Risk control
Category: Corporate Governance
The bank should establish and communicate risk limits through policies, standards, and/or procedures that define responsibility and authority. These control limits should be meaningful management tools that can be adjusted if conditions or risk tolerances change. The bank should have a process to authorize exceptions or changes to risk limits when they are warranted. Risk control has a wider range than risk management. The latter is often defined as hedging or neutralizing the financial risks that result from one or a series of transactions. Risk control is the entire process of policies, procedures and systems a bank needs to manage prudently all risks resulting from its financial transactions, and to ensure that they are within the bank’s risk appetite. To avoid conflicts of interests, risk control should be separated from and sufficiently independent of the business units, which execute financial transactions. In some banks, risk control work is carried out by independent risk management units rather than specially-named risk control sections. Example The example of the element of credit risk control system can be the set procedures on regular reporting to oversight bodies (Senior credit officer, Management board, Supervisory council) on large exposures, overdue or non performing loans, interest yields etc. Internal audit of credit transactions would also be an element of credit risk control.