The Reference Criteria
The DNB is open about the manner in which it assesses banks that use the standardized approach. The reference framework (Reference Framework 2015) ) is available to the bank itself, allowing it to periodically perform a self-assessment of (parts of) its own organization on the basis of the Reference Framework criteria. The assessment is based on a number of subjects, including:
|Policies & procedures;|
|Identification & assessment;|
|Reporting, Monitoring & Disclosure;|
|Control & Mitigation;|
The maturity level of each criterion depends on the degree to which a criterion can be met. A four-point ordinal scale is used for this purpose. The assessment will eventually result in a complete overview of possibilities for improvement.
Is performing this Risk Assessment worthwhile?
We think it is. It provides a clear understanding of how you are perceived by the supervisory authority. Nevertheless, we believe that this reference framework may be relevant to the purpose and existence of ORM, but that it says nothing about the operational aspects of your bank. In practice, banks have obviously implemented many control measures to avoid risks.
How can CERRIX help you with this?
We can help you carry out these self-assessments and generate a report. It would be even better if we could incorporate this self-assessment in our CERRIX tooling. In the latter case, we will supply the DNB Assessment Framework as a standard Control Framework. You can then periodically reassess the test to monitor the extent to which the ORM is developing within your organisation. Improvement actions can be meticulously monitored. Obviously, this will also help you with generating reports to the supervisory authority.
Leave a message here , so we can contact you.