Transcript Hany Faidy
Compliance Risk Self Assessment
Model
Compliance Risk - Definition
The risk to earnings or capital arising from violations
of, or nonconformance with laws, rules, regulations,
prescribed practices, or ethical standards.
Compliance risk also arises in situations where the
laws or rules governing certain bank products or
activities of the bank's clients may be ambiguous or
untested.
4/13/2015
2
Compliance Risk Assessment Phases
• Bank should periodically assess Compliance risk impact
• Bank should measure the magnitude of potential loss;
Reputation
Regulatory
Operational
Legal / Error
• There are three main phases to assess the compliance risk
Phase 1:
Data Collection
Phase 2:
Compliance Analysis
Phase 3:
Communicating Compliance Risk
4/13/2015
3
Phase 1 : Data Collection
Step One: Products and Services
Make a list of all products and related services that are offered.
Step Two: Systems and Controls
List all types of Controls related to each product in
questionnaire format
Interview Department Management to identify controls
4/13/2015
4
Phase 2: Compliance Analysis
• Compliance convert business response to:
Regulatory Risk
Reputation Risk
Operational Risk
Probability of Error Risk
• Compliance to prepare Inherent & Residual Risks levels
5
4/13/2015
Phase 3 :Communicating Compliance Risk
Step One: Align with Business
Compliance will call for meeting with Business head
Compliance will present their analysis and identify Compliance
High Risk issues
Business to demonstrate probability of risk change over next 12
months
Document Corrective actions plan
Step Two: Escalation Process
Compliance will escalate Compliance issues with increasing risk
level.
4/13/2015
6
Outcome
What are the biggest compliance risk facing your
bank/division/department
What about the next three years
Risk definition / description
Current controls
4/13/2015
7