Integration of risk appetites with RCSAS, ICARA and wind down
Abstract
Risk appetite statements (RAS) were historically treated as standalone theoretical documents rather than integrated risk management tools used to monitor the aggregated major business risk exposures. Over the past several years, the RAS has continued to mature and further embedded itself into the overall risk framework by strengthening its connections with the day-to-day risk management (risk and control self-assessment [RCSA]), risk culture, Internal Capital Adequacy and Risk Assessment (ICARA) and wind down (WD) activities. To support this continued evolution in risk management overall, the Financial Conduct Authority (FCA) established the Investment Firms Prudential Regime (IFPR) for Markets in Financial Instruments Directive (MiFID) Investment Firms on 1st January, 2022.1 The new IFPR rules are documented in the FCA Handbook under ‘MIFIDPRU Prudential sourcebook for MiFID Investment Firms’.2 These rules and supporting guidance provide a rich source of principles of where expected integrations and maturing of the various risk tools should exist, such as the RAS that should integrate with a company’s business model, capital, liquidity and associated other risk assessments. However, more work is needed within companies to fully integrate the RAS to maximise its full benefits within the business. Particularly in driving better aggregated risk assessments, proactive risk management decisions, remediation, escalating major concerns, meeting regulatory requirements and initiating top-down management actions as well as better business decision-making. The FCA published their IFPR Implementation observations3 stating: ‘Some firms did not adequately assess the risks they face or use these assessments to inform elements of their ICARA process including their risk appetite, risk indicator triggers, early warning indicators, stress testing scenarios, and the estimates of own funds and liquid assets required’ and ‘appetite thresholds and trigger points help firms anticipate problems, take effective steps to prevent them and rectify problems when they occur. It is therefore essential that they are aligned to the firm’s own understanding of its risks’. This paper provides a practical solution to robustly integrate the RAS with bottom-up and top-down risk management processes and tools. This paper builds on the historic papers published in the Journal of Securities Operations and Custody (JSOC) as noted below. The risks discussed in this paper are those carried by the investment company and not those carried by its clients.This article is also included in The Business & Management Collection which can be accessed at https://hstalks.com/business/.
The full article is available to subscribers to the journal.
Author's Biography
Liezl De Villiers Getz is the Head of Non-Financial Risk (Asset Management) at M&G Investments. She is responsible for setting the overall non-financial risk approach and providing the strategic direction on all non-financial risk matters, globally, for the asset management business. She was previously the Head of Operational Risk at Aviva Investors. She started her career at KPMG (South Africa) in its financial services audit division and formed part of the Financial Engineering Group responsible for specialist expertise in risk management and quantification of financial instruments and investment structures. She joined KPMG (UK) where her primary focus was the development and implementation of risk management and control frameworks, policies and processes as well as technical reviews of internal controls reports before she joined Aviva Investors. She holds a Bachelor’s in Accounting Honours degree from the University of Stellenbosch and is a qualified Chartered Accountant registered with the South African Institute of Chartered Accountants. Additionally, she is a member of the Institute of Operational Risk, a member of the Investment Association’s Prudential Committee and an editorial Board member of Journal of Securities Operations and Custody (JSOC).
