PIB 6.4.1 Guidance
1. GEN Rule 5.3.17 requires an
Authorised Person to establish and maintain arrangements to provide its Governing Body and senior management with the information necessary to organise and control its activities, to comply with legislation applicable in the DIFC and to manage risks.
2. PIB Rule 6.4.1 is intended to complement GEN Rule 5.3.17 and requires
Authorised Firms to establish and maintain reporting mechanisms specifically addressing the Operational Risk matters.
3. The frequency of internal reporting of
Operational Risks required by PIB Rule 6.4.1(b) should reflect the risks involved and the pace and nature of changes in the Authorised Firm's operating environment.
4. The following lists some of the items that an
Authorised Firm should consider including in its internal reporting of Operational Risks:
a. the results of monitoring activities;
b. assessments of the
Operational Risk framework performed by control functions such as internal audit, compliance, risk management and/or external audit;
c. reports generated by (and/or for) supervisory authorities;
d. material breaches of the
Authorised Firm's risk appetite and tolerance with respect to Operational Risk;
e. details of recent significant internal
Operational Risk events and losses, including near misses or events that resulted in a positive return; and
f. relevant external events and any potential impact on the
Authorised Firm and its Operational Risk framework, including Operational Risk capital.
Derived from RM111/2012 (Made 15th October 2012). [VER20/12-12]