Читать книгу Non-financial Risk Management in the Financial Industry - Группа авторов - Страница 114

To enable support for business decisions, a firm’s RAF should be underpinned by a strong governance framework, with clear roles for all stakeholders involved at every level of the institution (board, senior management, business lines, risk and control functions, legal entities etc.).[12] As was also highlighted by the Single Supervisory Mechanism, the responsibilities of all stakeholders should be clearly stated and described in the RAF documentation.[13]

As part of the overall corporate governance framework, risk appetite statements are expected to be used to promote robust discussions on risk and strategic issues not only on the board but also together with risk management and compliance functions.

The RAF should also be cascaded within the institution. This means that risk appetite statements should be established for business lines and entities in order to ensure that their strategy and risk limits, as relevant, align with the institution-wide risk appetite statement. The EBA has made clear that internal policies and the risk culture should convey the straightforward message that the management board expects activities not to go beyond the defined risk appetite thresholds.[14] The RAF is a group-driven exercise, usually performed annually.