performed by the business unit, not the risk function
6 causes of external risk?
The global economy
Politics
Competitive enviroment
Social & Market forces
ESG
Technology and Cyber security
Types of external stakeholders and third parties (5)
Parent Company
Institutional Investors
Large customers
Regulators
Suppliers/Consultant
ESGs too
3 Main types of Political Risk
Rise & fall in invested markets
Increase/Decrease demand for products sold by the industry
Changes to the regulation/legislation in invested markets
ESG - Environmental Risks (2)
Climate change
Issues around the depletion of natural resources
ESG - Social Risks (3)
Reputation
Human Capital Issues
Stakeholder Opposition
ESG - Governance Risks (2)
Corporate Governance Issues
Corporate Behavior Issues
PESTLE Analysis - Stands for what?
Political
Economic
Social
Technical
Legislative
Environmental
What’s key process is used under Business Continuity Planning
Disaster Recovery
What are the two key impacts covered in Business Process Analysis
Internal and external impact on business processes
What are the three ways to assess external risk
Likelihood/Probability rating
Impact Loss rating
Risk score = Likelihood (1-5) x impacts (1-5)
What is strategic risk?
The risk of the outcome of a poor business strategy or the way in which is implemented across the firm
What is compliance risk?
Compliance with regulation and legislation
3 components to Financial Risk
Revenues Vs Costs
Gearing/Leverage
BIS Three maintypes - Credit, Market & Operational
Who is responsible for creating/drafting and amending the Simple Risk framework
The board - Senior Managers
What is the identify part of the simple risk framework
Listing all te possible problems or hazards
What are the four key points in risk oversight
Identify, Asses, Monitor & Control
What is the Asses part of the simple risk framework
Grouping risks together and attempting to quantify their risk scores
What is the Control part of the simple risk framework
Setting limits and mitigation practices to the risks identified in the first stage
What is the Monitor part of the simple risk framework
Monitor effectivness and provide data for regualtors/board level
Is compliance an internal or external risk?
Internal - A firm can choose to comply with regulations
4 ways to asses internal drivers of business risk?
SWOT Analysis
Stress Testing
Scenario Analysis
Risk Assessment Workshops
What are the two ways to externally assess risks?
Independent auditors
Industry best practice
What is SWOT analysis
4 grid approach going through the firms weakness and successes
What is stress testing
One input factor at a time
What is Scenario analysis
Constructing realistic scenarios, multiple factors at a time
6 Methods used to reduce business risk?
GAP Analysis
Market surveys
Market research
R & D
Liaison with regulators
Test-Marketing
What is risk culture?
System of values and behaviors throughout an organization
What is risk appetite
The type and amount of risk a firm is willing to accept in the pursuit of business objectives
Who does the top-down approach involve?
Board and senior management
Who does the bottom-up approach involve?
Line management
What is a risk profile?
The type and intensity of the risks to which a firm is exposed to
When launching a new product, how do firms often justify the strategy?
Cost/Benefit analysis
What is Inherent (Gross) Risk?
Risk without mitigating controls
What is residual (Net) risk
Firms exposure after taking mitigating controls
What is market risk
Changes in value of financial instruments
What is funding liquidity risk?
Firm can not obtain necessary funds to meet their obligations
What specific product is exposed to interest rate risk?
Balance Sheets
What is the purpose of an ICO? (Initial Coin Offering)
Raise Capital
What is interest rate risk?
Exposure to adverse movements in interest rates
What is RegTech?
Regulation surrounding FinTech activities and products
What is the fine for breaking the GDPR?
4% or 40 million.
What is sovereign risk?
Government defaulting on their loans
What is a ‘Hot’ site
Online storage site of crypto. Asset and encryption key stored SEPERATELY
What is a ‘Cold’ site
Offline storage of crypto assets in bunkers and vaults.
What is enterprise risk management ?
Enterprise risk management is a method of providing the firm with a succinct view of all its key risk information, thus enabling the senior team to make balanced, firm-wide risk decisions.
