Risk Management Flashcards

1
Q

The probability of something happening that will have an adverse impact upon people, plant, equipment, financials, property or the environment and the severity of the impact.” (Australian Risk Management Standard ASNZA 4360)

A

Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Focus of the Bank Proper

A
  1. Capital Adequacy & Transparency
    - Risk-based Capital Adequacy Framework
    - Liquidity Ratios
  2. CAMELS Rating
  3. BSP Supervisory Assessment Framework (SAFr)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Focus of Trust Services

A
  1. Fiduciary Responsibility
    - Basic Standards
    - BSP Circular 766
  2. Trust Rating System
  3. BSP Supervisory Assessment Framework (SAFr)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The practices which are specific to Trust Banking will collectively be taken as

A

Fiduciary Risk Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Fiduciary Risk Management involves the management of risks affecting both the ____ and _____ as a trust entity.

A

clients; TBG

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the Risks associated with TBG?

A
  • Strategic Risk
  • Reputational Risk
  • Compliance Risk
  • Operational Risk
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the Risks associated with the clients?

A
  • Credit/Counterparty Risk
  • Market Risk
  • Liquidity Risk
  • Sustainability Risk
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Risk Management Structure: What are the 3 Lines of Defense Framework and who is/are responsible for each line?

A
  • 1st Line of Defense (TBG/Business Risk Manager)
  • 2nd Line of Defense (Risk Management)
  • 3rd Line of Defense (Internal Audit)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The Line of Defense which has the following functions:

  • best position to identify & manage risk
  • immediate reporting & escalation of current & impending risks
  • internal challenge to existing controls & declaration of levels of risk
A

1st line of defense (TBG /Business Risk Manager)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The Line of Defense which has the following functions:

  • assist in the identification, assessment, monitoring & controlling risks
  • provide tools to manage risks
  • independent challenge and assessments, review of policies and procedures
A

2nd line of defense (Risk Management)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

True or False. Risk as a discipline cuts right across the three lines of defense; The responsibility falls on the risk management team in the firm, as an inherent part of their day-to-day responsibilities

A

False. Risk as a discipline cuts right across the three lines of defense; The responsibility falls on every single individual in a firm, as an inherent part of their day-to-day responsibilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The Line of Defense which has the following functions:

  • assess control adequacy, policy application & adherence
  • report failings & policy deviations/ violations
  • independent challenge to the levels of assurance declared by business operations and oversight functions
A

3rd Line of Defense (Internal Audit)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

True or False. Everyone in a firm is expected to take responsibility for identifying and mitigating risks associated with the tasks they perform.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The Risk Management process of TBG includes the (1) ____________ of risks of the Group, (2) ___________ the risk exposures, (3) ___________ the risks to desired levels: in keeping with the risk tolerance of both the clients and TBG, and (4) _________ the levels of risks so that these continue to be within acceptable levels.

A

identifying, measuring, controlling, monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The success of the Risk Management Framework rests on the ________________________ of the organization

A

diligent exercise of responsibility of each member

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Under Product Development (of the Risk Identification) are:

A
  • Risk Assessment Questionnaire
  • AML Risk Assessment
  • Fraud Risk Assessment
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the Risk Identification Process?

A
  1. Product Development
  2. Client Onboarding
  3. Investment Evaluation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Under Client Onboarding (of the Risk Identification) are:

A
  • AML Risk Profiling
  • Client Suitability Assessment
  • Client Risk Score
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Under Investment Evaluation (of the Risk Identification) are:

A
  • First Pass
  • Risk Rating Systems for various asset types
  • Counterparty Evaluation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Familiarize yourself with the Risk Reporting Checklist

A

Refer to slide 17 of TODP Risk Update as of July 2023

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Risk Treatment Plan:

A
  1. Reduction
  2. Avoidance
  3. Transfer
  4. Acceptance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Risk Treatment Plan that entails finding alternative courses of action to reduce the probability & severity or prevention of risk

A

Reduction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Risk Treatment Plan that entails evading activities or situations that exhibit unacceptable risks & prevent an organization from taking more actions that may increase risk exposure

A

Avoidance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Risk Treatment Plan that often leaves the risk intact but shifts the responsibility for it to other parties that have greater control over the risk situation or are less susceptible to the impact of the risk factors

A

Transfer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Risk Treatment Plan saying that for some risks, it is simply not feasible to intervene with effective preventive/corrective measures, thus an organization may simply decide to “accept” such risks to realize opportunities

A

Acceptance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

___________ is the current and prospective risk to TBG’s earnings arising from adverse business decisions, improper implementation of decisions, or lack of responsiveness to industry changes.

A

Strategic risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Corporate Planning Stages

A
  1. Planning & Budget
  2. Approvals
  3. Dissemination
  4. Implementation
  5. Monitoring
  6. Review
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

This stage includes the Insight about the assessment of strengths, weaknesses, opportunities, and threats

A

Planning & Budget

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Under this stage is the Board oversight: ensuring goals are realistic and risk appetite is acceptable

A

Approvals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

This stage encompasses Accountability: Clear dissemination of responsibilities across TBG personnel

A

Dissemination

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

This stage tackles a Sound operational environment and appropriate support infrastructure to facilitate the achievement of goals

A

Implementation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Active monitoring/reporting of internal and external developments affecting plans/performance vs. targets is the target for this stage

A

Monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

This stage focuses on Proactive Deviation Management: identification of potential deviations to plans caused by internal/external factors

A

Review

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

True or False. For the monitoring stage, Performance against targets is done periodically to identify areas for improvement and apply necessary resources to augment deficiencies.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Operational risk is defined as the risk of loss resulting from inadequate or failed internal _________, ________, and ______ or from __________.

A

processes, people, and systems; external events

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Operational Risk encompasses the following:

A
  1. Product development and delivery
  2. Operational processing
  3. Systems development
  4. The internal control environment
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Operational Risk includes _________ which arises from non-adherence with the terms of the fiduciary agreement and the potential that unenforceable contracts, lawsuits, or adverse judgments can disrupt or otherwise negatively affect the operations of TBG.

A

Legal Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What are the Operational Risk Event Types?

A
  1. IF (Internal Fraud)
  2. EF (External Fraud)
  3. EDPM (Execution, delivery & process management)
  4. EPWS (Employment practices & workplace safety)
  5. CPBP (Clients, products & business practices)
  6. DPA (Damage to physical assets)
  7. BDSF (Business Disruption and System Failures)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Sound Operational Control Environment Risk Coverage includes:

A
  1. People
  2. Process
  3. Systems
  4. External Events
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Activities/programs under this Risk Coverage include:
- Hiring Qualifications, Background Check, Training and Development
- Performance Appraisal, Employee discipline
- Succession planning, Benefits
- Employee Safety Guidelines

A

People

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Activities/programs under this Risk Coverage include:
- Automation, Maker-Checker, Delineation of Roles; Accountability
- Policies and Procedures (Desk Manuals)
- BCP, RCSA, BRM

A

Process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Activities/programs under this Risk Coverage include:
- Best Practices for Emergency Drills
- Records Management
- Contingency Plan

A

External Events

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

It is the current and prospective risk to clients’ earnings or principal contribution arising from an obligor’s failure to meet the terms of any contract or otherwise perform as agreed.

A

Credit/Counterparty Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Activities/programs under this Risk Coverage include:
- Audit Trail, Access Restrictions
- Information Security Guidelines, Upgrades, Antivirus and Firewalls
- Limits Management System, Escalation to Management

A

Systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Asset Management Diagram

A

Refer to slide 31of TODP Risk Update

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Credit/Counterparty Risk arises _______ fiduciary funds are extended, committed, invested, or otherwise exposed through actual or implied contractual agreements, and reflected in the client’s financial statements.

A

anytime

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Credit/Counterparty Risk is found in all activities where settlement depends on __________, ______, or _________ performance.

A

counterparty, issuer or borrower

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

TBG Risk Rating System (Credit or Investment Evaluation) includes all of the following except:
a.Trust Credit Risk Rating System (TCRRS)
b. Foreign Bond Rating System (FBRS)
c. Internal Equity Risk Rating System (IERRS)
d. Fund Selection Framework (TBG)
e. Asset Allocation Rating System (AARS)

A

e. Asset Allocation Rating System (AARS) - gawa gawa ko lang to

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

The result of the Credit or Investment Evaluation is a risk rating attached to the credit exposure. The risk rating is a fundamental tool in risk management and is the basis of ___________, _______, and credit ___________.

A

accreditation, management, and credit administration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

The issuer/counterparty must attain a passing rating of at least ‘Acceptable’ in the internal evaluation to be accredited in the TBG Investment Universe. (Under which step is this included?)

A

Credit or Investment Approval

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Process of Credit Risk Management

A
  1. Credit or Investment Evaluation
  2. Credit or Investment Approval
  3. Credit or Investment Administration
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Under this step of the credit risk management includes:
- Monitoring of the credit/quality of the Investment Universe
- Impairment assessment (Allowance for Probable Losses, Expected Credit Loss)

A

Credit or Investment Administration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

True or False. A TrustCom approval is required only for some investments.

A

False. A TrustCom approval is required for all investments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

It is the current and prospective risk to clients’ earnings or principal contribution arising from changes in the value of the TBG’s holdings of investment portfolios.

A

Market Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Market Risks arises from dealing and position-taking activities in:

A

Interest rate;
Foreign exchange; and
Equity markets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Tools for Market Risk Management

A
  1. MTM or Revaluation
  2. Benchmarking Policy
  3. Duration
  4. Value-at-Risk (VaR)
  5. Active VaR
  6. Market Stress Testing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

The fundamental purpose of this tool is to obtain an objective measure of the current market value, and hence of the potential profit and loss of a fund/portfolio if liquidated.

A

MTM or Revaluation

52
Q

For TBG, this tool sets the appropriate benchmark to evaluate its asset management performance is just as critical as the performance itself. Fund performance is consistently benchmark-driven.

A

Benchmarking Policy

52
Q

This tool measures the approximate sensitivity of a bond’s value to changes in interest rates.

A

Duration

53
Q

This concept is introduced in a portfolio/asset management where the concern is not mainly focused on the portfolio loss but with its underperformance against a set benchmark.

A

Active VaR

53
Q

TBG uses _____________ which is a measure of time characteristics that considers the repayment of capital at maturity & the size and timing of coupon payments prior to final maturity

A

Macaulay Duration

53
Q

This tool is a measurement of a portfolio’s biggest probable loss at a given horizon and confidence level, under normal market condition. It provides a universal measure of the level of riskiness of a portfolio.

A

VaR

54
Q

The Active VaR for TBG compares the possible returns of a portfolio with that of the benchmark returns, and measures the ________ _______ _______ deviation or underperformance given the same market scenario

A

maximum possible negative

55
Q

This tool takes up abnormal market events that would impact severely the value of the funds.

A

Market Stress Testing

56
Q

________ is the current and prospective risk to clients’ earnings or principal contribution arising from TBG’s inability to recognize or address unplanned changes in client’s and/or beneficiary’s needs thereby affecting the ability to liquidate assets quickly with minimal loss in value.

A

Liquidity Risk

57
Q

True or False. TBG shall determine and maintain adequate level of liquidity in each accounts based on client-defined constraints and/or circumstances or product specifications.

A

True

58
Q

What are the Tools for Liquidity Risk Management?

A
  1. Client Liquidity Evaluation: Liquidity Needs
  2. Investment Liquidity Evaluation
  3. Liquidity Contingencies
  4. Contingency Liquidation Plan (CLP)
  5. Liquidity Stress Testing
59
Q

This liquidity tool requires the clients to specify their liquidity requirements. These requirements should be anticipated whenever possible to cover for both clients and TBG requirements such as payment of trust fees, withholding tax and out-of-pocket expenses.

A

Client Liquidity Evaluation: Liquidity Needs

60
Q

This tool puts premium on the liquidity profile of its investment outlets. This is evident in the internal rating systems which includes liquidity ratios assessment.

A

Investment Liquidity Evaluation

61
Q

This tool includes unanticipated withdrawal requests from clients. When the withdrawal levels become substantial and beyond the cash balance maintained for an account, the fund manager may be forced to liquidate investments at a loss. This will cause the fund’s value to drop and may signal even larger redemptions.

A

Liquidity Contingencies

62
Q

Thisl tool provides a framework for managing a liquidity crisis, which includes the identification of trigger events or early warning indicators, establishing response action plans and funding strategies, and defining roles and responsibilities of key personnel to ensure minimal (if any) long term adverse effects for TBG clients.

A

Contingency Liquidation Plan (CLP)

63
Q

The objective of this tool is to determine the level of robustness of funds in case of massive redemptions from investors and to what extent are funds and remaining investors affected in terms of resulting drop in NAVPU

A

liquidity stress-testing

64
Q

The limits-setting process is a/an ________ activity conducted by the TRSK and the TBG.

A

annual

65
Q

This process covers risk limits for which the TBG Management and BOD-level committees have control over (e.g. UITFs). These limits are subject to a periodic review to ensure that controls remain effective and relevant.

A

Limits Management

66
Q

True or False. Failure to respond to the advisory and/or address the breach within the specified turn-around time is considered as violation of the bank policies and operating procedures, subject to the investigation of Internal Audit Group (IAG) and the regular due process conducted by Special Actions Committee (SAC). Any or a combination of sanctions enumerated under the Bank’s General Code of Conduct may be imposed.

A

True

67
Q

__________ is the current and prospective risk to TBG’s earnings or capital arising from violation of laws, rules and regulations of regulatory authorities, prescribed practices or sound fiduciary principles, internal policies and procedures, and prudent ethical standards.

A

Compliance risk

68
Q

Compliance Risk:

A
  1. exposes TBG to fines, payment of damages, and the voiding of contracts.
  2. this can lead to curtailed business opportunities, reduced expansionary potential, unenforceability of contract or even adversely affect TBG’s reputation.
68
Q

Compliance Risk Management includes:

A
  1. Compliance Program
  2. Management Review System
  3. Gap Analysis
69
Q

The negative public opinion can cause:

A

(a) clients to question or doubt TBG’s integrity to engage in fiduciary activities which can result in the termination of fiduciary relationships,
(b) litigation costs to increase, or
(c) revenues to decline.

69
Q

This _____ is the deviation from the expected outcome which can be positive, negative or both

A

effect

69
Q

True or False. TBG manages reputation risk by making sure that the entire TBG Risk Management Framework is active and effective.

A

true

70
Q

TBG Basic Principles in Reputation Risk Management

A
  1. Promote a sound and ethical culture through its Sound Operational Control Environment and will practice self-policing in different levels and venues of the organization.
  2. Practice due diligence across activities from sales to account termination.
  3. Keep pace and respond well to market or regulatory changes. Anticipation is key in laying down the best possible course of actions to manage risks.
  4. Fidelity to the clients will be above all other interests of TBG.
  5. Brand image protection shall be a major consideration in setting business strategies.
  6. Compliance to laws, rules and regulations of regulatory authorities, prescribed practices or sound fiduciary principles, internal policies and procedures, and prudent ethical standards shall not be compromised.
70
Q

What is included in the Reputation Risks?

A
  1. Strategic Risk Management
  2. Operational Risk Management
  3. Credit Risk Management
  4. Market Risk Management
  5. Liquidity Risk Management
  6. Compliance Risk Management
70
Q

___________ is the current and prospective risk to TBG’s earnings and capital arising from negative publicity regarding the financial institution’s fiduciary business practices.

A

Reputation risk

70
Q

True or False. Public Perception is not an issue in the fiduciary business.

A

False. Since the public’s perception is critical in the fiduciary business, TBG shall exercise an abundance of caution in dealing with clients and the public in general.

71
Q

The effect of uncertainty on objectives.

A

Risk

72
Q

___________ issued in _____ used the 3 Lines of Defense Model to emphasize on the accountabilities at each level to ensure effective management of Operational Risks.

A

BSP Circular 900; 2016

72
Q

unknown information relating to an event

A

uncertainty

72
Q

Who is responsible for assisting the business unit to fully comply with the circular 900

A

1st Line: Business Risk Manager (BRM)

72
Q

The business line management and personnel as the first line of defense should be responsible on a day-to-day basis for identifying, managing and reporting operational risks inherent in the products, activities, processes and systems for which they are accountable. Who are this people?

A

1st Line: Business Unit (Risk Owner or a control owner)

73
Q

______________________ shall assist management in meeting its responsibility to understand and manage operational risk exposures and ensure the development and consistent implementation of operational risk policies, processes, and procedures throughout the Bank.

A

2nd Line: Operational Risk Management Division (ORD)

74
Q

______________________ performs independent assurance to efficiently assess/determine compliance with Bank policies, procedures and regulatory requirement; assess the adequacy and effectiveness of internal control; and recommend control measures that will promote operational efficiency and mitigate risks in the operations.

A

3rd Line: Internal Audit Group (IAG)

75
Q

Risk Management Process wherein it Identifies the sources of risk, areas of impact, events and their causes and potential consequences

A

Identification

75
Q

Risk Management Process wherein it quantifies the current level of risk by using different tools and techniques

A

Measurement

76
Q

Risk Management Process wherein it establishes and communicates risk limits through policies and procedures

A

Control

76
Q

Risk Management Process wherein it track and reports the exposures to monitor our compliance with risk tolerance standards

A

Monitoring

76
Q

Risks under Market Risk

A
  • Equity Price Risk
  • Interest Rate Risk
  • Currency Risk
  • Commodity Risk
77
Q

It is the potential reduction in value of a portfolio due to changes in financial market prices and rates.

A

Market Risk

78
Q

Risks under Credit Risks

A
  • Downgrade Risk
  • Bankruptcy Risk
78
Q

Risk arising from an obligor’s failure to meet the terms of any contract

A

Credit Risk

79
Q

It may arise if TBG is unable to liquidate assets quickly with minimal loss in value

A

Liquidity Risk

80
Q

Risks under Operational Risk

A
  • Process
  • People
  • System
  • External Events
81
Q

may arise from adverse business decisions, improper implementation of decisions and lack of responsiveness to industry changes

A

Strategic Risk

82
Q

may arise from an unintentional or negligent failure to meet a professional (legal) obligation to specific clients, or from the nature or design of a product

A

Legal Risk

83
Q

may arise from negative publicity regarding the FI fiduciary business practices

A

Reputational Risk

84
Q

Violation of laws, rules and regulations of regulatory authorities

A

Compliance Risk

85
Q

What are the different Types of Risk under TBG?

A
  • Market Risk
  • Credit Risk
  • Liquidity Risk
  • Operational Risk
  • Strategic, Legal, Reputational, Compliance Risk
85
Q

What are the risks borne by the client?

A
  • Market Risk
  • Credit Risk
  • Liquidity Risk
86
Q

Operational risks leaves out _______ and _______ risks in part because they can be difficult to measure quantitatively

A

reputational and strategic risks

87
Q

The _____________ recommends three approaches that could be adopted by firms to build a capital buffer that can protect against operational risk losses.

A

Basel committee

88
Q

3 approaches as per the Basel Committee

A
  1. Basic Indicator Approach
  2. Standardized Approach
  3. Advanced Measurement Approach
89
Q

Under the basic indicator approach, the amount of capital required to protect against operational risk losses is set equal to ____ of annual gross income over the previous ____ years.

A

15%; three

90
Q

Under this approach, the FI activities classified into eight business lines then average gross income for each business line is then multiplied by the line’s beta factor. After that, the capital results from all eight business lines are summed up.

A

Standardized Approach

91
Q

Requirements of the bank in order to use the standardized approach:

A
  • Have an operational risk management function tasked with identification, assessment, monitoring, and control of operational risk.
  • Consistently keep records of losses incurred in each business line
  • Regularly report operational risk losses incurred in all business lines
  • Install an operational risk management system that’s well documented
  • Regularly subject its operational risk management processes to independent reviews by both internal and external auditors
92
Q

Under the ________________, The Basel Committee on Banking Supervision has identified seven categories of operational risk

A

Advanced Measurement Approach

93
Q

encompasses acts committed internally that diverge from a firm’s interests

A

Internal Fraud

94
Q

encompasses acts committed by third parties. Commonly encountered practices include theft, check fraud, hacking, and unauthorized access to information

A

External Fraud

95
Q

this category has much to do with intentional and unintentional practices that fail to meet a professional obligation to clients

A

Clients, products and business practices

96
Q

acts that go against laws put in place to safeguard the well-being of both employees and customers

A

Employment practices and work safety

97
Q

there are losses incurred to either natural phenomena like earthquake or human made events

A

Damage to physical assets

98
Q

this included supply-chain disruptions and system failures like power outages, software crashes, etc.

A

Business disruption and system failure

99
Q

this describes the failure to execute transactions and manage processes correctly. Issues such as data entry errors can cause unprecedented losses.

A

Execution, delivery and process management

100
Q

RM TOOLSfor OPERATIONAL RISK

A
  1. Risk Incident Reports (RIR)
  2. Process Risk Self-Assessment (PRSA)
  3. Key Risk Indicators (KRI)
  4. Business Continuity Plan (BCP)
  5. Business Risk Forum (BRF)
  6. Risk Assessment Questionnaire
  7. Audits and Assessments
101
Q

events, transactions or activities which subject the Bank to any form of potential, near-miss or actual risk exposures involving operational, reputational, compliance, information security or financial risks.

A

RISK INCIDENT REPORT

102
Q

Important Components of RIR

A

Refer to Slide 25 of BRM PresMat VF

103
Q

An internally driven activity to assess the risks and controls in the processes underlying a business unit’s operations.

A

PROCESS RISK SELF-ASSESSMENT (PRSA)

104
Q

BCP should be able to cover and establish linkages among its multiple components, such as _________, _____________, ___________, and ______________.

A

communication plan, crisis management plan, contingency funding plan, technology recovery plan.

104
Q

PRSA is an ______ exercise wherein business units evaluate their inherent risks (risks before considering controls), effectiveness of the control environment, and residual risks (risks after considering controls).

A

annual

104
Q

Documented plan detailing the orderly and expeditious process of recovery, resumption, and restoration of business functions in the event of disruption.

A

BUSINESS CONTINUITY PLAN (BCP)

104
Q

The BCPlan aims to:

A
  1. Ensure minimal disruption of operations
  2. Minimize financial losses
  3. Ensure timely resumption of normal operationss
105
Q

Phases of Business Continuity Management

A

Refer to slide 31 of BRM PresMat vF

106
Q

Discussion of roles during the emergency

A

Tabletop Exercise / Structured Walk-though Test

107
Q

Desk-based walkthrough of the plan (videos, presentations)

A

Walk-Through Drill / Simulation Test

108
Q

A telephone procedure which can be used to notify personnel of an emergency

A

Communication / Call Tree Test

109
Q

a series of tests that focus on the miscellaneous components of BCP (availability of plan, retrieval of vital hard copy records from offsite locations, contact suppliers and others ; confirm alternate site readiness

A

Component Test Exercise

109
Q

Test the capability of personnel, systems, and facilities located in alternate sites

A

Alternate Site Test / Exercise

110
Q

Involves the actual mobilization of personnel to other sites in an attempt to establish communications and perform processing as set forth in the plans

A

Functional Drill / Parallel Test

111
Q

an exercise done at full capacity where all critical personnel are involved in the test

A

Enterprise-wide Full-interruption / Full-Scale Test

112
Q

KEY RISK INDICATORS

A
  • Identify leading or predictive indicators that will allow management to anticipate and mitigate potential impact to the organization
  • Identify major operational risks or loss events that affected the business unit
  • Work backwards to identify the intermediate and root cause events or causal drivers
113
Q

Audits and Other Assessments

A

BSP Audit

Internal Audit

External Audit

Independent Compliance Testing

ISABRA

AML Audit

Privacy Impact Assessment (PIA)

Fraud Risk Assessment

Other Regulators (BIR, IC, SEC, etc.)

114
Q

Business Risk Forum

A

Refer to slide 35 of BRM PresMat vF