PIB 6.4.1 Guidance

1. GEN Rule 5.3.17 requires an Authorised Person to establish and maintain arrangements to provide its Governing Body and senior management with the information necessary to organise and control its activities, to comply with legislation applicable in the DIFC and to manage risks.
2. PIB Rule 6.4.1 is intended to complement GEN Rule 5.3.17 and requires Authorised Firms to establish and maintain reporting mechanisms specifically addressing the Operational Risk matters.
3. The frequency of internal reporting of Operational Risks required by PIB Rule 6.4.1(b) should reflect the risks involved and the pace and nature of changes in the Authorised Firm's operating environment.
4. The following lists some of the items that an Authorised Firm should consider including in its internal reporting of Operational Risks:
a. the results of monitoring activities;
b. assessments of the Operational Risk framework performed by control functions such as internal audit, compliance, risk management and/or external audit;
c. reports generated by (and/or for) supervisory authorities;
d. material breaches of the Authorised Firm's risk appetite and tolerance with respect to Operational Risk;
e. details of recent significant internal Operational Risk events and losses, including near misses or events that resulted in a positive return; and
f. relevant external events and any potential impact on the Authorised Firm and its Operational Risk framework, including Operational Risk capital.
Derived from RM111/2012 (Made 15th October 2012). [VER20/12-12]