Verfügbarkeit: Non-financial risk management in the financial industry

Non-financial risk management in the financial industry: a target operating model for compliance and ESG Risks

Gespeichert in:

Bibliographische Detailangaben
Weitere Verfasser:	Gittfried, Norbert (HerausgeberIn), Lienke, Georg (HerausgeberIn), Seiferlein, Florian (HerausgeberIn), Leiendecker, Jannik (HerausgeberIn), Gehra, Bernhard (HerausgeberIn)
Format:	Buch
Sprache:	English
Veröffentlicht:	Frankfurt a.M. Frankfurt School Verlag 2022
Ausgabe:	1. Auflage
Schlagworte:	Risikomanagement Nachhaltigkeit Corporate Governance Umweltbezogenes Management Corporate Social Responsibility Finanzdienstleistungsinstitut Compliance-System Finanzbranche Finanzdienstleistung Finanzindustrie Bank Aufsatzsammlung
Online-Zugang:	Inhaltsverzeichnis
Beschreibung:	XXVI, 348 Seiten Illustrationen, Diagramme 24 cm x 17 cm
ISBN:	9783956471889 3956471881

Internformat

MARC


LEADER	00000nam a22000008c 4500
001	BV047489848
003	DE-604
005	20230313
007	t
008	210930s2022 gw a\|\|\| \|\|\|\| 00\|\|\| eng d
015			\|a 20,N40 \|2 dnb
016	7		\|a 1218179333 \|2 DE-101
020			\|a 9783956471889 \|c : circa EUR 79.90 (DE), circa EUR 82.20 (AT) \|9 978-3-95647-188-9
020			\|a 3956471881 \|9 3-95647-188-1
035			\|a (OCoLC)1277013689
035			\|a (DE-599)DNB1218179333
040			\|a DE-604 \|b ger \|e rda
041	0		\|a eng
044			\|a gw \|c XA-DE-HE
049			\|a DE-703 \|a DE-11 \|a DE-739 \|a DE-N2 \|a DE-473 \|a DE-188
084			\|a QB 300 \|0 (DE-625)141213: \|2 rvk
084			\|a QK 320 \|0 (DE-625)141644: \|2 rvk
084			\|a QP 150 \|0 (DE-625)141836: \|2 rvk
084			\|a QP 300 \|0 (DE-625)141850: \|2 rvk
084			\|a 650 \|2 23sdnb
245	1	0	\|a Non-financial risk management in the financial industry \|b a target operating model for compliance and ESG Risks \|c N. Gittfried, G. Lienke, F. Seiferlein, J. Leiendecker, B. Gehra (eds.)
250			\|a 1. Auflage
264		1	\|a Frankfurt a.M. \|b Frankfurt School Verlag \|c 2022
300			\|a XXVI, 348 Seiten \|b Illustrationen, Diagramme \|c 24 cm x 17 cm
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
650	0	7	\|a Risikomanagement \|0 (DE-588)4121590-4 \|2 gnd \|9 rswk-swf
650	0	7	\|a Nachhaltigkeit \|0 (DE-588)4326464-5 \|2 gnd \|9 rswk-swf
650	0	7	\|a Corporate Governance \|0 (DE-588)4419850-4 \|2 gnd \|9 rswk-swf
650	0	7	\|a Umweltbezogenes Management \|0 (DE-588)4201709-9 \|2 gnd \|9 rswk-swf
650	0	7	\|a Corporate Social Responsibility \|0 (DE-588)7697760-2 \|2 gnd \|9 rswk-swf
650	0	7	\|a Finanzdienstleistungsinstitut \|0 (DE-588)4535644-0 \|2 gnd \|9 rswk-swf
650	0	7	\|a Compliance-System \|0 (DE-588)4442497-8 \|2 gnd \|9 rswk-swf
653			\|a Risikomanagement
653			\|a Finanzbranche
653			\|a Nachhaltigkeit
653			\|a Finanzdienstleistung
653			\|a Finanzindustrie
653			\|a Bank
655		7	\|0 (DE-588)4143413-4 \|a Aufsatzsammlung \|2 gnd-content
689	0	0	\|a Finanzdienstleistungsinstitut \|0 (DE-588)4535644-0 \|D s
689	0	1	\|a Umweltbezogenes Management \|0 (DE-588)4201709-9 \|D s
689	0	2	\|a Corporate Social Responsibility \|0 (DE-588)7697760-2 \|D s
689	0	3	\|a Corporate Governance \|0 (DE-588)4419850-4 \|D s
689	0	4	\|a Nachhaltigkeit \|0 (DE-588)4326464-5 \|D s
689	0	5	\|a Compliance-System \|0 (DE-588)4442497-8 \|D s
689	0	6	\|a Risikomanagement \|0 (DE-588)4121590-4 \|D s
689	0		\|5 DE-604
700	1		\|a Gittfried, Norbert \|0 (DE-588)1218706295 \|4 edt
700	1		\|a Lienke, Georg \|0 (DE-588)1188243942 \|4 edt
700	1		\|a Seiferlein, Florian \|0 (DE-588)1262418763 \|4 edt
700	1		\|a Leiendecker, Jannik \|0 (DE-588)1262419077 \|4 edt
700	1		\|a Gehra, Bernhard \|0 (DE-588)130583162 \|4 edt
710	2		\|a Frankfurt School Verlag GmbH \|0 (DE-588)106429586X \|4 pbl
776	0	8	\|i Erscheint auch als \|n Online-Ausgabe, PDF \|z 978-3-95647-190-2
776	0	8	\|i Erscheint auch als \|n Online-Ausgabe, EPUB \|z 978-3-95647-189-6
776	0	8	\|i Erscheint auch als \|n Online-Ausgabe, MOBI \|z 978-3-95647-191-9
856	4	2	\|m DNB Datenaustausch \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=032891163&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
999			\|a oai:aleph.bib-bvb.de:BVB01-032891163

Datensatz im Suchindex

_version_	1804182814271209472
adam_text	TABLE OF CONTENTS TABLE OF CONTENTS ...................................................................................................... V EDITORS ...................................................................................................................... XXI CONTRIBUTORS ........................................................................................................... XXII FOREWORD ................................................................................................................. XXV 1 INTRODUCTION: RISING TO THE CHALLENGES OF NON-FINANCIAL RISK MANAGEMENT, COMPLIANCE AND ESG ................................................... 1 PROF. DR. DOUGLAS ARNER, DR. BERNHARD GEHRA, JANNIK LEIENDECKER, DR. GEORG LIENKE 1.1 NEW RISKS AND CHALLENGES ........................................................................ 1 1.2 A FORWARD-LOOKING SOLUTION FOR NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY ...................................................................... 2 1.3 DEFINING AND ALIGNING NON-FINANCIAL RISK CATEGORIES ............................ 2 1.4 ESTABLISHING A NON-FINANCIAL RISK APPETITE FRAMEWORK TO PREVENT AN UNDESIRABLE RISK-TAKING .................................................................. 3 1.5 BUILDING KEY GOVERNANCE AND ORGANISATIONAL PILLARS FOR NON-FINANCIAL RISK MANAGEMENT .............................................................................. 3 1.6 GENERATING EXCELLENCE IN THE NON-FINANCIAL RISK MANAGEMENT LIFECYCLE 4 1.7 USING DATA, IT AND ARTIFICIAL INTELLIGENCE ............................................... 5 1.8 PUTTING CONDUCT AND ETHICS AT THE CENTRE OF SUSTAINABLE NON-FINANCIAL RISK MANAGEMENT ..................................................................................... 6 1.9 ENVIRONMENT, SOCIAL AND GOVERNANCE: IMPLICATIONS FOR EFFECTIVE RISK MANAGEMENT ............................................................................................ 7 2 DEFINITION OF NON-FINANCIAL RISK IN FINANCIAL INSTITUTIONS ..................... 9 MARTINA MIETZNER, DR. JULIA GEBHARDT, DR. KATHARINA HEFTER, JENNIFER RABENER, DR. CARSTEN WIEGAND 2.1 INTRODUCTION ............................................................................................ 9 2.2 HISTORY OF NON-FINANCIAL RISK AND SPECIFICATIONS BY KEY REGULATORS ... 11 2.2.1 A SHORT HISTORY OF NON-FINANCIAL RISK ........................................ 12 2.2.2 EXISTING NON-FINANCIAL RISK SPECIFICATIONS BY KEY GLOBAL AND REGIONAL REGULATORS AND ASSOCIATIONS .......................................... 15 2.3 DIFFERENTIATION OF FINANCIAL AND NON-FINANCIAL RISK .............................. 16 2.3.1 FINANCIAL RISK DEFINITION ............................................................ 17 2.3.2 NON-FINANCIAL RISK DEFINITION .................................................... 18 NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY 2.4 SPECIFIC CLUSTERS OF NON-FINANCIAL RISK .................................................... 18 2.4.1 OPERATIONAL RISK .......................................................................... 21 2.4.1.1 FINANCIAL CRIME RISK ...................................................... 21 2.4.1.1.1 MONEY-LAUNDERING/TERRORIST FINANCING RISK 22 2.4.1.1.2 SANCTIONS AND EMBARGOES RISK ................... 22 2.4.1.1.3 BRIBERY AND CORRUPTION RISK ....................... 23 2.4.1.1.4 FACILITATION OF TAX EVASION ........................... 23 2.4.1.2 CONDUCT RISK ................................................................ 24 2.4.1.2.1 MARKET CONDUCT RISK .................................. 24 2.4.1.2.2 CLIENT CONDUCT RISK .................................... 25 2.4.1.2.3 EMPLOYEE CONDUCT RISK ............................... 25 2.4.1.3 REGULATORY COMPLIANCE RISK ........................................ 25 2.4.1.4 FRAUD RISK ...................................................................... 26 2.4.1.4.1 ACCOUNT-OPENING FRAUD RISK ....................... 27 2.4.1.4.2 DEBT/CREDIT CARD FRAUD RISK ......................... 27 2.4.1.4.3 FRAUDULENT PAPER-BASED PAYMENT TRANS ACTIONS RISK .................................................. 28 2.4.1.4.4 ONLINE BANKING FRAUD RISK ......................... 28 2.4.1.4.5 CREDIT FRAUD RISK ......................................... 28 2.4.1.4.6 THEFT RISK ..................................................... 28 2.4.1.4.7 EMBEZZLEMENT/BREACH OF TRUST RISK ........... 28 2.4.1.4.8 ANTITRUST VIOLATION RISK ............................... 29 2.4.1.4.9 BALANCE SHEET MANIPULATION ....................... 29 2.4.1.5 INFORMATION, COMMUNICATION & TECHNOLOGY (ICT) AND CYBER RISK .............................................................. 29 2.4.1.5.1 DATA CONFIDENTIALITY RISK ............................. 31 2.4.1.5.2 DATA AVAILABILITY RISK ................................... 32 2.4.1.5.3 DATA INTEGRITY RISK ....................................... 32 2.4.1.5.4 INFORMATION SECURITY RISK ........................... 32 2.4.1.6 DATA PRIVACY AND BANK SECRECY RISK ............................ 33 2.4.1.6.1 DATA PRIVACY RISK ......................................... 33 2.4.1.6.2 BANK SECRECY RISK ......................................... 34 2.4.1.7 RESILIENCE RISK .............................................................. 34 2.4.1.8 OUTSOURCING AND VENDOR RISK ...................................... 35 2.4.1.8.1 INTRAGROUP OUTSOURCING RISK ....................... 36 2.4.1.8.2 EXTERNAL OUTSOURCING RISK ........................... 36 2.4.1.8.3 VENDOR RISK ................................................. 37 2.4.1.9 TAX REPORTING RISK ........................................................ 37 2.4.1.10 OTHER OPERATIONAL RISK ................................................ 37 2.4.1.10.1 HUMAN RESOURCES RISK ............................... 37 2.4.1.10.2 LEGAL RISK ................................................... 37 2.4.1.10.3 PHYSICAL DAMAGE RISK ................................. 38 2.4.1.10.4 EXECUTION, DELIVERY AND PROCESS RISK ....... 38 2.4.1.10.5 REPORTING RISK ........................................... 38 2.4.1.10.6 ACCOUNTING RISK ......................................... 39 TABLE OF CONTENTS 2.4.1.10.7 PROJECT RISK ............................................... 39 2.4.1.10.8 COMPETITION LAW RISK ............................... 39 2.4.1.10.9 MODEL RISK ................................................. 39 2.4.2 STRATEGIC RISK ................................................................................ 40 2.4.2.1 REPUTATIONAL RISK ......................................................... 40 2.4.2.2 SUSTAINABILITY RISK ....................................................... 41 2.4.2.2.1 CLIMATE CHANGE RISK ................................. 41 2.4.2.2.2 HUMAN RIGHTS RISK ..................................... 42 2.4.2.3 BUSINESS RISK ............................................................... 42 2.4.2.3.1 FORECASTING RISK ....................................... 42 2.4.2.3.2 INORGANIC GROWTH RISK ................................ 43 2.4.2.3.3 NEW BUSINESS RISK ..................................... 43 2.4.2.3.4 INVESTOR RELATIONS RISK ............................. 43 2.5 CONCLUSION AND OUTLOOK ........................................................................ 43 3 RISK BOUNDARIES - SETTING AN ANALYTICAL RISK APPETITE FRAMEWORK FOR NON-FINANCIAL RISKS ............................................................................... 45 FEDERICO TRUFFELLI, DR. ULRICH GORES, LORENZO FANTINI, MICHELE RIGONI, LUCA RANCAN 3.1 INTRODUCTION ........................................................................................... 45 3.1.1 REGULATORY REQUIREMENTS ...................................................... 45 3.1.2 RAF IN PRACTICE ...................................................... 47 3.2 RAF LEVEL 1: OVERALL RISK APPETITE STATEMENT .................................. 49 3.2.1 OVERALL STATEMENT ......................................................................... 49 3.2.2 PROHIBITED ACTIVITIES ..................................................................... 51 3.3 RAF LEVEL 2: RISK APPETITE METRICS ...................................................... 51 3.3.1 DEFINING APPROPRIATE METRICS ..................................................... 51 3.3.2 METRICS: SETTING THE THRESHOLDS ................................................... 52 3.3.2.1 THRESHOLDS BASED ON BENCHMARK AND HISTORICAL INTERNAL LOSS DATA FOR A METRIC BASED ON OPERATIONAL LOSSES ............................................................. 53 3.3.2.2 THRESHOLDS BASED ON RESIDUAL RISK LEVELS FOR A METRIC BASED ON RISK ASSESSMENT ............................................. 54 3.4 RAF LEVEL 3: KEY RISK INDICATORS ........................................................ 55 3.4.1 SELECTING KEY RISK INDICATORS ...................................................... 55 3.4.1.1 CANDIDATE INDICATORS IDENTIFICATION ............................ 56 3.4.1.2 APPETITE TRACKING SUITABILITY ...................................... 56 3.4.1.3 EXPERT JUDGEMENT ........................................................ 56 3.4.2 KRIS: SETTING AND CALIBRATING THE THRESHOLDS ............................ 60 3.4.2.1 THRESHOLD CALIBRATION BASED ON HISTORICAL DATA ANALYSIS AND PERCENTILES .............................................. 60 3.4.2.2 THRESHOLD FINE-TUNING BASED ON BENCHMARKING AND BACKTESTING ..................................................... 62 VII NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY 3.5 RAF GOVERNANCE .................................................................................... 63 3.5.1 RAF DESIGN AND UPDATE ............................................................... 64 3.5.2 RAF MONITORING AND REPORTING ................................................... 65 3.5.3 RAF THRESHOLD BREACHES AND ESCALATION ..................................... 66 3.5.4 ACTION PLAN DEFINITION ................................................................ 68 4 THE THREE LINES OF DEFENCE MODEL: KEY SUCCESS FACTORS FOR EFFECTIVE RISK MANAGEMENT ................................................................................... 71 DR. OLIVER ENGELS, MARC PETER KLEIN, PETER GIIRTLSCHMIDT, DR. GEORG LIENKE, REI TANAKA 4.1 INTRODUCTION ............................................................................................ 71 4.2 REGULATORY FRAMEWORK IN SELECTED KEY JURISDICTIONS ............................ 72 4.2.1 EUROPEANUNION ........................................................................... 72 4.2.2 UNITED STATES OF AMERICA ............................................................. 73 4.2.3 HONG KONG ................................................................................... 73 4.2.4 SINGAPORE ....................................................................................... 73 4.2.5 RISK-TYPE-SPECIFIC QUALIFICATIONS OF THE 3LOD MODEL: FINANCIAL CRIME PREVENTION .............................................................. 74 4.2.5.1 EU: REMAINING COUNTRY-SPECIFIC VARIATION IN 1 ST AND 2ND LOD MANDATE .......................................................... 74 4.2.5.2 UNITED STATES OF AMERICA: BSA COMPLIANCE OFFICER .. 74 4.2.5.3 HONG KONG: MONEY LAUNDERING REPORTING OFFICER AND COMPLIANCE OFFICER .............................................. 75 4.3 KEY ROLES AND RESPONSIBILITIES OF 1 ST , 2ND AND 3 RD LOD ............................ 75 4.3.1 THE FIRST LINE OF DEFENCE: RISK OWNER ........................................... 76 4.3.1.1 SCOPE OF 1 ST LOD MANDATE ............................................ 76 4.3.1.1.1 RISK OWNERSHIP .......................................... 76 4.3.1.1.2 IMPLEMENTATION AND EXECUTION OF 1ST LOD CONTROLS ...................................................... 76 4.3.1.2 ALLOCATION OF 1 ST LOD RESPONSIBILITY .......................... 76 4.3.1.3 1 ST LOD RISK-COORDINATING FUNCTION (1.5 TH LOD) ........ 77 4.3.1.3.1 COORDINATION OF RISK MANAGEMENT ACTIVI TIES ................................................................ 77 4.3.1.3.2 INTERFACE TO 2ND LOD .................................. 77 4.3.1.3.3 REGULATORY ADVISOR .................................... 77 4.3.2 THE SECOND LINE OF DEFENCE: INTERNAL CONTROL FUNCTIONS ............ 78 4.3.2.1 SCOPE OF 2ND LOD MANDATE .......................................... 78 4.3.2.1.1 STANDARD SETTING ........................................... 78 4.3.2.1.2 TESTING OF 1 ST LOD CONTROLS ...................... 79 4.3.2.1.3 RISK ASSESSMENT ........................................... 79 4.3.2.1.4 TRAINING AND ADVISORY ................................. 79 4.3.2.2 RISK MATERIALITY AND CORRESPONDING INTENSITY OF 2ND LOD RISK OVERSIGHT ........................................................ 79 VIII TABLE OF CONTENTS 4.3.2.3 INDEPENDENCE OF 2 ND LOD RISK OVERSIGHT .................... 80 4.3.2.3.1 ORGANISATIONAL INDEPENDENCE ................... 80 4.3.2.3.2 FUNCTIONAL INDEPENDENCE ........................... 80 4.3.2.3.3 INTERNAL CONTROL FUNCTIONS PERFORMING 1ST LOD ACTIVITIES ............................................ 81 4.3.2.4 KEY SUCCESS FACTORS FOR EFFECTIVE 2ND LOD RISK OVERSIGHT ....................................................... 82 4.3.2.4.1 METHODOLOGY CONSISTENCY ACROSS 2 ND LOD FUNCTIONS .......................................... 82 4.3.2.4.2 BODIES AND COMMITTEES: ADEQUATE 2 ND LOD PARTICIPATION AND INFORMATION SHARING ........................................................ 83 4.3.2.4.3 APPOINTMENT OF PRIMUS INTER PARES NON FINANCIAL RISK GOVERNANCE FUNCTION . 84 4.3.3 THE THIRD LINE OF DEFENCE: INTERNAL AUDIT AS PROVIDER OF INDEPENDENT ASSURANCE ................................................................ 85 4.3.3.1 INDEPENDENT ASSURANCE ................................................ 85 4.3.3.1.1 ADEQUACY OF RISK MANAGEMENT FRAMEWORK 85 4.3.3.1.2 DESIGN AND OPERATING EFFECTIVENESS .......... 85 4.3.3.1.3 COMPLIANCE WITH REGULATORY REQUIREMENTS AND INTERNAL STANDARDS ............................... 86 4.3.3.2 ADVISING THE BOARD OF DIRECTORS .................................. 86 4.4 COMMON PITFALLS OF THE 3LOD MODEL AND PRECAUTIONARY MEASURES . . 86 4.4.1 INSUFFICIENT RISK OWNERSHIP BY 1 ST LOD ..................................... 86 4.4.2 LACK OF 2ND LOD EXPERTISE ........................................................... 87 4.4.3 INADEQUATE ASSURANCE BY 3 RD LOD ............................................... 87 4.5 CONCLUSION .............................................................................................. 88 5 GLOBAL FUNCTIONAL LEAD IN NON-FINANCIAL RISK MANAGEMENT: ENSURING CONSISTENCY AND INTEGRATION IN COMPLEX ORGANISATIONS .... 89 ULRIKE BROUZI, DR. MICHAEL LANGE, P. ROBERT MIESZKOWSKI, JANNIK LEIENDECKER, DR. GEORG LIENKE, FLORIAN SEIFERLEIN, NORBERT GITTFRIED, REI TANAKA 5.1 INTRODUCTION ............................................................................................ 89 5.2 REGULATORY FRAMEWORK IN SELECT KEY MARKETS ...................................... 91 5.2.1 EUROPEANUNION ........................................................................ 91 5.2.2 UNITED STATES OF AMERICA .......................................................... 91 5.2.3 HONG KONG .................................................................................. 92 5.2.4 SINGAPORE .................................................................................... 92 5.3 GLOBAL FUNCTIONAL LEAD: INDIVIDUAL CORPORATE PARAMETERS TO CONSIDER . 92 5.3.1 CORPORATE CULTURE ...................................................................... 92 5.3.2 ORGANISATION S COMPLEXITY ......................................................... 93 5.3.3 IT LANDSCAPE ................................................................................ 93 5.3.4 GEOGRAPHICAL FOOTPRINT .............................................................. 93 IX NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY 5.4 MAJOR COMPONENTS OF GLOBAL FUNCTIONAL LEAD IN NON-FINANCIAL RISK MANAGEMENT ...................................................................................... 93 5.4.1 OPERATING MODEL: STRIKING A BALANCE BETWEEN GLOBAL STANDARDS AND REGIONAL EXECUTION ................................................................ 94 5.4.1.1 REGULATORY HORIZON SCREENING .................................... 95 5.4.1.2 SETTING OF RISK-SPECIFIC STANDARDS ................................ 96 5.4.1.3 TRAINING AND ADVISORY .................................................. 97 5.4.1.4 CONTROLS BY THE 1 ST AND 2ND LINE OF DEFENCE .................. 97 5.4.1.5 NON-FINANCIAL RISK ASSESSMENT .................................... 98 5.4.1.6 NON-FINANCIAL RISK REPORTING ........................................ 99 5.4.1.7 GROUP RISK OVERSIGHT .................................................... 99 5.4.2 REPORTING LINES: ESTABLISHING IMPLEMENTATION ACCOUNTABILITY IN VERTICAL FUNCTIONS ............................................................................. 100 5.4.2.1 SOLID REPORTING LINES INTO LOCAL LEGAL ENTITY AND BRANCH 100 5.4.2.2 DOTTED REPORTING LINES INTO GLOBAL RISK MANAGEMENT ORGANISATION .................................................................. 101 5.4.3 MEETING GOVERNANCE: SUPPORTING EFFECTIVE MANAGEMENT OF A GLOBAL RISK FUNCTION ......................................................... 101 5.5 CONCLUSION ................................................................................................ 102 6 POLICIES AND PROCEDURES: FRAMEWORK AND GOVERNANCE REQUIREMENTS IN THE FINANCIAL SECTOR ................................................................................. 105 DR. ERASMUS FABER, BJORN STAUBER, DR. GEORG LIENKE 6.1 INTRODUCTION ............................................................................................. 105 6.2 REGULATORY FRAMEWORK IN SELECTED KEY JURISDICTIONS ............................. 105 6.2.1 EUROPEAN BANKING AUTHORITY (EBA) ........................................ 106 6.2.2 US REGULATORS .............................................................................. 106 6.2.2.1 THE FEDERAL RESERVE .................................................... 106 6.2.2.2 OFFICE OF THE COMPTROLLER OF THE CURRENCY .............. 107 6.2.3 HONG KONG MONETARY AUTHORITY .............................................. 107 6.2.4 MONETARY AUTHORITY OF SINGAPORE ............................................ 108 6.3 POLICY FRAMEWORK: KEY IMPLICATIONS FOR A TARGET CONCEPT .................... 109 6.3.1 STATUS QUO: NEED FOR STRUCTURED APPROACH .................................. 109 6.3.1.1 LACK OF A HARMONISED APPROACH .................................. 109 6.3.1.2 POLICY GAPS AND REDUNDANCIES ...................................... 109 6.3.2 POLICY FRAMEWORK: DESIGN CONCEPT AND HIERARCHIES .................. 110 6.3.2.1 DESIGN CONCEPT: KEY HYPOTHESES FOR AN EFFECTIVE POLICY FRAMEWORK ........................................................ 110 6.3.2.1.1 HARMONISED DESIGN APPROACH .................. 110 6.3.2.1.2 COMPLETENESS ............................................. 110 6.3.2.1.3 UNIFORM NAMING CONVENTION .................... 110 6.3.2.1.4 PRECISE WORDING ........................................... ILL 6.3.2.1.5 ASSIGNMENT OF RESPONSIBILITIES ................... ILL 6.3.2.1.6 GOVERNANCE RULES ......................................... ILL 6.3.2.1.7 LINKAGE TO INTERNAL PROCESSES AND CONTROLS 111 X TABLE OF CONTENTS 6 .2.2.2 SUGGESTED HIERARCHY LEVELS: KEY CRITERIA AND EXAMPLES 111 6.3.2.3 LEVEL ONE: OVERARCHING RISK STRATEGIES, POLICIES AND DOCUMENTS - RISK AND BUSINESS SEGMENT AGNOSTIC .... 112 6.2.2.3.1 KEY CRITERIA ................................................. 112 6.3.2.3.2 KEY RISK TYPE AND BUSINESS SEGMENT AGNOSTIC TOPICS .......................................... 112 6.3.2.4 LEVEL TWO: RISK-TYPE-SPECIFIC POLICIES AND PROCEDURES 113 6.3.2.4.1 KEY CRITERIA ................................................. 113 6.3.2.4.2 RISK-TYPE-SPECIFIC DOCUMENTS ................... 113 6.3.2.5 LEVEL THREE: CUSTOMER-RELATED AND BUSINESS-SPECIFIC POLICIES AND PROCEDURES ............................... 114 6.3.2.5.1 KEY CRITERIA ................................................ 114 6.3.2.5.2 CUSTOMER-RELATED AND BUSINESS-SPECIFIC TOPICS .......................................................... 115 6.3.2.6 LEVEL FOUR: POLICIES AND PROCEDURES IN INTERNATIONAL LOCATIONS ......................................................... 115 6.3.2.6.1 SCOPE OF APPLICABILITY: SUBSIDIARY COMPANIES AND BRANCH OFFICES . 115 6.3.2.6.2 KEY CRITERIA ................................................ 115 6.4 POLICY GOVERNANCE, REPOSITORY AND WORKFLOW TOOL .............................. 116 6.4.1 APPROVAL OF POLICIES AND PROCEDURES ........................................ 117 6.4.1.1 LEVEL ONE: BOARD OF DIRECTORS ....................................... 117 6.4.1.2 LEVEL TWO: RESPONSIBLE BOARD MEMBER ....................... 117 6.4.1.3 LEVEL THREE: SENIOR MANAGEMENT ON N-1 LEVEL ............ 117 6.4.1.4 LEVEL FOUR: GENERAL MANAGER OR 2ND LOD N-1 ............. 117 6.4.2 AUTHORSHIP, OWNERSHIP, CREATION AS WELL AS UPDATE OF POLICIES AND PROCEDURES ............................................................... 118 6.4.2.1 DOCUMENT AUTHORSHIP ................................................... 118 6.4.2.2 DOCUMENT OWNERSHIP ................................................... 118 6.4.2.3 DOCUMENT CREATION PROCESS ......................................... 118 6.4.2.4 STRINGENT MANAGEMENT OF UPDATE PROCESS .................... 118 6.4.2.4.1 REGULAR VALIDATION BASED ON TIME INTERVALS 119 6.4.2.4.2 AD HOC UPDATES .......................................... 119 6.4.3 POLICY REPOSITORY, INCLUDING WORKFLOW TOOL: CENTRALISED MANAGEMENT OF POLICIES AND PROCEDURES ..................... 119 6.4.3.1 FACILITATION OF ACCESS .................................................... 120 6.4.3.2 DOCUMENT LIFECYCLE MANAGEMENT .............................. 120 6.4.3.2.1 REGULAR VALIDATION OF DOCUMENTS ............ 120 6.4.3.2.2 AD HOC UPDATES .......................................... 120 6.4.3.2.2.1 CHANGES IN BUSINESS AND OPER ATING MODEL ......... 120 6.4.3.2.2.2 CHANGES IN REGULATORY FRAME WORK ........................................ 121 6.4.3.3 AUDIT-PROOF CHANGE LOG .............................................. 121 6.5 CONCLUSION ............................................................................................. 121 XI NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY 7 TOP-DOWN RISK AND CONTROL ASSESSMENT: A FORWARD-LOOKING APPROACH TO EVALUATE COMPANY-WIDE NON-FINANCIAL RISK EXPOSURE . 123 HURDOGAN IRMAK, BURCU NASUHOGLU, DR. ERASMUS FABER, LORENZO FANTINI, BENEDETTA TESTINO, JANNIK LEIENDECKER, BARBARA FOJCIK, DR. GEORG LIENKE 7.1 INTRODUCTION 123 7.2 TOP-DOWN VS. BOTTOM-UP: DIFFERENT APPROACHES BASED ON DESIRED OUTCOMES .......................................................................................... 124 7.2.1 APPROACHES: RISK-SPECIFIC FOCUS VS. OVERARCHING NON-FINANCIAL RISK COVERAGE ................................................................................ 124 7.2.1.1 BOTTOM-UP APPROACH: RISK-SPECIFIC, GRANULAR FOCUS .. 125 7.2.1.2 TOP-DOWN APPROACH: OVERARCHING, HOLISTIC NON FINANCIAL RISK COVERAGE ..................................... 125 7.2.2 POTENTIAL OUTCOMES: DIFFERENT SCOPE OF RISK-COVERAGE AND LEVEL OF GRANULARITY ................................................................. 126 7.3 KEY SUCCESS FACTORS: MAXIMISING THE EFFECTIVENESS OF TOP-DOWN RISK AND CONTROL ASSESSMENTS .................................................................. 126 7.4 REGULATORY FRAMEWORK, BEST PRACTICE AND STANDARD SETTER GUIDELINES . . 127 7.4.1 COSO ERM FRAMEWORK ............................................................. 127 7.4.2 BANK FOR INTERNATIONAL SETTLEMENTS ............................................. 128 7.4.3 EBA AND ECB ............................................................................... 128 7.5 METHODOLOGY OF TOP-DOWN RISK AND CONTROL ASSESSMENT: EVALUATION OF INHERENT RISK, CONTROL ADEQUACY AND RESIDUAL RISK ........................ 129 7.5.1 NON-FINANCIAL RISK TAXONOMY AS A STARTING POINT ...................... 129 7.5.2 MEASUREMENT OF INHERENT RISK .................................................... 129 7.5.2.1 CALCULATION OF SEVERITY ................................................ 130 7.5.2.1.1 ORGANISATION-SPECIFIC RISK INDICATORS .... 130 7.5.2.1.2 INDUSTRY ADJUSTMENTS ................................ 132 7.5.2.1.3 WEIGHTING OF RISK INDICATORS BASED ON DATA SOURCE RELIABILITY ........................................ 133 7.5.2.2 CALCULATION OF LIKELIHOOD ............................................ 133 7.5.2.3 INHERENT RISK MATRIX ...................................................... 134 7.5.3 MEASUREMENT OF INTERNAL CONTROL ADEQUACY .............................. 134 7.5.3.1 CONTROL INDICATORS ........................................................ 135 7.5.3.2 WEIGHTING OF CONTROL INDICATORS .................................. 136 7.5.3.3 CONTROL RATING .............................................................. 136 7.5.4 DETERMINATION OF RESIDUAL RISK ................................................... 137 7.6 BREAKOUT: BUILDING AN INSTITUTION-WIDE INTERNAL CONTROL SYSTEM .......... 138 7.6.1 INTRODUCTION ................................................................................. 138 7.6.2 ALTERNATIVE PATH TO BUILDING AN INTERNAL CONTROL FRAMEWORK: TOP-DOWN, RISK-BASED APPROACH ................................................ 138 7.6.3 FIVE-STEP APPROACH: BUILDING AN INTERNAL CONTROL FRAMEWORK .. 139 7.6.3.1 STEP 1: DETERMINATION OF NFR CRITICALITY .................... 139 7.6.3.2 STEP 2: MAPPING OF KEY RISKS TO PROCESS LANDSCAPE .. . 139 7.6.3.3 STEP 3: DEFINITION OF CONTROL OBJECTIVES, KEY CONTROLS AND CONTROL REPOSITORY .................................................. 140 XII TABLE OF CONTENTS 7.6.3.4 STEP 4: ASSESSMENT OF CONTROLS .................................... 140 7.6.3.5 STEP 5: DESIGN NFR CONTROL REPORT ............................ 141 7.7 APPROACH TO HANDLING RESIDUAL RISK ...................................................... 141 7.7.1 HIGH RESIDUAL RISK: PROJECT AND INVESTMENT IMPERATIVE TO MITIGATING RESIDUAL RISK ................................................. 142 7.7.2 MEDIUM-HIGH RESIDUAL RISK: ACTION PLAN TO REDUCE INHERENT RISK EXPOSURE ................................................................. 142 7.7 .3 MEDIUM-LOW RESIDUAL RISK: CONTINUOUS CONTROL TESTING AND SELECTED ACTION REQUESTED ............................................... 142 7.7.4 LOW RESIDUAL RISK: PERIODIC, RISK-BASED CONTROLS ...................... 142 7.8 INTEGRATED PROCESS TO PERFORM ANNUAL TOP-DOWN RISK AND CONTROL ASSESSMENT ....................................................................................... 143 7.8.1 PHASE 1: PRE-ASSESSMENT BY CONTROL FUNCTIONS .......................... 143 7.8.2 PHASE 2: ASSESSMENT BY BUSINESS SENIOR MANAGEMENT .............. 144 7.8.3 PHASE 3: VALIDATION AND REPORTING .............................................. 144 8 A TOP-DOWN APPROACH TO NON-FINANCIAL RISK REPORTING: COLLABORATION ACROSS RISK TYPES FOR SUSTAINABLE RISK STEERING ............ 145 VALERIE VILLAFRANCA, DR. GEORG LIENKE, FLORIAN SEIFERLEIN, KAI GAMMELIN, DR. KATHARINA HEFTER, NORBERT GITTFRIED 8.1 INTRODUCTION: THE IMPERATIVE OF TOP-DOWN NON-FINANCIAL RISK REPORTING ......................................................................................... 145 8.2 REGULATORY FRAMEWORK IN SELECTED KEY MARKETS .................................. 146 8.2.1 EUROPEANUNION ......................................................................... 146 8.2.2 UNITED STATES ............................................................................... 147 8.2.3 HONG KONG ................................................................................... 147 8.2.4 SINGAPORE .................................................................................... 148 8.3 CURRENT STATE OF NON-FINANCIAL RISK REPORTING: FORMATS WITH INCON SISTENT SCOPES AND METHODOLOGIES .................................................. 148 8.3.1 OPERATIONAL RISK REPORTS ............................................................ 148 8.3.2 ADDITIONAL 2ND LOD REPORTS ON SPECIFIC NON-FINANCIAL RISK TYPES ............................................................................... 149 8.3.3 REPORTS ON INTERNAL CONTROL SYSTEM .......................................... 150 8.4 KEY PARAMETERS OF TOP-DOWN NON-FINANCIAL RISK REPORTING: METHODOLOGY, REQUIRED INPUT AND RESULTS ...................................... 150 8.4.1 IDENTIFICATION AND EVALUATION OF KEY RISK INDICATORS ................ 151 8.4.1.1 DETERMINATION OF KEY RISK INDICATORS, THRESHOLDS AND POTENTIAL INPUT SOURCES ................................................ 151 8.4.1.1.1 STEP 1: UNDERSTAND RISK FACTORS ................. 151 8.4.1.1.2 STEP 2: IDENTIFY KEY RISK INDICATORS .......... 151 8.4.1.1.3 STEP 3: DERIVE INSTITUTION-SPECIFIC THRESH OLDS .............................................................. 151 XIII NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY 8.4.1.2 EXAMPLE KRIS: FINANCIAL CRIME RISK, OUTSOURCING RISK AND HUMAN RESOURCES RISK ............................................ 152 8.4.1.2.1 KEY RISK INDICATORS FOR FINANCIAL CRIME RISK .............................................................. 152 8.4.1.2.2 KEY RISK INDICATORS FOR OUTSOURCING RISK . . 154 8.4.1.2.3 KEY RISK INDICATORS FOR HUMAN RESOURCES RISK .............................................................. 154 8.4.1.3 EVALUATION OF KEY RISK INDICATORS ................................ 155 8.4.2 ASSESSMENT OF KEY CONTROLS AS RISK-MITIGATING MEASURES ........ 156 8.4.2.1 STEP 1: CAPTURING AND ALLOCATION OF CONTROLS .............. 156 8.4.2.2 STEP 2: ASSESSMENT OF CONTROLS ...................................... 158 8.4.3 DETERMINATION OF RESIDUAL RISK AND REQUIRED RISK-MITIGATING ACTIONS .............................................................................. 159 8.4.3.1 HIGH LEVEL OF RESIDUAL RISK ............................................ 160 8.4.3.2 MEDIUM LEVEL OF RESIDUAL RISK ...................................... 160 8.4.3.3 LOW LEVEL OF RESIDUAL RISK ............................................ 161 8.5 REPORTING PROCESS AND GOVERNANCE ........................................................ 161 8.5.1 GOVERNANCE ARRANGEMENTS .......................................................... 161 8.5.1.1 BOARD OF DIRECTORS ........................................................ 161 8.5.1.2 CHAIRMAN OF THE SUPERVISORY BOARD ............................ 161 8.5.1.3 CENTRAL REPORTING UNIT .................................................. 161 8.5.1.4 2ND LOD CONTROL FUNCTIONS ............................................ 162 8.5.1.5 OPERATIONAL RISK DEPARTMENT ...................................... 162 8.5.2 REPORTING PROCESS ........................................................................ 162 8.6 CONCLUSION ............................................................................................... 163 9 INTERNAL INVESTIGATIONS INTO CORPORATE MISCONDUCT: APPLYING AN INVESTIGATIVE APPROACH TO ENABLE PROACTIVE RISK OVERSIGHT .................... 165 LORA VON PLOETZ, FLORIAN SEIFERLEIN 9.1 INTRODUCTION ........................................................................................... 165 9.2 SELECTED LAWS, REGULATIONS AND STANDARDS ................................................ 166 9.2.1 SUPERVISORY SANCTION RELIEF BASED ON VOLUNTARY INVESTIGATION AND COOPERATION .............................................................. 168 9.2.1.1 JURISDICTIONS POTENTIALLY REDUCING SANCTIONS AND EN FORCEMENT ACTIONS DUE TO EFFECTIVE INVESTIGATION AND COOPERATION ..................................................... 168 9.2.1.2 JURISDICTIONS NOT EXPLICITLY PROVIDING A BONUS FOR SELF DISCLOSURE AND COOPERATION ........................... 170 9.2.1.3 JURISDICTIONS WHERE INVESTIGATIONS AND COOPERATION DO NOT CHANGE ASSESSMENT OF LAW ENFORCEMENT .......... 170 9.2.2 STATUTORY DISCLOSURE REQUIREMENTS ............................................. 171 9.2.3 INVESTIGATION STANDARDS AND REQUIREMENTS ................................. 172 XIV TABLE OF CONTENTS 9.3 CONCEPT FOR PROACTIVE RISK OVERSIGHT USING AN INVESTIGATIVE APPROACH 173 9.3.1 INVESTIGATION PROCESS .................................................................. 174 9.3.1.1 PROACTIVE RISK MANAGEMENT ........................................ 175 9.3.1.2 STRATEGIC AND TACTICAL INVESTIGATIONS ............................ 177 9.3.1.3 EXAMPLE: SANCTIONS-DRIVEN INVESTIGATIONS .................. 178 9.3.2 INFORMATION SHARING AND GLOBAL RISK MANAGEMENT .................. 181 9.3.2.1 HOW TO CONNECT NEEDLES IN THE SAME HAYSTACK (IN A FINANCIAL INSTITUTION) ............................................ 182 9.3.2.2 HOW TO CONNECT NEEDLES IN DIFFERENT HAYSTACKS (BETWEEN DIFFERENT FINANCIAL INSTITUTIONS) ... 183 9.4 SUCCESS FACTORS AND COMMON PITFALLS ...................................................... 185 10 TECHNICAL APPLICATION AND DATA ARCHITECTURE FOR NON-FINANCIAL RISK MANAGEMENT ........................................................................................... 187 KAI GAMMELIN, BJORN STAUBER, DR. CHRISTIAN N. SCHMID, DR. JAN-OLIVER FROHLICH, ANNIKA MELCHERT, DANIEL WAGNER 10.1 INTRODUCTION ........................................................................................... 187 10.1.1 A FRAGMENTED IT LANDSCAPE ........................................................ 187 10.1.2 IT S IMPACT ON DATA AVAILABILITY ................................................ 190 10.1.3 DATA AVAILABILITY ACROSS BORDERS ................................................ 190 10.1.4 ADDITIONAL CHALLENGES ASSOCIATED WITH GROUP COMPANIES ........ 190 10.2 REGULATORY REQUIREMENTS ........................................................................ 192 10.3 SIX CHALLENGES IN NFR MANAGEMENT AND REPORTING .............................. 193 10.3.1 CHALLENGE 1: THE LACK OF A DEFINED NFR-IT STRATEGY ................ 193 10.3.2 CHALLENGE 2: RESPONSIBILITY FOR AND EXECUTION OF NFR REPORT ING-RELATED ACTIVITIES (OPERATIONAL UNIT VS. NFR MANAGEMENT) 194 10.3.3 CHALLENGE 3: CONSISTENCY AND TRANSPARENCY OF IT ARCHITECTURE 195 10.3.4 CHALLENGE 4: ALIGNMENT OF DATA ARCHITECTURE FOR TRANSPARENCY ON DATA LINEAGE ............................................................... 196 10.3.5 CHALLENGE 5: IMPLEMENTING A SOLID IT TARGET ARCHITECTURE .... 197 10.3.6 CHALLENGE 6: COST-BENEFIT CONSIDERATIONS .................................. 197 10.4 A TARGET IT ARCHITECTURE FOR NFR .......................................................... 197 10.4.1 THE NFR ARCHITECTURE ECOSYSTEM .............................................. 200 10.4.2 DASHBOARDS AND REPORTING ........................................................ 200 10.4.3 OTHER KEY ENABLING TECHNOLOGIES .............................................. 201 11 DATA GOVERNANCE IN NON-FINANCIAL RISK MANAGEMENT .......................... 203 BJORN STAUBER, DR. CHRISTIAN N. SCHMID, DR. JAN-OLIVER FROHLICH, ANNIKA MELCHERT, DANIEL WAGNER 11.1 INTRODUCTION ........................................................................................... 203 11.2 REGULATORY REQUIREMENTS ........................................................................ 204 11.3 DATA GOVERNANCE TO SUPPORT NFR MANAGEMENT .................................. 204 11.3.1 DATA STRUCTURES .......................................................................... 205 11.3.2 TARGET OPERATING MODEL (TOM) .............................................. 206 11.3.3 DATA POLICIES .............................................................................. 207 11.3.4 DATA TOOLS .................................................................................. 207 XV NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY 11.4 SCALING UP STATE-OF-THE-ART NFR DATA GOVERNANCE ................................ 208 11.4.1 SPECIFIC ROLES AND RESPONSIBILITIES .............................................. 210 11.4.2 TOOL OPTIMISATION ........................................................................ 212 11.5 CONCLUSION ................................................................................................ 212 12 OPTIMISING EFFECTIVENESS AND EFFICIENCY: DEPLOYMENT OF ARTIFICIAL INTELLIGENCE IN NON-FINANCIAL RISK MANAGEMENT ................................ 213 DR. JOCHEN PAPENBROCK, DR. JOHN ASHLEY, DR. GEORG LIENKE, FLORIAN SEIFERLEIN, NORBERT GITTFRIED 12.1 INTRODUCTION ............................................................................................ 213 12.2 FINANCIAL SECTOR DIGITISATION: THE FRONT-TO-BACK CASE FOR AI ................ 213 12.2.1 DIGITAL TRANSFORMATION OF BUSINESS AND OPERATING MODELS .... 214 12.2.1.1 CHANGED CUSTOMER EXPECTATIONS AND BEHAVIOUR ........ 214 12.2.1.2 INCREASING EFFICIENCY CHALLENGES .................................. 214 12.2.2 IMPACT OF COVID-19 ................................................................ 214 12.2.2.1 ACCELERATOR OF DIGITISATION ............................................ 215 12.2.2.2 MODIFIED RISK ENVIRONMENT .......................................... 215 12.3 REGULATORY APPROACH TO ARTIFICIAL INTELLIGENCE ........................................ 216 12.3.1 OVERVIEW ..................................................................................... 216 12.3.1.1 EUROPEANUNION .......................................................... 216 12.3.1.1.1 EUROPEAN COMMISSION .............................. 216 12.3.1.1.2 EUROPEAN BANKING AUTHORITY .................. 217 12.3.1.1.3 NATIONAL FINANCIAL SUPERVISORS .................. 218 12.3.1.2 UNITED STATES ................................................................ 218 12.3.1.3 HONG KONG .................................................................. 219 12.3.1.4 SINGAPORE ...................................................................... 219 12.3.2 SUMMARY OF KEY REGULATORY EXPECTATIONS .................................. 219 12.3.2.1 GOVERNANCE .................................................................. 219 12.3.2.2 DESIGN AND DEVELOPMENT .............................................. 219 12.3.2.3 ONGOING MAINTENANCE .................................................. 220 12.4 MACHINE LEARNING ALGORITHMS: KEY LEARNING MODES AND EXAMPLES .... 221 12.4.1 SUPERVISED LEARNING ..................................................................... 223 12.4.2 UNSUPERVISED LEARNING ............................................................... 223 12.4.3 REINFORCEMENT LEARNING ............................................................. 223 12.4.4 DEEP LEARNING .............................................................................. 224 12.5 DEPLOYMENT OF AI IN NON-FINANCIAL RISK MANAGEMENT .......................... 225 12.5.1 FINANCIAL CRIME PREVENTION: BIOMETRIC CUSTOMER IDENTIFICATION, DYNAMIC CRR CALCULATION AND AL-BASED TRANSACTION SCREENING 225 12.5.1.1 KNOW YOUR CUSTOMER: AUTOMATED BIOMETRIC IDENTI FICATION OF CUSTOMERS .................................................... 225 12.5.1.2 DYNAMIC CALCULATION OF CUSTOMER RISK RATINGS: FASTER REACTION TO MATERIAL CHANGES IN CLIENT RISK PROFILES .. . 226 12.5.1.2.1 AUTOMATIC DATA IMPORT INTO THE CRR SYSTEM ........................................ 226 12.5.1.2.2 DYNAMIC RECALCULATION OF CUSTOMER RISK RATINGS ........................................ 227 XVI TABLE OF CONTENTS 12.5.1.3 NEGATIVE NEWS SCREENING: AL-SUPPORTED REDUCTION OF SCREENING EFFORTS .......................................................... 227 12.5.1.3.1 MATCHING OF CUSTOMER NAMES TO NEGATIVE NEWS ............................................................ 227 12.5.1.3.2 CONTEXTUAL PRE-EVALUATION OF NEWS ARTI CLES .............................................................. 228 12.5.1.4 SANCTIONS NAME SCREENING: AL-SUPPORTED REDUCTION OF FALSE POSITIVE ALERTS AND PRE-ASSESSMENT OF SCREEN ING ALERTS ......................................................... 228 12.5.1.4.1 REDUCTION OF FALSE POSITIVE ALERTS VIA FEED BACK LOOP .................................................... 229 12.5.1.4.2 PRE-ASSESSMENT OF GENERATED ALERTS AND OPTIMISATION OF MANUAL ALERT REVIEWS .... 229 12.5.1.5 SANCTIONS TRANSACTION SCREENING ................................. 230 12.5.1.6 AML TRANSACTION MONITORING: DEPLOYING ARTIFICIAL INTELLIGENCE TO MANUAL INVESTIGATIONS ........... 230 12.5.2 PREVENTION OF MARKET ABUSE: AL-BASED DETECTION OF IRREGULARI TIES IN SECURITIES TRADING ................................................. 231 12.5.2.1 BEHAVIOUR-BASED TRACKING OF TRADING PORTFOLIOS: AI- BASED DETECTION OF IRREGULAR TRANSACTIONS ... 231 12.5.2.2 AL-BASED ASSESSMENT OF TRADER S VOICE AND EMAIL COMMUNICATION ............................................. 232 12.5.3 MANAGEMENT OF AI (MODEL) RISK: KEY DISCIPLINE FOR DATA DRIVEN FINANCIAL INSTITUTIONS .......................................... 232 12.5.4 AI4ESG: TECH-DRIVEN SUSTAINABLE FINANCE ................................ 235 12.5.5 AI INFRASTRUCTURE FOR NON-FINANCIAL RISK MANAGEMENT ............. 236 12.6 CONCLUSION .............................................................................................. 239 13 CORE ELEMENTS OF CONDUCT AND ETHICS IN THE CONTEXT OF NON FINANCIAL RISK ........................................................................................... 241 DR. BARBARA ROTH, DR. ERASMUS FABER, DR. JULIA GEBHARDT, DR. KATHARINA HEFTER 13.1 CONDUCT RISK: DEFINITIONS, CHARACTERISTICS AND REGULATORY LANDSCAPE .. 241 13.1.1 CONDUCT AND COMPLIANCE, ETHICS VERSUS INTEGRITY .................... 241 13.1.1.1 FINDING COMMON GROUND: DEFINITION OF KEY TERMS .. 241 13.1.1.2 CONDUCT-BASED VERSUS INTEGRITY-BASED ETHICS ............ 243 13.1.1.3 AN INTEGRATIVE APPROACH FOR SYNTHESISING CONDUCT-/ COMPLIANCE-BASED AND INTEGRITY-BASED ETHICS ............ 244 13.1.2 WHAT IS MEANT WHEN WE TALK ABOUT CONDUCT RISK? .................. 246 13.1.2.1 NO UNIVERSAL DEFINITION .............................................. 246 13.1.2.2 THREE KEY TOPICS: MARKET, CLIENT AND EMPLOYEE CONDUCT RISK ................................................... 247 13.1.3 CONDUCT RISK IN THE NFR TAXONOMY ........................................ 249 XVII NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY 13.2 REGULATORY LANDSCAPE .............................................................................. 250 13.2.1 EUROPEAN PERSPECTIVE ................................................................. 252 13.2.1.1 EUROPEAN/UK REGULATORS ............................................ 252 13.2.1.2 OTHER EUROPEAN COUNTRIES .......................................... 257 13.2.2 US PERSPECTIVE ........................................................................... 260 13.2.3 ASIA-PACIFIC PERSPECTIVE ............................................................. 262 13.3 WHY CONDUCT RISK MATTERS ...................................................................... 265 13.3.1 INCREASED REGULATORY SCRUTINY ................................................... 265 13.3.1.1 FOCUS ON REGULATORY OVERSIGHT .................................... 265 13.3.1.2 FREQUENCY OF REGULATORY ACTIONS ................................ 266 13.3.2 SUPERVISORY AND LEGAL ACTIONS ................................................... 267 13.3.2.1 ACTIONS AGAINST FIRMS .................................................... 267 13.3.2.2 ACTIONS AGAINST INDIVIDUALS .......................................... 268 14 MANAGING CONDUCT RISK: FRAMEWORK AND PERSPECTIVES .......................... 271 PROF. DR. MARTIN SCHULZ, DR. JULIA GEBHARDT, DR. KATHARINA HEFTER, RENE BYSTRON 14.1 TRENDS AND PERSPECTIVES IN RESPECT OF CONDUCT RISK IN THE REGULATORY CONTEXT ...................................................................................................... 271 14.1.1 TREATING CUSTOMERS FAIRLY (TCF) .............................................. 271 14.1.2 SENIOR MANAGEMENT REGIMES AS EMERGING GLOBAL TRENDS IN CONDUCT RISK ...................................................................... 273 14.1.2.1 UK .................................................................................. 273 14.1.2.2 HONG KONG AND SINGAPORE .......................................... 275 14.1.2.3 MALAYSIA ........................................................................ 275 14.1.2.4 AUSTRALIA ........................................................................ 276 14.2 CONDUCT RISK MANAGEMENT AS INTEGRAL PART OF ESG ............................ 277 14.2.1 G LIKE CONDUCT .............................................................................. 277 14.2.2 NEW LEGISLATIVE FOCUS AND RECENT REGULATORY DEVELOPMENTS . . . 277 14.2.3 ACTIVITIES AT THE EU LEVEL ............................................................ 278 14.2.4 OPTIMISING ESG RISK MANAGEMENT ............................................ 280 14.3 MANAGING CONDUCT RISK ............................................................................ 281 14.3.1 THE CONDUCT RISK HOUSE .......................................................... 281 14.3.2 BUILDING A CONDUCT RISK FRAMEWORK ........................................ 282 15 SUCCESSFUL ESG TRANSITION: IMPLICATIONS AND CHALLENGES FOR EFFECTIVE RISK MANAGEMENT ................................................................................... 285 ANITA VARSHNEY, JANNIK LEIENDECKER, AYTECH PSEUNOKOV 15.1 INTRODUCTION ........................................................................................... 285 15.2 REGULATORY FRAMEWORKS IN SELECTED KEY JURISDICTIONS .......................... 287 15.2.1 GENERAL OVERVIEW ....................................................................... 287 15.2.2 EUROPEANUNION ......................................................................... 288 15.2.2.1 NON-FINANCIAL REPORTING DIRECTIVE & CORPORATE SUSTAINABILITY REPORTING DIRECTIVE .............................. 289 15.2.2.2 SUSTAINABLE FINANCE TAXONOMY ..................................... 290 XVIII TABLE OF CONTENTS 15.2.2.3 EU DISCLOSURE REGULATION .......................................... 293 15.2.2.4 EU PRUDENTIAL REGULATIONS ........................................ 293 15.2.3 UNITED STATES .............................................................................. 295 15.2.4 HONG KONG .................................................................................. 298 15.2.5 SINGAPORE .................................................................................... 299 15.3 SUSTAINABLE FINANCE: UPCOMING CHALLENGES FOR COMPANIES ..................... 300 15.4 TARGET PICTURE: EFFECTIVE MANAGEMENT OF ESG RISK .............................. 303 15.4.1 ESG STRATEGY ............................................................................... 303 15.4.2 GOVERNANCE AND ORGANISATION ................................................... 305 15.4.3 ESG RISK STEERING ....................................................................... 307 15.4.4 IDENTIFICATION OF ENABLING FACTORS ............................................. 310 15.4.5 ESG AS AN OPPORTUNITY .............................................................. 311 15.5 CONCLUSION .............................................................................................. 312 BIBLIOGRAPHY ............................................................................................................ 315 XIX
adam_txt	TABLE OF CONTENTS TABLE OF CONTENTS . V EDITORS . XXI CONTRIBUTORS . XXII FOREWORD . XXV 1 INTRODUCTION: RISING TO THE CHALLENGES OF NON-FINANCIAL RISK MANAGEMENT, COMPLIANCE AND ESG . 1 PROF. DR. DOUGLAS ARNER, DR. BERNHARD GEHRA, JANNIK LEIENDECKER, DR. GEORG LIENKE 1.1 NEW RISKS AND CHALLENGES . 1 1.2 A FORWARD-LOOKING SOLUTION FOR NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY . 2 1.3 DEFINING AND ALIGNING NON-FINANCIAL RISK CATEGORIES . 2 1.4 ESTABLISHING A NON-FINANCIAL RISK APPETITE FRAMEWORK TO PREVENT AN UNDESIRABLE RISK-TAKING . 3 1.5 BUILDING KEY GOVERNANCE AND ORGANISATIONAL PILLARS FOR NON-FINANCIAL RISK MANAGEMENT . 3 1.6 GENERATING EXCELLENCE IN THE NON-FINANCIAL RISK MANAGEMENT LIFECYCLE 4 1.7 USING DATA, IT AND ARTIFICIAL INTELLIGENCE . 5 1.8 PUTTING CONDUCT AND ETHICS AT THE CENTRE OF SUSTAINABLE NON-FINANCIAL RISK MANAGEMENT . 6 1.9 ENVIRONMENT, SOCIAL AND GOVERNANCE: IMPLICATIONS FOR EFFECTIVE RISK MANAGEMENT . 7 2 DEFINITION OF NON-FINANCIAL RISK IN FINANCIAL INSTITUTIONS . 9 MARTINA MIETZNER, DR. JULIA GEBHARDT, DR. KATHARINA HEFTER, JENNIFER RABENER, DR. CARSTEN WIEGAND 2.1 INTRODUCTION . 9 2.2 HISTORY OF NON-FINANCIAL RISK AND SPECIFICATIONS BY KEY REGULATORS . 11 2.2.1 A SHORT HISTORY OF NON-FINANCIAL RISK . 12 2.2.2 EXISTING NON-FINANCIAL RISK SPECIFICATIONS BY KEY GLOBAL AND REGIONAL REGULATORS AND ASSOCIATIONS . 15 2.3 DIFFERENTIATION OF FINANCIAL AND NON-FINANCIAL RISK . 16 2.3.1 FINANCIAL RISK DEFINITION . 17 2.3.2 NON-FINANCIAL RISK DEFINITION . 18 NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY 2.4 SPECIFIC CLUSTERS OF NON-FINANCIAL RISK . 18 2.4.1 OPERATIONAL RISK . 21 2.4.1.1 FINANCIAL CRIME RISK . 21 2.4.1.1.1 MONEY-LAUNDERING/TERRORIST FINANCING RISK 22 2.4.1.1.2 SANCTIONS AND EMBARGOES RISK . 22 2.4.1.1.3 BRIBERY AND CORRUPTION RISK . 23 2.4.1.1.4 FACILITATION OF TAX EVASION . 23 2.4.1.2 CONDUCT RISK . 24 2.4.1.2.1 MARKET CONDUCT RISK . 24 2.4.1.2.2 CLIENT CONDUCT RISK . 25 2.4.1.2.3 EMPLOYEE CONDUCT RISK . 25 2.4.1.3 REGULATORY COMPLIANCE RISK . 25 2.4.1.4 FRAUD RISK . 26 2.4.1.4.1 ACCOUNT-OPENING FRAUD RISK . 27 2.4.1.4.2 DEBT/CREDIT CARD FRAUD RISK . 27 2.4.1.4.3 FRAUDULENT PAPER-BASED PAYMENT TRANS ACTIONS RISK . 28 2.4.1.4.4 ONLINE BANKING FRAUD RISK . 28 2.4.1.4.5 CREDIT FRAUD RISK . 28 2.4.1.4.6 THEFT RISK . 28 2.4.1.4.7 EMBEZZLEMENT/BREACH OF TRUST RISK . 28 2.4.1.4.8 ANTITRUST VIOLATION RISK . 29 2.4.1.4.9 BALANCE SHEET MANIPULATION . 29 2.4.1.5 INFORMATION, COMMUNICATION & TECHNOLOGY (ICT) AND CYBER RISK . 29 2.4.1.5.1 DATA CONFIDENTIALITY RISK . 31 2.4.1.5.2 DATA AVAILABILITY RISK . 32 2.4.1.5.3 DATA INTEGRITY RISK . 32 2.4.1.5.4 INFORMATION SECURITY RISK . 32 2.4.1.6 DATA PRIVACY AND BANK SECRECY RISK . 33 2.4.1.6.1 DATA PRIVACY RISK . 33 2.4.1.6.2 BANK SECRECY RISK . 34 2.4.1.7 RESILIENCE RISK . 34 2.4.1.8 OUTSOURCING AND VENDOR RISK . 35 2.4.1.8.1 INTRAGROUP OUTSOURCING RISK . 36 2.4.1.8.2 EXTERNAL OUTSOURCING RISK . 36 2.4.1.8.3 VENDOR RISK . 37 2.4.1.9 TAX REPORTING RISK . 37 2.4.1.10 OTHER OPERATIONAL RISK . 37 2.4.1.10.1 HUMAN RESOURCES RISK . 37 2.4.1.10.2 LEGAL RISK . 37 2.4.1.10.3 PHYSICAL DAMAGE RISK . 38 2.4.1.10.4 EXECUTION, DELIVERY AND PROCESS RISK . 38 2.4.1.10.5 REPORTING RISK . 38 2.4.1.10.6 ACCOUNTING RISK . 39 TABLE OF CONTENTS 2.4.1.10.7 PROJECT RISK . 39 2.4.1.10.8 COMPETITION LAW RISK . 39 2.4.1.10.9 MODEL RISK . 39 2.4.2 STRATEGIC RISK . 40 2.4.2.1 REPUTATIONAL RISK . 40 2.4.2.2 SUSTAINABILITY RISK . 41 2.4.2.2.1 CLIMATE CHANGE RISK . 41 2.4.2.2.2 HUMAN RIGHTS RISK . 42 2.4.2.3 BUSINESS RISK . 42 2.4.2.3.1 FORECASTING RISK . 42 2.4.2.3.2 INORGANIC GROWTH RISK . 43 2.4.2.3.3 NEW BUSINESS RISK . 43 2.4.2.3.4 INVESTOR RELATIONS RISK . 43 2.5 CONCLUSION AND OUTLOOK . 43 3 RISK BOUNDARIES - SETTING AN ANALYTICAL RISK APPETITE FRAMEWORK FOR NON-FINANCIAL RISKS . 45 FEDERICO TRUFFELLI, DR. ULRICH GORES, LORENZO FANTINI, MICHELE RIGONI, LUCA RANCAN 3.1 INTRODUCTION . 45 3.1.1 REGULATORY REQUIREMENTS . 45 3.1.2 RAF IN PRACTICE . 47 3.2 RAF LEVEL 1: OVERALL RISK APPETITE STATEMENT . 49 3.2.1 OVERALL STATEMENT . 49 3.2.2 PROHIBITED ACTIVITIES . 51 3.3 RAF LEVEL 2: RISK APPETITE METRICS . 51 3.3.1 DEFINING APPROPRIATE METRICS . 51 3.3.2 METRICS: SETTING THE THRESHOLDS . 52 3.3.2.1 THRESHOLDS BASED ON BENCHMARK AND HISTORICAL INTERNAL LOSS DATA FOR A METRIC BASED ON OPERATIONAL LOSSES . 53 3.3.2.2 THRESHOLDS BASED ON RESIDUAL RISK LEVELS FOR A METRIC BASED ON RISK ASSESSMENT . 54 3.4 RAF LEVEL 3: KEY RISK INDICATORS . 55 3.4.1 SELECTING KEY RISK INDICATORS . 55 3.4.1.1 CANDIDATE INDICATORS IDENTIFICATION . 56 3.4.1.2 APPETITE TRACKING SUITABILITY . 56 3.4.1.3 EXPERT JUDGEMENT . 56 3.4.2 KRIS: SETTING AND CALIBRATING THE THRESHOLDS . 60 3.4.2.1 THRESHOLD CALIBRATION BASED ON HISTORICAL DATA ANALYSIS AND PERCENTILES . 60 3.4.2.2 THRESHOLD FINE-TUNING BASED ON BENCHMARKING AND BACKTESTING . 62 VII NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY 3.5 RAF GOVERNANCE . 63 3.5.1 RAF DESIGN AND UPDATE . 64 3.5.2 RAF MONITORING AND REPORTING . 65 3.5.3 RAF THRESHOLD BREACHES AND ESCALATION . 66 3.5.4 ACTION PLAN DEFINITION . 68 4 THE THREE LINES OF DEFENCE MODEL: KEY SUCCESS FACTORS FOR EFFECTIVE RISK MANAGEMENT . 71 DR. OLIVER ENGELS, MARC PETER KLEIN, PETER GIIRTLSCHMIDT, DR. GEORG LIENKE, REI TANAKA 4.1 INTRODUCTION . 71 4.2 REGULATORY FRAMEWORK IN SELECTED KEY JURISDICTIONS . 72 4.2.1 EUROPEANUNION . 72 4.2.2 UNITED STATES OF AMERICA . 73 4.2.3 HONG KONG . 73 4.2.4 SINGAPORE . 73 4.2.5 RISK-TYPE-SPECIFIC QUALIFICATIONS OF THE 3LOD MODEL: FINANCIAL CRIME PREVENTION . 74 4.2.5.1 EU: REMAINING COUNTRY-SPECIFIC VARIATION IN 1 ST AND 2ND LOD MANDATE . 74 4.2.5.2 UNITED STATES OF AMERICA: BSA COMPLIANCE OFFICER . 74 4.2.5.3 HONG KONG: MONEY LAUNDERING REPORTING OFFICER AND COMPLIANCE OFFICER . 75 4.3 KEY ROLES AND RESPONSIBILITIES OF 1 ST , 2ND AND 3 RD LOD . 75 4.3.1 THE FIRST LINE OF DEFENCE: RISK OWNER . 76 4.3.1.1 SCOPE OF 1 ST LOD MANDATE . 76 4.3.1.1.1 RISK OWNERSHIP . 76 4.3.1.1.2 IMPLEMENTATION AND EXECUTION OF 1ST LOD CONTROLS . 76 4.3.1.2 ALLOCATION OF 1 ST LOD RESPONSIBILITY . 76 4.3.1.3 1 ST LOD RISK-COORDINATING FUNCTION (1.5 TH LOD) . 77 4.3.1.3.1 COORDINATION OF RISK MANAGEMENT ACTIVI TIES . 77 4.3.1.3.2 INTERFACE TO 2ND LOD . 77 4.3.1.3.3 REGULATORY ADVISOR . 77 4.3.2 THE SECOND LINE OF DEFENCE: INTERNAL CONTROL FUNCTIONS . 78 4.3.2.1 SCOPE OF 2ND LOD MANDATE . 78 4.3.2.1.1 STANDARD SETTING . 78 4.3.2.1.2 TESTING OF 1 ST LOD CONTROLS . 79 4.3.2.1.3 RISK ASSESSMENT . 79 4.3.2.1.4 TRAINING AND ADVISORY . 79 4.3.2.2 RISK MATERIALITY AND CORRESPONDING INTENSITY OF 2ND LOD RISK OVERSIGHT . 79 VIII TABLE OF CONTENTS 4.3.2.3 INDEPENDENCE OF 2 ND LOD RISK OVERSIGHT . 80 4.3.2.3.1 ORGANISATIONAL INDEPENDENCE . 80 4.3.2.3.2 FUNCTIONAL INDEPENDENCE . 80 4.3.2.3.3 INTERNAL CONTROL FUNCTIONS PERFORMING 1ST LOD ACTIVITIES . 81 4.3.2.4 KEY SUCCESS FACTORS FOR EFFECTIVE 2ND LOD RISK OVERSIGHT . 82 4.3.2.4.1 METHODOLOGY CONSISTENCY ACROSS 2 ND LOD FUNCTIONS . 82 4.3.2.4.2 BODIES AND COMMITTEES: ADEQUATE 2 ND LOD PARTICIPATION AND INFORMATION SHARING . 83 4.3.2.4.3 APPOINTMENT OF PRIMUS INTER PARES NON FINANCIAL RISK GOVERNANCE FUNCTION . 84 4.3.3 THE THIRD LINE OF DEFENCE: INTERNAL AUDIT AS PROVIDER OF INDEPENDENT ASSURANCE . 85 4.3.3.1 INDEPENDENT ASSURANCE . 85 4.3.3.1.1 ADEQUACY OF RISK MANAGEMENT FRAMEWORK 85 4.3.3.1.2 DESIGN AND OPERATING EFFECTIVENESS . 85 4.3.3.1.3 COMPLIANCE WITH REGULATORY REQUIREMENTS AND INTERNAL STANDARDS . 86 4.3.3.2 ADVISING THE BOARD OF DIRECTORS . 86 4.4 COMMON PITFALLS OF THE 3LOD MODEL AND PRECAUTIONARY MEASURES . . 86 4.4.1 INSUFFICIENT RISK OWNERSHIP BY 1 ST LOD . 86 4.4.2 LACK OF 2ND LOD EXPERTISE . 87 4.4.3 INADEQUATE ASSURANCE BY 3 RD LOD . 87 4.5 CONCLUSION . 88 5 GLOBAL FUNCTIONAL LEAD IN NON-FINANCIAL RISK MANAGEMENT: ENSURING CONSISTENCY AND INTEGRATION IN COMPLEX ORGANISATIONS . 89 ULRIKE BROUZI, DR. MICHAEL LANGE, P. ROBERT MIESZKOWSKI, JANNIK LEIENDECKER, DR. GEORG LIENKE, FLORIAN SEIFERLEIN, NORBERT GITTFRIED, REI TANAKA 5.1 INTRODUCTION . 89 5.2 REGULATORY FRAMEWORK IN SELECT KEY MARKETS . 91 5.2.1 EUROPEANUNION . 91 5.2.2 UNITED STATES OF AMERICA . 91 5.2.3 HONG KONG . 92 5.2.4 SINGAPORE . 92 5.3 GLOBAL FUNCTIONAL LEAD: INDIVIDUAL CORPORATE PARAMETERS TO CONSIDER . 92 5.3.1 CORPORATE CULTURE . 92 5.3.2 ORGANISATION ' S COMPLEXITY . 93 5.3.3 IT LANDSCAPE . 93 5.3.4 GEOGRAPHICAL FOOTPRINT . 93 IX NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY 5.4 MAJOR COMPONENTS OF GLOBAL FUNCTIONAL LEAD IN NON-FINANCIAL RISK MANAGEMENT . 93 5.4.1 OPERATING MODEL: STRIKING A BALANCE BETWEEN GLOBAL STANDARDS AND REGIONAL EXECUTION . 94 5.4.1.1 REGULATORY HORIZON SCREENING . 95 5.4.1.2 SETTING OF RISK-SPECIFIC STANDARDS . 96 5.4.1.3 TRAINING AND ADVISORY . 97 5.4.1.4 CONTROLS BY THE 1 ST AND 2ND LINE OF DEFENCE . 97 5.4.1.5 NON-FINANCIAL RISK ASSESSMENT . 98 5.4.1.6 NON-FINANCIAL RISK REPORTING . 99 5.4.1.7 GROUP RISK OVERSIGHT . 99 5.4.2 REPORTING LINES: ESTABLISHING IMPLEMENTATION ACCOUNTABILITY IN VERTICAL FUNCTIONS . 100 5.4.2.1 SOLID REPORTING LINES INTO LOCAL LEGAL ENTITY AND BRANCH 100 5.4.2.2 DOTTED REPORTING LINES INTO GLOBAL RISK MANAGEMENT ORGANISATION . 101 5.4.3 MEETING GOVERNANCE: SUPPORTING EFFECTIVE MANAGEMENT OF A GLOBAL RISK FUNCTION . 101 5.5 CONCLUSION . 102 6 POLICIES AND PROCEDURES: FRAMEWORK AND GOVERNANCE REQUIREMENTS IN THE FINANCIAL SECTOR . 105 DR. ERASMUS FABER, BJORN STAUBER, DR. GEORG LIENKE 6.1 INTRODUCTION . 105 6.2 REGULATORY FRAMEWORK IN SELECTED KEY JURISDICTIONS . 105 6.2.1 EUROPEAN BANKING AUTHORITY (EBA) . 106 6.2.2 US REGULATORS . 106 6.2.2.1 THE FEDERAL RESERVE . 106 6.2.2.2 OFFICE OF THE COMPTROLLER OF THE CURRENCY . 107 6.2.3 HONG KONG MONETARY AUTHORITY . 107 6.2.4 MONETARY AUTHORITY OF SINGAPORE . 108 6.3 POLICY FRAMEWORK: KEY IMPLICATIONS FOR A TARGET CONCEPT . 109 6.3.1 STATUS QUO: NEED FOR STRUCTURED APPROACH . 109 6.3.1.1 LACK OF A HARMONISED APPROACH . 109 6.3.1.2 POLICY GAPS AND REDUNDANCIES . 109 6.3.2 POLICY FRAMEWORK: DESIGN CONCEPT AND HIERARCHIES . 110 6.3.2.1 DESIGN CONCEPT: KEY HYPOTHESES FOR AN EFFECTIVE POLICY FRAMEWORK . 110 6.3.2.1.1 HARMONISED DESIGN APPROACH . 110 6.3.2.1.2 COMPLETENESS . 110 6.3.2.1.3 UNIFORM NAMING CONVENTION . 110 6.3.2.1.4 PRECISE WORDING . ILL 6.3.2.1.5 ASSIGNMENT OF RESPONSIBILITIES . ILL 6.3.2.1.6 GOVERNANCE RULES . ILL 6.3.2.1.7 LINKAGE TO INTERNAL PROCESSES AND CONTROLS 111 X TABLE OF CONTENTS 6 .2.2.2 SUGGESTED HIERARCHY LEVELS: KEY CRITERIA AND EXAMPLES 111 6.3.2.3 LEVEL ONE: OVERARCHING RISK STRATEGIES, POLICIES AND DOCUMENTS - RISK AND BUSINESS SEGMENT AGNOSTIC . 112 6.2.2.3.1 KEY CRITERIA . 112 6.3.2.3.2 KEY RISK TYPE AND BUSINESS SEGMENT AGNOSTIC TOPICS . 112 6.3.2.4 LEVEL TWO: RISK-TYPE-SPECIFIC POLICIES AND PROCEDURES 113 6.3.2.4.1 KEY CRITERIA . 113 6.3.2.4.2 RISK-TYPE-SPECIFIC DOCUMENTS . 113 6.3.2.5 LEVEL THREE: CUSTOMER-RELATED AND BUSINESS-SPECIFIC POLICIES AND PROCEDURES . 114 6.3.2.5.1 KEY CRITERIA . 114 6.3.2.5.2 CUSTOMER-RELATED AND BUSINESS-SPECIFIC TOPICS . 115 6.3.2.6 LEVEL FOUR: POLICIES AND PROCEDURES IN INTERNATIONAL LOCATIONS . 115 6.3.2.6.1 SCOPE OF APPLICABILITY: SUBSIDIARY COMPANIES AND BRANCH OFFICES . 115 6.3.2.6.2 KEY CRITERIA . 115 6.4 POLICY GOVERNANCE, REPOSITORY AND WORKFLOW TOOL . 116 6.4.1 APPROVAL OF POLICIES AND PROCEDURES . 117 6.4.1.1 LEVEL ONE: BOARD OF DIRECTORS . 117 6.4.1.2 LEVEL TWO: RESPONSIBLE BOARD MEMBER . 117 6.4.1.3 LEVEL THREE: SENIOR MANAGEMENT ON N-1 LEVEL . 117 6.4.1.4 LEVEL FOUR: GENERAL MANAGER OR 2ND LOD N-1 . 117 6.4.2 AUTHORSHIP, OWNERSHIP, CREATION AS WELL AS UPDATE OF POLICIES AND PROCEDURES . 118 6.4.2.1 DOCUMENT AUTHORSHIP . 118 6.4.2.2 DOCUMENT OWNERSHIP . 118 6.4.2.3 DOCUMENT CREATION PROCESS . 118 6.4.2.4 STRINGENT MANAGEMENT OF UPDATE PROCESS . 118 6.4.2.4.1 REGULAR VALIDATION BASED ON TIME INTERVALS 119 6.4.2.4.2 AD HOC UPDATES . 119 6.4.3 POLICY REPOSITORY, INCLUDING WORKFLOW TOOL: CENTRALISED MANAGEMENT OF POLICIES AND PROCEDURES . 119 6.4.3.1 FACILITATION OF ACCESS . 120 6.4.3.2 DOCUMENT LIFECYCLE MANAGEMENT . 120 6.4.3.2.1 REGULAR VALIDATION OF DOCUMENTS . 120 6.4.3.2.2 AD HOC UPDATES . 120 6.4.3.2.2.1 CHANGES IN BUSINESS AND OPER ATING MODEL . 120 6.4.3.2.2.2 CHANGES IN REGULATORY FRAME WORK . 121 6.4.3.3 AUDIT-PROOF CHANGE LOG . 121 6.5 CONCLUSION . 121 XI NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY 7 TOP-DOWN RISK AND CONTROL ASSESSMENT: A FORWARD-LOOKING APPROACH TO EVALUATE COMPANY-WIDE NON-FINANCIAL RISK EXPOSURE . 123 HURDOGAN IRMAK, BURCU NASUHOGLU, DR. ERASMUS FABER, LORENZO FANTINI, BENEDETTA TESTINO, JANNIK LEIENDECKER, BARBARA FOJCIK, DR. GEORG LIENKE 7.1 INTRODUCTION 123 7.2 TOP-DOWN VS. BOTTOM-UP: DIFFERENT APPROACHES BASED ON DESIRED OUTCOMES . 124 7.2.1 APPROACHES: RISK-SPECIFIC FOCUS VS. OVERARCHING NON-FINANCIAL RISK COVERAGE . 124 7.2.1.1 BOTTOM-UP APPROACH: RISK-SPECIFIC, GRANULAR FOCUS . 125 7.2.1.2 TOP-DOWN APPROACH: OVERARCHING, HOLISTIC NON FINANCIAL RISK COVERAGE . 125 7.2.2 POTENTIAL OUTCOMES: DIFFERENT SCOPE OF RISK-COVERAGE AND LEVEL OF GRANULARITY . 126 7.3 KEY SUCCESS FACTORS: MAXIMISING THE EFFECTIVENESS OF TOP-DOWN RISK AND CONTROL ASSESSMENTS . 126 7.4 REGULATORY FRAMEWORK, BEST PRACTICE AND STANDARD SETTER GUIDELINES . . 127 7.4.1 COSO ERM FRAMEWORK . 127 7.4.2 BANK FOR INTERNATIONAL SETTLEMENTS . 128 7.4.3 EBA AND ECB . 128 7.5 METHODOLOGY OF TOP-DOWN RISK AND CONTROL ASSESSMENT: EVALUATION OF INHERENT RISK, CONTROL ADEQUACY AND RESIDUAL RISK . 129 7.5.1 NON-FINANCIAL RISK TAXONOMY AS A STARTING POINT . 129 7.5.2 MEASUREMENT OF INHERENT RISK . 129 7.5.2.1 CALCULATION OF SEVERITY . 130 7.5.2.1.1 ORGANISATION-SPECIFIC RISK INDICATORS . 130 7.5.2.1.2 INDUSTRY ADJUSTMENTS . 132 7.5.2.1.3 WEIGHTING OF RISK INDICATORS BASED ON DATA SOURCE RELIABILITY . 133 7.5.2.2 CALCULATION OF LIKELIHOOD . 133 7.5.2.3 INHERENT RISK MATRIX . 134 7.5.3 MEASUREMENT OF INTERNAL CONTROL ADEQUACY . 134 7.5.3.1 CONTROL INDICATORS . 135 7.5.3.2 WEIGHTING OF CONTROL INDICATORS . 136 7.5.3.3 CONTROL RATING . 136 7.5.4 DETERMINATION OF RESIDUAL RISK . 137 7.6 BREAKOUT: BUILDING AN INSTITUTION-WIDE INTERNAL CONTROL SYSTEM . 138 7.6.1 INTRODUCTION . 138 7.6.2 ALTERNATIVE PATH TO BUILDING AN INTERNAL CONTROL FRAMEWORK: TOP-DOWN, RISK-BASED APPROACH . 138 7.6.3 FIVE-STEP APPROACH: BUILDING AN INTERNAL CONTROL FRAMEWORK . 139 7.6.3.1 STEP 1: DETERMINATION OF NFR CRITICALITY . 139 7.6.3.2 STEP 2: MAPPING OF KEY RISKS TO PROCESS LANDSCAPE . . 139 7.6.3.3 STEP 3: DEFINITION OF CONTROL OBJECTIVES, KEY CONTROLS AND CONTROL REPOSITORY . 140 XII TABLE OF CONTENTS 7.6.3.4 STEP 4: ASSESSMENT OF CONTROLS . 140 7.6.3.5 STEP 5: DESIGN NFR CONTROL REPORT . 141 7.7 APPROACH TO HANDLING RESIDUAL RISK . 141 7.7.1 HIGH RESIDUAL RISK: PROJECT AND INVESTMENT IMPERATIVE TO MITIGATING RESIDUAL RISK . 142 7.7.2 MEDIUM-HIGH RESIDUAL RISK: ACTION PLAN TO REDUCE INHERENT RISK EXPOSURE . 142 7.7 .3 MEDIUM-LOW RESIDUAL RISK: CONTINUOUS CONTROL TESTING AND SELECTED ACTION REQUESTED . 142 7.7.4 LOW RESIDUAL RISK: PERIODIC, RISK-BASED CONTROLS . 142 7.8 INTEGRATED PROCESS TO PERFORM ANNUAL TOP-DOWN RISK AND CONTROL ASSESSMENT . 143 7.8.1 PHASE 1: PRE-ASSESSMENT BY CONTROL FUNCTIONS . 143 7.8.2 PHASE 2: ASSESSMENT BY BUSINESS SENIOR MANAGEMENT . 144 7.8.3 PHASE 3: VALIDATION AND REPORTING . 144 8 A TOP-DOWN APPROACH TO NON-FINANCIAL RISK REPORTING: COLLABORATION ACROSS RISK TYPES FOR SUSTAINABLE RISK STEERING . 145 VALERIE VILLAFRANCA, DR. GEORG LIENKE, FLORIAN SEIFERLEIN, KAI GAMMELIN, DR. KATHARINA HEFTER, NORBERT GITTFRIED 8.1 INTRODUCTION: THE IMPERATIVE OF TOP-DOWN NON-FINANCIAL RISK REPORTING . 145 8.2 REGULATORY FRAMEWORK IN SELECTED KEY MARKETS . 146 8.2.1 EUROPEANUNION . 146 8.2.2 UNITED STATES . 147 8.2.3 HONG KONG . 147 8.2.4 SINGAPORE . 148 8.3 CURRENT STATE OF NON-FINANCIAL RISK REPORTING: FORMATS WITH INCON SISTENT SCOPES AND METHODOLOGIES . 148 8.3.1 OPERATIONAL RISK REPORTS . 148 8.3.2 ADDITIONAL 2ND LOD REPORTS ON SPECIFIC NON-FINANCIAL RISK TYPES . 149 8.3.3 REPORTS ON INTERNAL CONTROL SYSTEM . 150 8.4 KEY PARAMETERS OF TOP-DOWN NON-FINANCIAL RISK REPORTING: METHODOLOGY, REQUIRED INPUT AND RESULTS . 150 8.4.1 IDENTIFICATION AND EVALUATION OF KEY RISK INDICATORS . 151 8.4.1.1 DETERMINATION OF KEY RISK INDICATORS, THRESHOLDS AND POTENTIAL INPUT SOURCES . 151 8.4.1.1.1 STEP 1: UNDERSTAND RISK FACTORS . 151 8.4.1.1.2 STEP 2: IDENTIFY KEY RISK INDICATORS . 151 8.4.1.1.3 STEP 3: DERIVE INSTITUTION-SPECIFIC THRESH OLDS . 151 XIII NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY 8.4.1.2 EXAMPLE KRIS: FINANCIAL CRIME RISK, OUTSOURCING RISK AND HUMAN RESOURCES RISK . 152 8.4.1.2.1 KEY RISK INDICATORS FOR FINANCIAL CRIME RISK . 152 8.4.1.2.2 KEY RISK INDICATORS FOR OUTSOURCING RISK . . 154 8.4.1.2.3 KEY RISK INDICATORS FOR HUMAN RESOURCES RISK . 154 8.4.1.3 EVALUATION OF KEY RISK INDICATORS . 155 8.4.2 ASSESSMENT OF KEY CONTROLS AS RISK-MITIGATING MEASURES . 156 8.4.2.1 STEP 1: CAPTURING AND ALLOCATION OF CONTROLS . 156 8.4.2.2 STEP 2: ASSESSMENT OF CONTROLS . 158 8.4.3 DETERMINATION OF RESIDUAL RISK AND REQUIRED RISK-MITIGATING ACTIONS . 159 8.4.3.1 HIGH LEVEL OF RESIDUAL RISK . 160 8.4.3.2 MEDIUM LEVEL OF RESIDUAL RISK . 160 8.4.3.3 LOW LEVEL OF RESIDUAL RISK . 161 8.5 REPORTING PROCESS AND GOVERNANCE . 161 8.5.1 GOVERNANCE ARRANGEMENTS . 161 8.5.1.1 BOARD OF DIRECTORS . 161 8.5.1.2 CHAIRMAN OF THE SUPERVISORY BOARD . 161 8.5.1.3 CENTRAL REPORTING UNIT . 161 8.5.1.4 2ND LOD CONTROL FUNCTIONS . 162 8.5.1.5 OPERATIONAL RISK DEPARTMENT . 162 8.5.2 REPORTING PROCESS . 162 8.6 CONCLUSION . 163 9 INTERNAL INVESTIGATIONS INTO CORPORATE MISCONDUCT: APPLYING AN INVESTIGATIVE APPROACH TO ENABLE PROACTIVE RISK OVERSIGHT . 165 LORA VON PLOETZ, FLORIAN SEIFERLEIN 9.1 INTRODUCTION . 165 9.2 SELECTED LAWS, REGULATIONS AND STANDARDS . 166 9.2.1 SUPERVISORY SANCTION RELIEF BASED ON VOLUNTARY INVESTIGATION AND COOPERATION . 168 9.2.1.1 JURISDICTIONS POTENTIALLY REDUCING SANCTIONS AND EN FORCEMENT ACTIONS DUE TO EFFECTIVE INVESTIGATION AND COOPERATION . 168 9.2.1.2 JURISDICTIONS NOT EXPLICITLY PROVIDING A BONUS FOR SELF DISCLOSURE AND COOPERATION . 170 9.2.1.3 JURISDICTIONS WHERE INVESTIGATIONS AND COOPERATION DO NOT CHANGE ASSESSMENT OF LAW ENFORCEMENT . 170 9.2.2 STATUTORY DISCLOSURE REQUIREMENTS . 171 9.2.3 INVESTIGATION STANDARDS AND REQUIREMENTS . 172 XIV TABLE OF CONTENTS 9.3 CONCEPT FOR PROACTIVE RISK OVERSIGHT USING AN INVESTIGATIVE APPROACH 173 9.3.1 INVESTIGATION PROCESS . 174 9.3.1.1 PROACTIVE RISK MANAGEMENT . 175 9.3.1.2 STRATEGIC AND TACTICAL INVESTIGATIONS . 177 9.3.1.3 EXAMPLE: SANCTIONS-DRIVEN INVESTIGATIONS . 178 9.3.2 INFORMATION SHARING AND GLOBAL RISK MANAGEMENT . 181 9.3.2.1 HOW TO CONNECT NEEDLES IN THE SAME HAYSTACK (IN A FINANCIAL INSTITUTION) . 182 9.3.2.2 HOW TO CONNECT NEEDLES IN DIFFERENT HAYSTACKS (BETWEEN DIFFERENT FINANCIAL INSTITUTIONS) . 183 9.4 SUCCESS FACTORS AND COMMON PITFALLS . 185 10 TECHNICAL APPLICATION AND DATA ARCHITECTURE FOR NON-FINANCIAL RISK MANAGEMENT . 187 KAI GAMMELIN, BJORN STAUBER, DR. CHRISTIAN N. SCHMID, DR. JAN-OLIVER FROHLICH, ANNIKA MELCHERT, DANIEL WAGNER 10.1 INTRODUCTION . 187 10.1.1 A FRAGMENTED IT LANDSCAPE . 187 10.1.2 IT ' S IMPACT ON DATA AVAILABILITY . 190 10.1.3 DATA AVAILABILITY ACROSS BORDERS . 190 10.1.4 ADDITIONAL CHALLENGES ASSOCIATED WITH GROUP COMPANIES . 190 10.2 REGULATORY REQUIREMENTS . 192 10.3 SIX CHALLENGES IN NFR MANAGEMENT AND REPORTING . 193 10.3.1 CHALLENGE 1: THE LACK OF A DEFINED NFR-IT STRATEGY . 193 10.3.2 CHALLENGE 2: RESPONSIBILITY FOR AND EXECUTION OF NFR REPORT ING-RELATED ACTIVITIES (OPERATIONAL UNIT VS. NFR MANAGEMENT) 194 10.3.3 CHALLENGE 3: CONSISTENCY AND TRANSPARENCY OF IT ARCHITECTURE 195 10.3.4 CHALLENGE 4: ALIGNMENT OF DATA ARCHITECTURE FOR TRANSPARENCY ON DATA LINEAGE . 196 10.3.5 CHALLENGE 5: IMPLEMENTING A SOLID IT TARGET ARCHITECTURE . 197 10.3.6 CHALLENGE 6: COST-BENEFIT CONSIDERATIONS . 197 10.4 A TARGET IT ARCHITECTURE FOR NFR . 197 10.4.1 THE NFR ARCHITECTURE ECOSYSTEM . 200 10.4.2 DASHBOARDS AND REPORTING . 200 10.4.3 OTHER KEY ENABLING TECHNOLOGIES . 201 11 DATA GOVERNANCE IN NON-FINANCIAL RISK MANAGEMENT . 203 BJORN STAUBER, DR. CHRISTIAN N. SCHMID, DR. JAN-OLIVER FROHLICH, ANNIKA MELCHERT, DANIEL WAGNER 11.1 INTRODUCTION . 203 11.2 REGULATORY REQUIREMENTS . 204 11.3 DATA GOVERNANCE TO SUPPORT NFR MANAGEMENT . 204 11.3.1 DATA STRUCTURES . 205 11.3.2 TARGET OPERATING MODEL (TOM) . 206 11.3.3 DATA POLICIES . 207 11.3.4 DATA TOOLS . 207 XV NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY 11.4 SCALING UP STATE-OF-THE-ART NFR DATA GOVERNANCE . 208 11.4.1 SPECIFIC ROLES AND RESPONSIBILITIES . 210 11.4.2 TOOL OPTIMISATION . 212 11.5 CONCLUSION . 212 12 OPTIMISING EFFECTIVENESS AND EFFICIENCY: DEPLOYMENT OF ARTIFICIAL INTELLIGENCE IN NON-FINANCIAL RISK MANAGEMENT . 213 DR. JOCHEN PAPENBROCK, DR. JOHN ASHLEY, DR. GEORG LIENKE, FLORIAN SEIFERLEIN, NORBERT GITTFRIED 12.1 INTRODUCTION . 213 12.2 FINANCIAL SECTOR DIGITISATION: THE FRONT-TO-BACK CASE FOR AI . 213 12.2.1 DIGITAL TRANSFORMATION OF BUSINESS AND OPERATING MODELS . 214 12.2.1.1 CHANGED CUSTOMER EXPECTATIONS AND BEHAVIOUR . 214 12.2.1.2 INCREASING EFFICIENCY CHALLENGES . 214 12.2.2 IMPACT OF COVID-19 . 214 12.2.2.1 ACCELERATOR OF DIGITISATION . 215 12.2.2.2 MODIFIED RISK ENVIRONMENT . 215 12.3 REGULATORY APPROACH TO ARTIFICIAL INTELLIGENCE . 216 12.3.1 OVERVIEW . 216 12.3.1.1 EUROPEANUNION . 216 12.3.1.1.1 EUROPEAN COMMISSION . 216 12.3.1.1.2 EUROPEAN BANKING AUTHORITY . 217 12.3.1.1.3 NATIONAL FINANCIAL SUPERVISORS . 218 12.3.1.2 UNITED STATES . 218 12.3.1.3 HONG KONG . 219 12.3.1.4 SINGAPORE . 219 12.3.2 SUMMARY OF KEY REGULATORY EXPECTATIONS . 219 12.3.2.1 GOVERNANCE . 219 12.3.2.2 DESIGN AND DEVELOPMENT . 219 12.3.2.3 ONGOING MAINTENANCE . 220 12.4 MACHINE LEARNING ALGORITHMS: KEY LEARNING MODES AND EXAMPLES . 221 12.4.1 SUPERVISED LEARNING . 223 12.4.2 UNSUPERVISED LEARNING . 223 12.4.3 REINFORCEMENT LEARNING . 223 12.4.4 DEEP LEARNING . 224 12.5 DEPLOYMENT OF AI IN NON-FINANCIAL RISK MANAGEMENT . 225 12.5.1 FINANCIAL CRIME PREVENTION: BIOMETRIC CUSTOMER IDENTIFICATION, DYNAMIC CRR CALCULATION AND AL-BASED TRANSACTION SCREENING 225 12.5.1.1 KNOW YOUR CUSTOMER: AUTOMATED BIOMETRIC IDENTI FICATION OF CUSTOMERS . 225 12.5.1.2 DYNAMIC CALCULATION OF CUSTOMER RISK RATINGS: FASTER REACTION TO MATERIAL CHANGES IN CLIENT RISK PROFILES . . 226 12.5.1.2.1 AUTOMATIC DATA IMPORT INTO THE CRR SYSTEM . 226 12.5.1.2.2 DYNAMIC RECALCULATION OF CUSTOMER RISK RATINGS . 227 XVI TABLE OF CONTENTS 12.5.1.3 NEGATIVE NEWS SCREENING: AL-SUPPORTED REDUCTION OF SCREENING EFFORTS . 227 12.5.1.3.1 MATCHING OF CUSTOMER NAMES TO NEGATIVE NEWS . 227 12.5.1.3.2 CONTEXTUAL PRE-EVALUATION OF NEWS ARTI CLES . 228 12.5.1.4 SANCTIONS NAME SCREENING: AL-SUPPORTED REDUCTION OF FALSE POSITIVE ALERTS AND PRE-ASSESSMENT OF SCREEN ING ALERTS . 228 12.5.1.4.1 REDUCTION OF FALSE POSITIVE ALERTS VIA FEED BACK LOOP . 229 12.5.1.4.2 PRE-ASSESSMENT OF GENERATED ALERTS AND OPTIMISATION OF MANUAL ALERT REVIEWS . 229 12.5.1.5 SANCTIONS TRANSACTION SCREENING . 230 12.5.1.6 AML TRANSACTION MONITORING: DEPLOYING ARTIFICIAL INTELLIGENCE TO MANUAL INVESTIGATIONS . 230 12.5.2 PREVENTION OF MARKET ABUSE: AL-BASED DETECTION OF IRREGULARI TIES IN SECURITIES TRADING . 231 12.5.2.1 BEHAVIOUR-BASED TRACKING OF TRADING PORTFOLIOS: AI- BASED DETECTION OF IRREGULAR TRANSACTIONS . 231 12.5.2.2 AL-BASED ASSESSMENT OF TRADER ' S VOICE AND EMAIL COMMUNICATION . 232 12.5.3 MANAGEMENT OF AI (MODEL) RISK: KEY DISCIPLINE FOR DATA DRIVEN FINANCIAL INSTITUTIONS . 232 12.5.4 AI4ESG: TECH-DRIVEN SUSTAINABLE FINANCE . 235 12.5.5 AI INFRASTRUCTURE FOR NON-FINANCIAL RISK MANAGEMENT . 236 12.6 CONCLUSION . 239 13 CORE ELEMENTS OF CONDUCT AND ETHICS IN THE CONTEXT OF NON FINANCIAL RISK . 241 DR. BARBARA ROTH, DR. ERASMUS FABER, DR. JULIA GEBHARDT, DR. KATHARINA HEFTER 13.1 CONDUCT RISK: DEFINITIONS, CHARACTERISTICS AND REGULATORY LANDSCAPE . 241 13.1.1 CONDUCT AND COMPLIANCE, ETHICS VERSUS INTEGRITY . 241 13.1.1.1 FINDING COMMON GROUND: DEFINITION OF KEY TERMS . 241 13.1.1.2 CONDUCT-BASED VERSUS INTEGRITY-BASED ETHICS . 243 13.1.1.3 AN INTEGRATIVE APPROACH FOR SYNTHESISING CONDUCT-/ COMPLIANCE-BASED AND INTEGRITY-BASED ETHICS . 244 13.1.2 WHAT IS MEANT WHEN WE TALK ABOUT CONDUCT RISK? . 246 13.1.2.1 NO UNIVERSAL DEFINITION . 246 13.1.2.2 THREE KEY TOPICS: MARKET, CLIENT AND EMPLOYEE CONDUCT RISK . 247 13.1.3 CONDUCT RISK IN THE NFR TAXONOMY . 249 XVII NON-FINANCIAL RISK MANAGEMENT IN THE FINANCIAL INDUSTRY 13.2 REGULATORY LANDSCAPE . 250 13.2.1 EUROPEAN PERSPECTIVE . 252 13.2.1.1 EUROPEAN/UK REGULATORS . 252 13.2.1.2 OTHER EUROPEAN COUNTRIES . 257 13.2.2 US PERSPECTIVE . 260 13.2.3 ASIA-PACIFIC PERSPECTIVE . 262 13.3 WHY CONDUCT RISK MATTERS . 265 13.3.1 INCREASED REGULATORY SCRUTINY . 265 13.3.1.1 FOCUS ON REGULATORY OVERSIGHT . 265 13.3.1.2 FREQUENCY OF REGULATORY ACTIONS . 266 13.3.2 SUPERVISORY AND LEGAL ACTIONS . 267 13.3.2.1 ACTIONS AGAINST FIRMS . 267 13.3.2.2 ACTIONS AGAINST INDIVIDUALS . 268 14 MANAGING CONDUCT RISK: FRAMEWORK AND PERSPECTIVES . 271 PROF. DR. MARTIN SCHULZ, DR. JULIA GEBHARDT, DR. KATHARINA HEFTER, RENE BYSTRON 14.1 TRENDS AND PERSPECTIVES IN RESPECT OF CONDUCT RISK IN THE REGULATORY CONTEXT . 271 14.1.1 TREATING CUSTOMERS FAIRLY (TCF) . 271 14.1.2 SENIOR MANAGEMENT REGIMES AS EMERGING GLOBAL TRENDS IN CONDUCT RISK . 273 14.1.2.1 UK . 273 14.1.2.2 HONG KONG AND SINGAPORE . 275 14.1.2.3 MALAYSIA . 275 14.1.2.4 AUSTRALIA . 276 14.2 CONDUCT RISK MANAGEMENT AS INTEGRAL PART OF ESG . 277 14.2.1 G LIKE CONDUCT . 277 14.2.2 NEW LEGISLATIVE FOCUS AND RECENT REGULATORY DEVELOPMENTS . . . 277 14.2.3 ACTIVITIES AT THE EU LEVEL . 278 14.2.4 OPTIMISING ESG RISK MANAGEMENT . 280 14.3 MANAGING CONDUCT RISK . 281 14.3.1 THE CONDUCT RISK HOUSE . 281 14.3.2 BUILDING A CONDUCT RISK FRAMEWORK . 282 15 SUCCESSFUL ESG TRANSITION: IMPLICATIONS AND CHALLENGES FOR EFFECTIVE RISK MANAGEMENT . 285 ANITA VARSHNEY, JANNIK LEIENDECKER, AYTECH PSEUNOKOV 15.1 INTRODUCTION . 285 15.2 REGULATORY FRAMEWORKS IN SELECTED KEY JURISDICTIONS . 287 15.2.1 GENERAL OVERVIEW . 287 15.2.2 EUROPEANUNION . 288 15.2.2.1 NON-FINANCIAL REPORTING DIRECTIVE & CORPORATE SUSTAINABILITY REPORTING DIRECTIVE . 289 15.2.2.2 SUSTAINABLE FINANCE TAXONOMY . 290 XVIII TABLE OF CONTENTS 15.2.2.3 EU DISCLOSURE REGULATION . 293 15.2.2.4 EU PRUDENTIAL REGULATIONS . 293 15.2.3 UNITED STATES . 295 15.2.4 HONG KONG . 298 15.2.5 SINGAPORE . 299 15.3 SUSTAINABLE FINANCE: UPCOMING CHALLENGES FOR COMPANIES . 300 15.4 TARGET PICTURE: EFFECTIVE MANAGEMENT OF ESG RISK . 303 15.4.1 ESG STRATEGY . 303 15.4.2 GOVERNANCE AND ORGANISATION . 305 15.4.3 ESG RISK STEERING . 307 15.4.4 IDENTIFICATION OF ENABLING FACTORS . 310 15.4.5 ESG AS AN OPPORTUNITY . 311 15.5 CONCLUSION . 312 BIBLIOGRAPHY . 315 XIX
any_adam_object	1
any_adam_object_boolean	1
author2	Gittfried, Norbert Lienke, Georg Seiferlein, Florian Leiendecker, Jannik Gehra, Bernhard
author2_role	edt edt edt edt edt
author2_variant	n g ng g l gl f s fs j l jl b g bg
author_GND	(DE-588)1218706295 (DE-588)1188243942 (DE-588)1262418763 (DE-588)1262419077 (DE-588)130583162
author_facet	Gittfried, Norbert Lienke, Georg Seiferlein, Florian Leiendecker, Jannik Gehra, Bernhard
building	Verbundindex
bvnumber	BV047489848
classification_rvk	QB 300 QK 320 QP 150 QP 300
ctrlnum	(OCoLC)1277013689 (DE-599)DNB1218179333
discipline	Wirtschaftswissenschaften
discipline_str_mv	Wirtschaftswissenschaften
edition	1. Auflage
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>03338nam a22007458c 4500</leader><controlfield tag="001">BV047489848</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20230313 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">210930s2022 gw a\|\|\| \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="015" ind1=" " ind2=" "><subfield code="a">20,N40</subfield><subfield code="2">dnb</subfield></datafield><datafield tag="016" ind1="7" ind2=" "><subfield code="a">1218179333</subfield><subfield code="2">DE-101</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9783956471889</subfield><subfield code="c">: circa EUR 79.90 (DE), circa EUR 82.20 (AT)</subfield><subfield code="9">978-3-95647-188-9</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">3956471881</subfield><subfield code="9">3-95647-188-1</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1277013689</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)DNB1218179333</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="044" ind1=" " ind2=" "><subfield code="a">gw</subfield><subfield code="c">XA-DE-HE</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-703</subfield><subfield code="a">DE-11</subfield><subfield code="a">DE-739</subfield><subfield code="a">DE-N2</subfield><subfield code="a">DE-473</subfield><subfield code="a">DE-188</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">QB 300</subfield><subfield code="0">(DE-625)141213:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">QK 320</subfield><subfield code="0">(DE-625)141644:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">QP 150</subfield><subfield code="0">(DE-625)141836:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">QP 300</subfield><subfield code="0">(DE-625)141850:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">650</subfield><subfield code="2">23sdnb</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Non-financial risk management in the financial industry</subfield><subfield code="b">a target operating model for compliance and ESG Risks</subfield><subfield code="c">N. Gittfried, G. Lienke, F. Seiferlein, J. Leiendecker, B. Gehra (eds.)</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">1. Auflage</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Frankfurt a.M.</subfield><subfield code="b">Frankfurt School Verlag</subfield><subfield code="c">2022</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XXVI, 348 Seiten</subfield><subfield code="b">Illustrationen, Diagramme</subfield><subfield code="c">24 cm x 17 cm</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Risikomanagement</subfield><subfield code="0">(DE-588)4121590-4</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Nachhaltigkeit</subfield><subfield code="0">(DE-588)4326464-5</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Corporate Governance</subfield><subfield code="0">(DE-588)4419850-4</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Umweltbezogenes Management</subfield><subfield code="0">(DE-588)4201709-9</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Corporate Social Responsibility</subfield><subfield code="0">(DE-588)7697760-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Finanzdienstleistungsinstitut</subfield><subfield code="0">(DE-588)4535644-0</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Compliance-System</subfield><subfield code="0">(DE-588)4442497-8</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="653" ind1=" " ind2=" "><subfield code="a">Risikomanagement</subfield></datafield><datafield tag="653" ind1=" " ind2=" "><subfield code="a">Finanzbranche</subfield></datafield><datafield tag="653" ind1=" " ind2=" "><subfield code="a">Nachhaltigkeit</subfield></datafield><datafield tag="653" ind1=" " ind2=" "><subfield code="a">Finanzdienstleistung</subfield></datafield><datafield tag="653" ind1=" " ind2=" "><subfield code="a">Finanzindustrie</subfield></datafield><datafield tag="653" ind1=" " ind2=" "><subfield code="a">Bank</subfield></datafield><datafield tag="655" ind1=" " ind2="7"><subfield code="0">(DE-588)4143413-4</subfield><subfield code="a">Aufsatzsammlung</subfield><subfield code="2">gnd-content</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Finanzdienstleistungsinstitut</subfield><subfield code="0">(DE-588)4535644-0</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Umweltbezogenes Management</subfield><subfield code="0">(DE-588)4201709-9</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="2"><subfield code="a">Corporate Social Responsibility</subfield><subfield code="0">(DE-588)7697760-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="3"><subfield code="a">Corporate Governance</subfield><subfield code="0">(DE-588)4419850-4</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="4"><subfield code="a">Nachhaltigkeit</subfield><subfield code="0">(DE-588)4326464-5</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="5"><subfield code="a">Compliance-System</subfield><subfield code="0">(DE-588)4442497-8</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="6"><subfield code="a">Risikomanagement</subfield><subfield code="0">(DE-588)4121590-4</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Gittfried, Norbert</subfield><subfield code="0">(DE-588)1218706295</subfield><subfield code="4">edt</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Lienke, Georg</subfield><subfield code="0">(DE-588)1188243942</subfield><subfield code="4">edt</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Seiferlein, Florian</subfield><subfield code="0">(DE-588)1262418763</subfield><subfield code="4">edt</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Leiendecker, Jannik</subfield><subfield code="0">(DE-588)1262419077</subfield><subfield code="4">edt</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Gehra, Bernhard</subfield><subfield code="0">(DE-588)130583162</subfield><subfield code="4">edt</subfield></datafield><datafield tag="710" ind1="2" ind2=" "><subfield code="a">Frankfurt School Verlag GmbH</subfield><subfield code="0">(DE-588)106429586X</subfield><subfield code="4">pbl</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe, PDF</subfield><subfield code="z">978-3-95647-190-2</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe, EPUB</subfield><subfield code="z">978-3-95647-189-6</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe, MOBI</subfield><subfield code="z">978-3-95647-191-9</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">DNB Datenaustausch</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=032891163&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-032891163</subfield></datafield></record></collection>
genre	(DE-588)4143413-4 Aufsatzsammlung gnd-content
genre_facet	Aufsatzsammlung
id	DE-604.BV047489848
illustrated	Illustrated
index_date	2024-07-03T18:15:08Z
indexdate	2024-07-10T09:13:32Z
institution	BVB
institution_GND	(DE-588)106429586X
isbn	9783956471889 3956471881
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-032891163
oclc_num	1277013689
open_access_boolean
owner	DE-703 DE-11 DE-739 DE-N2 DE-473 DE-BY-UBG DE-188
owner_facet	DE-703 DE-11 DE-739 DE-N2 DE-473 DE-BY-UBG DE-188
physical	XXVI, 348 Seiten Illustrationen, Diagramme 24 cm x 17 cm
publishDate	2022
publishDateSearch	2022
publishDateSort	2022
publisher	Frankfurt School Verlag
record_format	marc
spelling	Non-financial risk management in the financial industry a target operating model for compliance and ESG Risks N. Gittfried, G. Lienke, F. Seiferlein, J. Leiendecker, B. Gehra (eds.) 1. Auflage Frankfurt a.M. Frankfurt School Verlag 2022 XXVI, 348 Seiten Illustrationen, Diagramme 24 cm x 17 cm txt rdacontent n rdamedia nc rdacarrier Risikomanagement (DE-588)4121590-4 gnd rswk-swf Nachhaltigkeit (DE-588)4326464-5 gnd rswk-swf Corporate Governance (DE-588)4419850-4 gnd rswk-swf Umweltbezogenes Management (DE-588)4201709-9 gnd rswk-swf Corporate Social Responsibility (DE-588)7697760-2 gnd rswk-swf Finanzdienstleistungsinstitut (DE-588)4535644-0 gnd rswk-swf Compliance-System (DE-588)4442497-8 gnd rswk-swf Risikomanagement Finanzbranche Nachhaltigkeit Finanzdienstleistung Finanzindustrie Bank (DE-588)4143413-4 Aufsatzsammlung gnd-content Finanzdienstleistungsinstitut (DE-588)4535644-0 s Umweltbezogenes Management (DE-588)4201709-9 s Corporate Social Responsibility (DE-588)7697760-2 s Corporate Governance (DE-588)4419850-4 s Nachhaltigkeit (DE-588)4326464-5 s Compliance-System (DE-588)4442497-8 s Risikomanagement (DE-588)4121590-4 s DE-604 Gittfried, Norbert (DE-588)1218706295 edt Lienke, Georg (DE-588)1188243942 edt Seiferlein, Florian (DE-588)1262418763 edt Leiendecker, Jannik (DE-588)1262419077 edt Gehra, Bernhard (DE-588)130583162 edt Frankfurt School Verlag GmbH (DE-588)106429586X pbl Erscheint auch als Online-Ausgabe, PDF 978-3-95647-190-2 Erscheint auch als Online-Ausgabe, EPUB 978-3-95647-189-6 Erscheint auch als Online-Ausgabe, MOBI 978-3-95647-191-9 DNB Datenaustausch application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=032891163&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis
spellingShingle	Non-financial risk management in the financial industry a target operating model for compliance and ESG Risks Risikomanagement (DE-588)4121590-4 gnd Nachhaltigkeit (DE-588)4326464-5 gnd Corporate Governance (DE-588)4419850-4 gnd Umweltbezogenes Management (DE-588)4201709-9 gnd Corporate Social Responsibility (DE-588)7697760-2 gnd Finanzdienstleistungsinstitut (DE-588)4535644-0 gnd Compliance-System (DE-588)4442497-8 gnd
subject_GND	(DE-588)4121590-4 (DE-588)4326464-5 (DE-588)4419850-4 (DE-588)4201709-9 (DE-588)7697760-2 (DE-588)4535644-0 (DE-588)4442497-8 (DE-588)4143413-4
title	Non-financial risk management in the financial industry a target operating model for compliance and ESG Risks
title_auth	Non-financial risk management in the financial industry a target operating model for compliance and ESG Risks
title_exact_search	Non-financial risk management in the financial industry a target operating model for compliance and ESG Risks
title_exact_search_txtP	Non-financial risk management in the financial industry a target operating model for compliance and ESG Risks
title_full	Non-financial risk management in the financial industry a target operating model for compliance and ESG Risks N. Gittfried, G. Lienke, F. Seiferlein, J. Leiendecker, B. Gehra (eds.)
title_fullStr	Non-financial risk management in the financial industry a target operating model for compliance and ESG Risks N. Gittfried, G. Lienke, F. Seiferlein, J. Leiendecker, B. Gehra (eds.)
title_full_unstemmed	Non-financial risk management in the financial industry a target operating model for compliance and ESG Risks N. Gittfried, G. Lienke, F. Seiferlein, J. Leiendecker, B. Gehra (eds.)
title_short	Non-financial risk management in the financial industry
title_sort	non financial risk management in the financial industry a target operating model for compliance and esg risks
title_sub	a target operating model for compliance and ESG Risks
topic	Risikomanagement (DE-588)4121590-4 gnd Nachhaltigkeit (DE-588)4326464-5 gnd Corporate Governance (DE-588)4419850-4 gnd Umweltbezogenes Management (DE-588)4201709-9 gnd Corporate Social Responsibility (DE-588)7697760-2 gnd Finanzdienstleistungsinstitut (DE-588)4535644-0 gnd Compliance-System (DE-588)4442497-8 gnd
topic_facet	Risikomanagement Nachhaltigkeit Corporate Governance Umweltbezogenes Management Corporate Social Responsibility Finanzdienstleistungsinstitut Compliance-System Aufsatzsammlung
url	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=032891163&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT gittfriednorbert nonfinancialriskmanagementinthefinancialindustryatargetoperatingmodelforcomplianceandesgrisks AT lienkegeorg nonfinancialriskmanagementinthefinancialindustryatargetoperatingmodelforcomplianceandesgrisks AT seiferleinflorian nonfinancialriskmanagementinthefinancialindustryatargetoperatingmodelforcomplianceandesgrisks AT leiendeckerjannik nonfinancialriskmanagementinthefinancialindustryatargetoperatingmodelforcomplianceandesgrisks AT gehrabernhard nonfinancialriskmanagementinthefinancialindustryatargetoperatingmodelforcomplianceandesgrisks AT frankfurtschoolverlaggmbh nonfinancialriskmanagementinthefinancialindustryatargetoperatingmodelforcomplianceandesgrisks

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Inhaltsverzeichnis

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge