Regulations on the risk management service. Regulations on risk management in CB "Investment Union" (LLC). Supervision and control requirements

regulations on

RISK MANAGEMENT

IN CB "INVESTMENT UNION" (LLC)

1. General provisions

Market risk includes stock, currency and interest rate risks.

Stock risk- the risk of losses due to unfavorable changes in market prices for stock values ​​(securities, including those securing rights to participate in management) of the trading portfolio and derivative financial instruments under the influence of factors associated with both the issuer of stock values ​​and derivative financial instruments, and general fluctuations market prices for financial instruments.

Currency risk- the risk of losses for the Bank due to unfavorable
changes in foreign currency exchange rates for positions opened by the Bank in foreign currencies when performing transactions by establishing purchase and sale rates of currencies for the Bank's clients and accepting open positions in individual currencies.

Interest rate risk- risk of adverse change financial condition the Bank due to changes in interest rates that affect both the Bank’s income and the value of its assets, liabilities and off-balance sheet instruments.

4.1.4. Risk of loss of liquidity- the risk of losses due to the Bank’s inability to ensure the fulfillment of its obligations on time and in full. Liquidity risk may arise as a result of an imbalance of the Bank's financial assets and financial liabilities (including due to untimely fulfillment of financial obligations by one or more of the Bank's counterparties) and/or the emergence of an unforeseen need for the Bank to immediately and simultaneously fulfill its financial obligations.

4.2. Non-financial risks- banking risks, the occurrence of which is not related to the conduct of any operations (transactions) and/or provision of banking services (products). These include:

4.2.1. Operational risk- the risk of the Bank incurring losses as a result of
inconsistency with the nature and scale of the Bank’s activities and/or the requirements of the legislation of the Russian Federation, internal procedures and procedures for conducting banking operations and other transactions, their violation by Bank employees and/or other persons (due to incompetence, unintentional or intentional actions or inaction), disproportionality (inadequacy) functionality(characteristics) of information, technological and other systems adopted by the Bank and/or their failures (functioning disruptions), as well as as a result of the impact of external events.

4.2.2. Legal risk- the risk of losses for the Bank due to:

· non-compliance by the Bank with the requirements of regulatory legal acts and concluded agreements;

· legal errors made when carrying out their activities (incorrect legal advice or incorrect preparation of documents, including when considering controversial issues in the courts);

· imperfections of the legal system (inconsistency of legislation, lack of legal norms to regulate certain issues arising in the course of the Bank's activities);

4.3. The classification of significant types of typical banking risks given in this section is not exhaustive and can be expanded if new factors for the emergence of significant banking risks appear in the Bank’s activities.

5. Principles and place of the Regulations on financial risk management

in the Bank management system

5.1. The Risk Management Regulation, along with other internal bank documents that determine the Bank’s policy in the banking services (products) market, is one of the main tools for implementing the Bank’s development strategy.

5.2. The Risk Management Regulation is the main local internal bank document describing the risk management system in the Bank. The main elements of this system are presented in internal bank documents describing specific banking risks.

5.3. This Regulation is the central element of the system, which determines the ideology and management procedures banking risks.

5.4. Principles of risk management.

5.4.1. Consolidation of all procedures for the provision of banking services (products), the procedure for conducting operations in intrabank organizational, regulatory, organizational, administrative and functional and technological documents.

5.4.2. Use of non-standard procedures for managing banking risks
in crisis situations.

5.4.3. Appropriate use of stress testing.

5.4.4. Inadmissibility of committing banking operations and other actions leading to significant changes in the level of risks assumed by the Bank and/or the emergence of new risks, previously unexplored and unclassified.

5.4.5. Minimizing the impact of risks of one business (line of activity)
Bank on the Bank's business as a whole.

5.4.6. The inadmissibility of using banking services (products) and transactions as a tool for laundering proceeds from crime and financing terrorism.

5.4.7. Caution and reasonable conservatism when conducting banking operations and providing services (products) to Clients.

5.4.8. The impossibility of making a positive decision on conducting a banking operation or providing services (products) to Clients without observing the proper procedures provided for by internal bank documents.

5.4.9. The state and size of risks by type of business should not significantly
change over time.

5.4.10. The level of risks in one area of ​​the Bank's activity should not differ significantly from the level of risk in other areas of activity and the Bank as a whole.

5.4.11. Monitoring the status of risks accepted by the Bank with appropriate frequency.

5.4.12. Continuity of use of procedures and mechanisms for managing banking risks.

5.4.13. Openness and understandability of the banking risk management system for the public.

5.4.14. Consistency of the procedures and mechanisms used to manage banking risks over an appropriate period of time.

5.4.15. Differentiation of conditions for conducting operations and providing services (products) depending on the type of business, banking market conditions, the amount of risk accepted and the level of relationships with Clients and/or partners of the Bank.

5.4.16. Limitation of operations (transactions) and the authority to make certain decisions.

5.4.17. Centralization of management of certain banking risks.

5.4.18. Improving procedures and mechanisms for managing banking risks.

5.4.19. The state and size of the risk of a certain area of ​​activity should not differ significantly from the state and size of the risk of the Bank as a whole.

5.4.20. Immediate transmission of information about changes in liabilities and assets, the state and size of the corresponding risks, and about all non-standard operations and situations.

5.4.21. The absence of insurmountable contradictions between the state and size of a certain risk and the profitability of the corresponding operation.

5.4.22. Unconditional compliance with current legislation and requirements regulatory documents Bank of Russia.

5.5. Risk management principles are mandatory and unconditional for independent compliance structural divisions the Bank, all officials of the Bank, any employee of the Bank. Carrying out operations (any actions), the form and content of which contradict the above principles, is not permitted.

6. Organization of a financial risk management system

The implementation of the Bank's risk management mechanism is ensured by an appropriate organizational structure, the allocation at all levels of management of persons whose job responsibilities include monitoring, analysis and risk management, and a unified information infrastructure (the Bank's unified information space), which allows assessing the level of banking risks in real time.

6.1. The goals and objectives of the financial risk management system are achieved by observing certain principles using the following tools:

· system of limits, constant monitoring of the current level of risks;

· system of powers in decision making;

· risk management system;

· a set of measures in crisis situations;

· control system.

6.2. Limit system.

6.2.1. One of the tools of the Banking Risk Management Policy is an effectively functioning system of limits. The limit system is designed to establish certain restrictions on the Bank's taking of excessive risks. Exceeding the relevant limits is not allowed, except by decision of the Bank's Management Board.

6.2.2. The purpose of the limit system is to “physically” limit the Bank’s taking of excessive risks and to prevent negative problems from one of the types of business (areas of activity) from “spillover” to the entire Bank. The main objective of the limit system is to ensure the formation of a structure of assets and liabilities of the Bank that is adequate to the nature and scale of the Bank’s business.

6.2.3. The limit system is divided into three complementary levels:

· Business limits;

· Time limits;

· Limits on individual financial instruments.

6.2.4. Carrying out constant monitoring of the current level of risk, identifying cases of deviation of actual values ​​from specified limits and constant monitoring to prevent exceeding limits, as well as organizing measures to reduce the level of risks (hedging).

6.2.5. The system of limits is reviewed by the Bank's Management Board at least once a year, including in terms of the elements that form it.

6.2.6. Changes to specific limits are initiated by managers
the relevant area of ​​the Bank’s activities and/or the head of the Banking Risk Assessment Department (for relevant banking risks). Proposals to change certain limits may also occur on the initiative of the Head of the Internal Control Service and/or the Chairman of the Management Board.

6.3. System of powers in decision making.

The decision-making authority system is designed to ensure the proper functioning of the risk management system, giving it the required flexibility combined with stability at each level of management.

Powers of the Board of Directors of the Bank

· Approval of internal documents of the Bank regulating the basic principles of banking risk management;

· Approval and control of compliance with internal documents on preventing conflicts of interest;

· Approval of the list and level of materiality (intra-bank limits) of banking operations and other transactions subject to consideration by the Board of Directors, in particular for transactions bearing credit risk;

· Ensuring control over the creation and operation of an effective risk management system;

· Periodic review of the size of intra-bank limits for their compliance with changes in the development strategy, the features of new banking services provided by the Bank, and the general state of the financial services market;

· Monitoring the activities of executive bodies over the timeliness of identifying banking risks, the adequacy of determining (estimating) their size, the timeliness of the necessary procedures for managing them (for example, before the start of banking operations new to the Bank, the start of the implementation of new banking services);

· Control over the management of the most significant risks for the Bank.

Powers of the Bank's Board

· Current management of the most significant risks for the Bank;

· Review and approval of internal documents defining the rules and procedures for risk management (regulations, rules, regulations, etc.), with the exception of internal documents, the approval of which is within the competence of the Charter General meeting Participants and Board of Directors of the Bank;

· Distribution of powers and responsibilities for managing banking risks between heads of departments at various levels, establishing a procedure for interaction with the risk management department and providing the necessary reporting;

· Preventing the deterioration of one and/or several parameters affecting the state of risks;

· Preventing a certain area of ​​the Bank’s activity from being exposed to a corresponding excessive risk for a long time;

· Monitoring the adequacy of banking risk management parameters to the current state and development strategy of the Bank;

· Monitoring the compliance of the profitability of a certain area of ​​the Bank’s activity with the level of corresponding risks;

· Termination of activities or limitation of tasks and functions of Bank divisions that have incurred excessive banking risks.

Powers of the Chairman of the Board of the Bank

· Concludes contracts, makes transactions and other legal acts on behalf of the Bank;

· Distributes responsibilities between Bank employees and his deputies, approves job descriptions of Bank employees in accordance with concluded employment agreements (contracts);

· Approves and introduces internal regulations of the Bank, with the exception of those whose approval is within the competence of the Board of Directors and the General Meeting of Members of the Bank;

· Organizes the implementation of decisions of the Bank's management bodies;

· Issues powers of attorney for the right to represent the Bank in relations with third parties.

Powers of the head of the Internal Control Service

· Suspension of execution of the decision (decisions) of the corresponding unit-coordinator of the area of ​​activity as the unit executing the relevant procedures from the set of measures for crisis situations, until a special decision of the collegial body (official) that approved this set of measures, with the exception of decisions of the Board of Directors.

· Monitoring the current level of risks.

Powers of the Heads of the Bank's activities

· Making proposals to change certain limits in the relevant area, including deadlines.

· Determination of the composition of the financial instruments used in a certain area and/or instruments for implementing the relevant policy in a specific area of ​​activity.

6.4. System of parameters for managing banking risks.

To ensure proper management of banking risks and obtain sufficiently objective information about the state and size of risks, a certain system of parameters for managing these risks is built.

Goals and objectives of the functioning of the system of banking risk management parameters.

6.4.1. The main goal of the system of banking risk management parameters is to ensure that appropriate management decisions are made in relation to a certain area of ​​the Bank’s activities to reduce the impact of the corresponding risk on the Bank as a whole.

6.4.2. The main task system of banking risk management parameters is:

· Obtaining prompt and objective information about the status and extent of certain banking risks;

· Forecasting the state of relevant risks for certain periods in the future;

· Preventing certain risks from reaching critical levels for the Bank.

6.4.3. Principles for constructing and operating a system of banking risk management parameters:

· Adequacy to the nature and size of a certain area of ​​the Bank’s activities;

· Making operational changes in case of change external factors;

· Possibility of quantitative assessment of relevant parameters;

· Continuity of monitoring the dimensions of certain parameters;

· Carrying out a specific risk assessment and preparing to take appropriate management decisions by the same specially designated independent structural unit;

· Manufacturability of use;

· Economical;

· Availability of independent information flows on non-financial risks.

For each set of banking risk management parameters, a certain state boundary is built, overcoming which means an increase in the influence of a certain risk on the Bank as a whole and the approach of its critical condition and size for current conditions.

Consistently overcoming these boundaries means the need to use certain procedures, with an increase in the severity and scale of their use in relation to a certain area of ​​activity and/or group of areas.

7.1. The bank creates a system information support risk management process, ensuring the receipt of timely information about inconsistencies or violations in the risk management system.

7.2. The main goals of the information support system for the risk management process are:

· Formation of reliable information about the Bank;

· Formation of a positive image of the Bank, which does not allow violations of current legislation Russian Federation, standards of professional activity, taking excessive risks;

· Formation of adequate information - information sufficient to make an appropriate management decision.

7.3. The main objectives of the information support system for the risk management process are:

· Providing the Bank's management bodies and business managers with a volume of information sufficient to make appropriate management decisions;

· Formation of prompt, reliable and adequate reporting on risks.

7.4. Fundamental Principles information support systems for the risk management process are:

· Inadmissibility of duplication of information on transactions (operations) or other actions affecting the state and size of banking risks, separation into an independent part information system information flows on banking risks of a non-financial nature;

· The presence of responsibility for the quality of the information supplied by the divisions supervising a certain business (type of activity) of the Bank, and control over the collection, analysis and systematization of information about the relevant business (line of activity of the Bank), the inadmissibility of “invasion” of any level of the system into the area of ​​responsibility of another level;

· Reliability and adequacy of transmitted information;

· Continuity of information transfer, regular functioning of the information system;

· Prompt transmission of information on transactions (operations) and other actions affecting the state and size of banking risks.

7.5. Periodicity (frequency) of information flow movement.

7.5.1. The frequency of information flow should not be less than once a financial year. The following frequency is accepted (for normal situations):

· Credit risk - at least once a quarter;

· Market risk - at least once a quarter;

· Risk of loss of liquidity - at least once a quarter;

· Operational risk - at least once a quarter;

· Country risk - at least twice every six months;

· All other risks - at least once a year.

7.5.2. The periodicity (frequency) of the information flow should ensure the adoption of certain management decisions in relation to a specific area of ​​the Bank’s activities and the proper generation of analytical reports on the condition of the Bank as a whole.

9. Control system.

9.1. The presence and effective functioning of the control system as a tool for managing banking risks, hereinafter referred to as the “Risk Control System”, is based on the following principles from among the principles of organizing internal control: comprehensiveness of internal control, control procedures cover all organizational structures and divisions of the Bank, multi-level nature of internal control . The banking risk management control system is one of the elements of the Bank's Internal Control System.

9.2. The risk control system provides the following levels:

First level (lowest).

Heads of activities:

FINANCIAL RISKS:

· Organizing control over compliance by department employees with legislation and internal regulatory documents of the Bank, including monitoring the timely familiarization of division employees with changes in legislation, with new internal regulatory documents of the Bank put into effect, as well as with changes made to existing internal regulatory documents;

· Monitoring the adequacy of the risk management parameters of specific instruments within a particular business to the current state, goals and objectives of this business;

· Monitoring of appropriate ratios reflecting the size of certain risks;

· Prevent the deterioration of the condition and the extent of the associated risk.

NON-FINANCIAL RISKS:

· Monitoring the quantitative value of management parameters for certain banking risks;

· Monitoring the observance by employees of divisions of legislation and internal regulatory documents of the Bank, including control of timely familiarization of division employees with changes in legislation, new internal regulatory documents of the Bank introduced into force, as well as changes made to existing internal regulatory documents that affect the state and size of operational and other non-financial risks;

· Monitoring the implementation of measures to prevent the use of the Bank’s infrastructure for the purposes of money laundering and terrorist financing.

Second level (intermediate).

Banking Risk Assessment Department:

· Monitoring the adequacy of the parameters for managing certain risks (financial risks) to the current state of a particular business and the Bank as a whole;

· Monitoring the status and size of risks;

· Monitoring the implementation of a set of measures for crisis situations in the event of a short-term exposure of the Bank to excessive risks;

· Preventing the Bank from being under the simultaneous short-term impact of several risks;

· Preventing long-term deterioration of one and/or several parameters for managing a certain risk;

· Preventing a disproportionate increase in the amount of risk in relation to changes in the size of the Asset;

· Preventing the functioning of any area of ​​the Bank’s activities that leads to the use of a set of measures for crisis situations;

· Monitoring the adequacy of decision-making boundaries for a normal situation and in the event of a crisis.

Third level (highest).

Board of the Bank:

· Preventing disproportionate development of one business (area of ​​development) of the Bank in relation to other types of business (areas of activity);

· Preventing long-term deterioration of one and/or several control parameters simultaneously for several risks;

· Monitoring the compliance of the status and size of certain risks with the profitability of the Bank's business;

· Preventing the use of the Bank's infrastructure for the purposes of money laundering and terrorist financing;

· Prevention of long-term exposure of a certain type of business (areas of activity) of the Bank to the influence of corresponding excessive risk;

· Preventing long-term imbalance of the Bank's liabilities and assets;

· Monitoring the adequacy of banking risk (financial risk) management parameters to the current state and development strategy of the Bank;

· Monitoring the compliance of the profitability of a particular business with the level of corresponding risks;

· Termination of the activities of Bank divisions (or limitation of their tasks and functions) bearing excessive banking risks.

Exceptional level.

Board of Directors of the Bank:

· Preventing the simultaneous long-term excessive (negative) impact of several risks on the Bank as a whole;

· Preventing a disproportionate increase (simultaneous) in the size of the risk to increase the profitability of the corresponding direction;

· General control functioning of the banking risk management system.

9.3. Decisions made by one of the levels of the risk management control system within the framework of their powers are binding on all entities at lower levels.

9.4. The Bank's Internal Control Service, in accordance with the plan, conducts periodic inspections of the state of the control system and organization of the functioning of a specific area of ​​the Bank's activities, separately for each level.

9.5. Inspections are carried out, as a rule, at least once a year. In the case of using the procedures of a set of measures for crisis situations - at least once a month.

10. A set of measures for crisis situations.

10.1. In order to manage certain banking risks in emergency situations, a set of measures for crisis situations is being developed and implemented.

10.2. Goals and objectives of a set of measures for crisis situations.

10.2.1. The main goal of developing and implementing a set of measures for crisis situations is to prevent a significant deterioration in the condition of a particular type of business (line of activity) of the Bank and/or the corresponding banking risk to reach a critical value for the Bank.

10.2.2. The main task of developing and implementing a set of measures for crisis situations is:

· Time limit on the use of emergency procedures for managing certain banking risks;

· Minimizing the cross-impact of certain risks, including reducing the impact of a specific risk on the Bank as a whole;

· Preventing the occurrence of similar crisis situations in the future;

· Returning a certain type of business (line of activity) and/or corresponding banking risks to a state in which it is possible to manage this business and/or a certain risk using exclusively standard (standard) procedures.

10.3. The main principles for developing and, in particular, implementing a set of measures for crisis situations for all types of banking risks are:

· Impossibility of carrying out any operation (transaction), making certain action, worsening the initial situation;

· Any operation (transaction), action performed within the framework of the approved set of measures must be “no worse” (in terms of the state and size of a certain banking risk) than the previous ones and must be aimed at bringing the business (the Bank as a whole) out of the crisis.

10.4. A set of measures for crisis situations should contain a clear list of procedures for overcoming a crisis situation, detailing the tools and indicating, if possible, the order of their use; the body for current management of the situation is also indicated, and the frequency of monitoring the proper execution of the relevant procedures for this set of measures is mandatory. For certain non-financial risks, special working groups are created to develop and implement a set of measures for crisis situations.

10.5. In the process of using the procedures for a set of measures for crisis situations, all powers of officials and collegial bodies of the Bank whose status is lower than the body that approved the corresponding set of measures are suspended until a special decision of this body or a higher one in relation to it.

10.6. A higher collegial body (official) in relation to the body (official) that approved the set of measures for crisis situations may make a decision that contradicts the approved set of measures and/or a specific procedure from it. In this case, the consequences of such a decision are subject to immediate additional control.

10.7. Monitoring the implementation of a set of measures for crisis situations.

10.7.1. In emergency situations, the internal control service checks the implementation of a set of measures for crisis situations and/or the execution of certain procedures included in it. The frequency of this control must be indicated directly in the set of measures as one of the procedures.

10.7.2. The results of inspections are sent to the collegial body or official who approved the corresponding set of measures.

10.8. Using stress testing.

10.8.1. The main objectives of using stress testing are: determining a set of measures to compensate for possible critically large losses of the Bank in an extreme situation and developing necessary measures to reduce certain risks and/or reduce the negative impact of these risks.

10.8.2. The basic principles of using stress testing tools are: regular use, consideration of all possible scenarios that could have a critical impact on the Bank’s condition.

10.8.3. Based on the results of stress testing, a complex is developed
measures to reduce certain banking risks.

10.8.4. The results of stress testing are communicated to the Bank's Management Board at least
once every six months.

10.8.7. The functions of conducting comprehensive stress testing are assigned to the Banking Risk Assessment Department.

11. Disclosure of risk management information.

11.1. The main objectives of risk management information disclosure are:

· Ensuring the formation of public opinion about CB “INVESTMENT UNION” (LLC), which has an effectively functioning system for managing all banking risks and actually manages these risks, preventing the taking of excessive risks;

11.2. The fundamental principles of risk management disclosure are:

· maximum honesty and openness of the Bank in highlighting the status and extent of banking risks, as well as the system for managing these risks;

· consistency and continuity in the development and implementation of the risk management information disclosure system;

· taking into account the specifics of each area of ​​the Bank's activities.

11.3. The main means of achieving the objectives of the risk management information disclosure system are:

· informing Clients about the conditions for providing loans (types of loans, loan terms, base interest rates, etc.), attracting deposits (types of deposits, terms, base interest rates, etc.), attracting deposits legal entities, raising funds for bill transactions, etc.;

· availability of the opportunity to timely inform the public about decisions made by the Bank in the field of risk management, about the status and extent of risks;

· constant contact with partners and clients who form a significant part of the Bank’s operations (transactions).

11.4. The Banking Risk Assessment Department draws up a “Summary Report on the Risk Level” at least once a quarter, sends it for approval to the Chairman of the Management Board and brings the results of the report to the attention of the members of the Board of Directors of the Bank.

11.5. The Bank communicates risk management information to participants, creditors, depositors and other clients, external auditors and other interested parties in the prescribed manner, including as part of the annual report, while ensuring that the level of detail of the disclosed information corresponds to the nature and scale of its activities.

Since January 2018, microfinance companies (hereinafter referred to as MFCs) are required to create a risk management system in accordance with the requirements of the basic standard for risk management of microfinance organizations approved by the Bank of Russia on July 27, 2017. Specialists from U-Piter Consulting have compiled a practical guide for microfinance companies and document templates for meeting the requirements of the basic standard:

A. Basic documents on risk management of a microfinance company:

1. Risk Management Regulations.
2. Order on approval of the risk management regulations.
3. Regulations on credit risk.
4. Liquidity Risk Statement
5. Regulations on operational risk, with an attached form for reporting the implementation of operational risk and a database of operational risk events.
6. Legal risk provision.
7. Regulations on the risk of loss of reputation (reputational risk).
8. Regulations on regulatory risk.

B. Register and risk map of a microfinance company:

1. Risk register.
2. Risk map.
3. Credit risk passport (filling example).
4. Operational risk passport (filling example).
5. Risk of Loss Passport business reputation(filling example).
6. Strategic risk passport (filling example).
7. Market risk passport (filling example).
8. Legal risk passport (filling example).
9. Liquidity risk passport (filling example).
10. Interest risk passport (filling example).
11. Regulatory risk passport (filling example).

Each passport discloses external and internal sources of risk (risk factors), the consequences of each risk (scenarios for the development of events) and an assessment of their impact on microfinance activities.

B. Training of microfinance company employees under the risk management program:

1. Risk management training program for microfinance company employees.
2. Annual plan for the implementation of a training program for microfinance company employees in risk management methods and tools
3. Order approving the list of employees required to undergo risk management training.
4. Certificate of completion of risk management training by an employee of a microfinance company.
5. Attestation sheet on the results of testing the knowledge of microfinance company employees on risk management.
6. Tests to test the knowledge of microfinance company employees in the field of risk management
7. Annual plan for testing the knowledge of microfinance company employees in the field of risk management (risk management methods and tools).
8. Educational and methodological material on risk management for employees of a microfinance company.

D. Additional documents

1. Order on the appointment of a risk manager for a microfinance company.
2. Regulations on the risk management division.
3. Job description of the head of the risk management department.
4. Job description of a specialist in the risk management department.

D. Internal reporting of the risk manager on the risk management system.

1. Regulations on the internal reporting system for risk management of a microfinance company.
2. Plan for conducting risk management system audits for the calendar year.
3. Risk manager's report on risk management for the calendar year.

E. Additional documents on risk management:

1. Additional agreement to employment contract with employees of a microfinance company.
2. Changes and additions to the job descriptions of microfinance company employees.
3. Changes and additions to the regulations of the structural divisions of a microfinance company.

Price practical guide 34500 rub.

Would you like to purchase individual documents from the practical guide? Follow the link. Select the document you need and pay in one click. Documents are provided on the day of payment to the email you provide.

Sample regulations on the risk management department of a microfinance company

Sample statement on credit risk of a microfinance company

All documents have been prepared taking into account the specifics of microfinance activities and are not standard templates downloaded from the Internet or from legal reference systems. The documents were developed by our specialists who have many years of experience in legal support of microfinance organizations. Each document is compiled:

1. taking into account legal status a microfinance company with a principal amount outstanding on issued microloans and other loans of less than one billion rubles as of December 31 of the previous year, which implies the appointment of a single risk manager and the absence of a risk management unit;
2. The listed documents were developed for a microfinance company that has created a risk management division with at least two employees.
3. based on the requirements of the Bank of Russia and self-regulatory organizations in the field of microfinance activities;
4. based on Russian and foreign risk management standards:

• Basic standard for risk management of microfinance organizations (approved by the Bank of Russia (Minutes No. KFNP-26 dated July 27, 2017)) (approved by the Committee on Standards of Microfinance Organizations at the Bank of Russia (Minutes No. 3 dated July 19, 2017));
• International standard financial statements(IFRS) 9 "Financial Instruments";
• A Guide to the Project Management Body of Knowledge (PMBoK);
• National standard of the Russian Federation GOST R 51897-2011/ISO Guide 73:2009 "Risk management. Terms and definitions" (approved by order Federal agency on technical regulation and metrology dated November 16, 2011 N 548-st);
• National standard of the Russian Federation GOST R MSO 31000-2010 "Risk management. Principles and guidance" (approved by order of the Federal Agency for Technical Regulation and Metrology dated December 21, 2010 N 883-st);
• National standard of the Russian Federation GOST R ISO/IEC 31010-2011 "Risk management. Risk assessment methods" (approved by order of the Federal Agency for Technical Regulation and Metrology dated December 1, 2011 N 680-st);
• National standard of the Russian Federation GOST R 51901.21-2012 "Risk management. Risk register. General provisions" (approved by order of the Federal Agency for Technical Regulation and Metrology dated November 29, 2012 N 1285-st);
• National standard of the Russian Federation GOST R 51901.22-2012 "Risk management. Risk register. Construction rules" (approved by order of the Federal Agency for Technical Regulation and Metrology dated November 29, 2012 N 1285-st)";
• National standard of the Russian Federation GOST R 51901.23-2012 "Risk management. Risk register. Guidelines for assessing the risk of hazardous events for inclusion in the risk register" (approved by order of the Federal Agency for Technical Regulation and Metrology dated November 29, 2012 N 1285-st)" .

Regulations on the risk management service

1. General Provisions

1.1 Scope of application

1.1.1 This document is the main regulatory document establishing the goals, objectives, functions, rights and responsibilities of the Risk Management Service of XXX LLC, regulating the organization of its activities, the procedure for business interaction with other structural divisions and officials of XXX LLC and external companies.

1.1.2 The Risk Management Service is a structural unit within the Development and Risk Management Department, directly reporting to the Deputy General Director for Development and Risk Management of XXX LLC, which performs the Company's risk management functions in the Company.

1.1.3 In its activities, the Risk Management Service is guided by:

Legislation of the Russian Federation,

Charter of LLC "XXX",

Regulations on the personnel nomenclature of XXX LLC (P. HR-445.04 dated June 22, 2004),

By these Regulations.

1.1.4 These Regulations are a document of direct effect and are binding from the date of its approval.

1.1.5 Changes to the Regulations are approved by the General Director of XXX LLC.

In these Regulations we use Normative references for the following documents:

1. Regulations on strategic planning of XXX LLC (P-509 dated 04/21/07);

2. Regulations on planning the activities of departments (P-283 dated 06/05/01);

3. Regulations on reports to XXX LLC (P-250 dated 09/08/00);

4. Principles of managing the “Distribution” segment;

5. Regulations on the involvement of external consultants to provide consulting and information services (P. DS-517.07 dated January 10, 2007).

1.3 Terms, definitions and abbreviations

The following terms, definitions and abbreviations are used in these Regulations:

XXX – LLC "XXX";

ZGDRUR – Deputy General Director for Development and Risk Management;

UVK – Internal Control Department;

RMS – Risk Management Service;

GP – Headquarters

SDCs – Subsidiaries and dependent companies

DRU – Regional Director

DD - Deputy General Director

2 Creation and liquidation

2.1 The RMS is created and liquidated based on the order of the General Director of XXX LLC.

2.2 Organizational structure The RMS is coordinated with the Deputy General Director of the Russian Federation, the First Deputy General Director, the Deputy General Director for Personnel and is approved by order of the General Director of XXX LLC. Proposals to change the organizational structure are made by the Head of the RMS or ZGDRUR.

2.3 The staffing table of the RMS is coordinated with the State Department of State Development and Management of the Russian Federation, the State Revenue Office for Personnel of XXX LLC and is approved by order of the General Director of XXX LLC. Proposals to change the staffing table are made by the Head of the RMS or ZGDRUR.

2.4 The number and name of divisions included in the RMS, the number of employees working in them may change depending on the organizational, functional and structural changes of the Company, changes in the specifics of its activities. Changes to the Goals and Organizational and functional structure of the RMS are coordinated with the State Budgetary Inspectorate of the Russian Federation, the State Register of Personnel and are approved by order of the General Director of XXX LLC. Proposals are made by the Head of the RMS.

3 Organizational structure

3.1 The organizational structure of the RMS is built on a linear principle.

3.2 The organizational and functional structure of the department’s RMS is given in Appendix A “Organizational and functional structure of the Risk Management Service”.

3.3 The activities of structural divisions within the RMS are regulated by the relevant Regulations: Regulations “On the Risk Management Service of XXX LLC”, other regulatory documents.

3.4 The RMS is headed by the Head of the Service, whose activities are regulated by the “Regulations on the Head of the Risk Management Service of LLC XXX”.

3.5 Risk managers are directly subordinate to the Head of the RMS.

3.6 The procedure for appointment to a position and dismissal from a position, the distribution of responsibilities within the RMS is determined by the job descriptions of the department’s employees, approved by the State Duma for Personnel of XXX LLC.

4.1 The main goal of the RMS is to organize measures to prevent or minimize the company’s losses and build an effective risk management system.

4.2 The sub-goals of the RMS are:

4.2.1 Improving risk management assessment methodologies;

4.2.2 Identification, assessment and treatment of risks;

4.2.3 Monitoring the adequacy and effectiveness of applied risk treatment methods (policies);

4.2.4 Monitoring compliance with decisions made to manage key risks.

5 Functions

5.1 Carrying out targeted work to identify threats of losses and determine the sources of risks within the framework of aggregated risks assigned to the risk manager (analysis of reporting, organization of audits and control checks, analysis of management decisions, analysis of the causes of deviations, etc.).

5.2 Regular risk assessment, assessment of the quality and effectiveness of the current risk management system.

5.3 Creation and maintenance of up-to-date Risk Maps for each of the aggregated risks. Formation of priority tasks (key success factors) to achieve risk management goals.

5.4 Development of a methodology for managing each of the aggregated risks (concepts, risk management policies, risk specifications, etc.), organizing approval of the developed methodology, developing and maintaining up-to-date goals in the field of risk management.

5.5 Direct organization of all necessary activities to achieve risk management goals in the area of ​​responsibility, including:

5.5.1 planning activities to build a management system for assigned risks and achieve established risk management goals;

5.5.2 development, coordination and organization of setting goals for detailed risks that are in the area of ​​responsibility of line managers, managers and risk owners;

5.5.3 organizing the launch of the necessary organizational and managerial forms of work to achieve risk management goals in the area of ​​responsibility (committees, ad hoc groups, meetings, etc.), active participation in their work;

5.5.4 organizing interaction and initiating the necessary control actions to solve the problems of managing assigned risks with Managers and Owners of detailed risks, with managers and officials of the company at all levels of management;

5.5.5 other necessary measures.

5.6 Monitoring the achievement of goals to keep assigned risks within specified limits.

5.7 Preparation of reports at established intervals on the effectiveness of risk management in the area of ​​one’s responsibility for the Head of the Risk Management Service and the Enterprise Management.

5.8 Maintaining an archive of data on realized, emerging and potential risks in the area of ​​their responsibility.

6 Interactions

6.1 Interaction with structural divisions of XXX LLC

6.1.1 Interaction is based on the principles enshrined in documents regulating relationships with functional units on all issues of activity.

6.1.2 Interaction is carried out with all divisions of XXX within the framework of risk management of XXX activities.

6.2 Interaction with companies in the Distribution segment

6.2.1 Interaction is based on the principles of managing the “Distribution” segment, enshrined in the following documents:

6.2.1.1 Principles of management of the “Distribution” segment (project);

6.2.1.2 Interaction with companies in the Distribution segment within the framework of information exchange in order to effectively support the operational activities of ESD.

6.3 Interaction with structural divisions of LLC XXX

6.3.1 Interaction is based on the principles enshrined in the following documents:

6.3.1.1 “Initial principles of information interaction between LLC XXX and CJSC Firm LLC XXX dated October 29, 2003, No. PRN-01/01;

6.3.1.2 Interaction with structural divisions of LLC XXX within the framework of information exchange in order to effectively support the operational activities of ESD.

6.4 Interaction with external companies

6.4.1 Interaction is based on the principles enshrined in the following documents:

6.4.1.1 “Concept of work of XXX LLC with the external environment in the regions” dated August 27, 2001 No. K-5;

6.4.1.2 “Procedure for information exchange with counterparties” dated July 24, 2002 No. PR-502;

6.4.1.3 “Procedure for participation of company employees in external audits” dated April 17, 2003 No. PR-606;

6.4.1.4 “Procedure for handling personal requests from employees of XXX LLC and external contractors” dated December 31, 2003 No. PR-636.

6.4.2 Interaction with external companies on obtaining information, documentation and consulting services in order to effectively support the operational activities of ERM.

6.4.3 When performing tasks and functions related to matters of the following nature:

1. Strategic issues.

2. Methodological issues;

3. Issues of an inter-company nature (i.e. affecting the interests of different companies of the group);

4. Significant questions regarding the amount;

5. Issues of long-term impact on the company’s activities;

6. Issues that the department’s employees encounter for the first time in their practice;

7. Other issues that the department’s employees cannot resolve due to a lack of working and time resources, or these issues cannot be effectively resolved by the RMS, the Head of the RMS has the right to initiate before the General Director of XXX LLC the involvement of specialists - external consultants for consultations on the data issues, in accordance with the Regulations of XXX LLC “On attracting external consultants to provide consulting and information services.”

The competence of the Head of the RMS includes making management decisions based on recommendations presented by external consultants, as well as introducing them into the practice of the unit.

7 Planning the activities of the Division

7.1 Planning of the activities of the RMS is carried out on the basis of the “Regulations on the strategic planning of LLC XXX” (P-509 dated 04/21/07), “Regulations on planning the activities of departments” (P-283 dated 06/05/01), and the Action Plan to achieve the strategic goals of the company for the year, monthly operational plans and budgets, Orders and Directives of the General Director of XXX LLC.

7.2 The strategic goals of the RMS for the year are established by the Head of the RMS, agreed upon with the State Department of Regional Development and Management, the First Deputy General Director and approved General Director LLC "XXX";

8 Reporting on the work of the Division

8.1 RMS reporting is carried out in accordance with the “Regulations on reports in LLC XXX” (P-250 dated 09/08/00).

8.2 Based on the results of the implementation of the Strategic Plan for the year, the Head of the RMS presents the First Deputy General Director and the General Director of XXX LLC with an Annual Report on the activities of the RMS and the achievement of strategic goals.

8.3 Based on the results of the implementation of the operational (monthly) work plan of the RMS, the Head of the RMS provides a report to the Deputy General Director for Development and Risk Management.

8.4 Reporting and analytical materials of the RMS may be provided to other divisions and employees of the Company in agreement with the Head of the RMS, the Deputy General Director for Development and Risk Management or the General Director of XXX LLC.

9 Key performance indicators

9.1 The indicators given in Appendix B “Key performance indicators of the Risk Management Service” are accepted as key performance indicators of the RMS, on the basis of which the results of its activities are assessed.

9.2 Absolute and relative values ​​of key performance indicators are planned for the RMS within the framework strategic planning for the year ahead and are recorded in the Company’s strategic plans. The actual values ​​of indicators are recorded as part of reports on the execution of strategic plans.

10 Rights and powers

The RMS is endowed with all the rights and powers necessary to perform its functions. The rights and powers of the RMS are exercised by the Head of the RMS:

1. Submits proposals for improving the activities of the Company and its structural divisions for consideration by the General Director and the Management Board of XXX LLC.

2. Participates in the preparation of long-term development plans for the Company and drawing up the budget.

3. Gets acquainted with draft decisions of the Company’s management regarding the activities of the RMS, as well as an assessment of the effectiveness of the RMS.

4. Receives from the management of XXX LLC information regarding the activities of the RMS, and any other information necessary for the full operation of the RMS.

5. Spends Money Companies within the budget of the Federal District LLC "XXX"

6. Involves consultants, individuals and legal entities, to work within the approved budget, with the conclusion of appropriate agreements.

7. Refers to the structural divisions of XXX LLC guidelines, gives instructions and expert advice in matters falling within the competence of the ESD.

8. Gives opinions, within its competence, on draft regulatory documents submitted for approval.

9. Sends documents prepared in violation of existing requirements to the structural divisions of XXX LLC for revision.

10. Requests and receives from the structural divisions of XXX LLC the necessary information to the extent necessary to solve the problems of the RMS.

11. Controls the activities of the department.

12. Submits proposals for consideration by the General Director and the Management Board on encouraging distinguished employees and applying, in the prescribed manner, disciplinary measures provided for by law and internal regulations against employees guilty of violations of the law, the Rules internal regulations and other regulatory documents of the Company.

13. Endorses all documents related to the activities of the Company regarding the activities of the department.

11 Responsibility

11.1 The Head of the RMS is responsible to the General Director of CJSC Firm "LLC "XXX"" for achieving the set goals and implementing the Strategic Development Plan in terms of risk management of the Company in accordance with Labor Code and legislation of the Russian Federation.

11.2 The head of the RMS is responsible for risks arising in the area of ​​competence of the RMS.

1. General Provisions

1.2. The department is created and liquidated by [name of the supreme body of the Bank] in agreement with the head of the Bank.

1.3. The department is administratively subordinate to the head of the Bank's Internal Control Service.

1.4. The activities of the Department are managed by the head of the department, appointed to the position by order of the head of the Bank.

1.5. Decisions made by the Credit Committee and the Liability and Asset Management Committee of the Bank are binding on the head of the Department.

1.6. In its activities the Department is guided by legislative acts Russian Federation, regulations The Central Bank of the Russian Federation, this Regulation, decisions of the Credit Committee, the Liability and Asset Management Committee, the Investment Committee and other local regulations.

2. Goals and objectives of the Department

2.1. The main goal of the Department is to maximize the value of investments by effective management risks banking within the established [name of the Bank's supreme body] limits and ensuring an appropriate level of reliability corresponding to the nature and scale of the Bank's operations.

2.2. The tasks of the Department include:

2.2.1. timely identification and assessment of market risks, credit risks, counterparty risks and liquidity risks for all types of Bank operations, optimal allocation of resources between all types of active Bank operations and their effective use;

2.2.2. preparation of proposals for establishing and changing credit and market limits, limits on counterparties;

2.2.3. establish and change, in consultation with the Credit Committee and the Asset and Liability Management Committee, credit and market limits, taking into account risk exposure factors.

2.2.4. monitoring compliance with limits approved by the Credit Committee and the asset and liability management committee.

2.2.5. providing the Bank's management and heads of departments with reports on current open positions and the amount of risk, reports on the status of limits and their violation;

2.2.6. identifying and bringing to the attention of management cases of exceeding limits;

2.2.7. coordinating the introduction of new financial instruments and ensuring the efficiency of their development process;

2.2.8. establishing and maintaining information flows within the Bank on issues related to the scope of the Department’s activities.

3. Department structure

3.1. The Department includes:

Counterparty Risk Management Group (hereinafter referred to as Group B);

3.2. The groups are headed by leading specialists who directly manage all activities of the respective groups.

3.3. Leading specialists report directly to the Head of the Department.

3.4. Leading specialists of the Department organize the work and ensure constant monitoring of the implementation of the tasks and functions assigned to the relevant groups, and bear personal responsibility for the activities of the groups subordinate to them.

3.5. Group A includes:

Leading specialist of the Market Risk Management Group;

Analyst of the Market Risk Management Group;

Specialist of the Market Risk Management Group;

- [enter as required];

- [enter as required];

- [fill in what you need].

3.6. Group B includes:

Leading specialist of the Counterparty Risk Management Group;

Analyst of the Counterparty Risk Management Group;

Specialist of the Counterparty Risk Management Group;

- [enter as required];

- [enter as required];

- [fill in what you need].

3.7. Group B includes:

Leading specialist of the Credit Risk Management Group;

Analyst of the Credit Risk Management Group;

Specialist of the Credit Risk Management Group;

- [enter as required];

- [enter as required];

- [fill in what you need].

4. Functions of Department groups

4.1. Functions of Group A:

4.1.1. timely identification and assessment of market risks for all types of active operations that arise both during operations and when the value of trading positions changes due to changes in the situation on the financial and stock markets;

4.1.2. recalculation and monitoring of changes in market risk parameters (securities quotes, interest rates, exchange rates, stock indices and other parameters). Comparison of calculated parameters with actual results;

4.1.3. modeling and assessing the impact of changes in market risk parameters on the structure of the Bank’s balance sheet to control and manage critical situations that may have undesirable consequences for the Bank. Carrying out, together with the Bank's divisions, an assessment of the Bank's ability to compensate for the impact of such critical situations;

4.1.4. providing assistance to Bank divisions on issues of optimal allocation of resources, taking into account risk exposure;

4.1.5. assessment and monitoring of the profitability of active operations, taking into account exposure to market risks. Independent assessment transactions for deviation of the purchase/sale price from the market price at the time of conclusion of transactions;

4.1.6. monitoring compliance with limits on market risk factors. Identify and bring to the attention of the Assets and Liabilities Management Committee, as well as the heads of relevant departments, all cases of exceeding limits;

4.1.7. providing operational information about the status of limits and the amount of risk;

4.1.8. review methodologies and models used to measure market risk parameters and risk exposure at least once a year. To develop and implement new methodologies and models for assessing market risks;

4.2. Functions of Group B:

4.2.1. assessment and monitoring of the creditworthiness of counterparties, clients and issuers of fixed income securities with banking licenses;

4.2.2. monitoring the timely fulfillment by counterparties (clients) of their obligations under transactions with the Bank;

4.2.3. interaction with counterparties (clients) to open and (or) increase limits;

4.2.4. providing operational information to departments about the status of limits on counterparties (clients) and the magnitude of risks;

4.2.5. monitoring compliance with limits on counterparties (clients). Identify and bring to the attention of the Credit Committee, as well as the heads of relevant departments, all cases of exceeding limits;

4.2.6. carry out modeling of the inability of counterparties (clients) to fulfill obligations towards the Bank in order to control and manage critical situations that may have undesirable consequences;

4.2.7. at least once a year, review the methodologies and models used to assess the creditworthiness of counterparties (clients). To develop and implement new methodologies and models for assessing the creditworthiness of counterparties (clients).

4.3. Group B functions:

4.3.1. timely identification and assessment of risks when performing operations related to commercial lending (providing loans, guarantees, opening letters of credit, prolongation of loan agreements), factoring, corporate financing and direct investment projects;

4.3.2. conducting an independent analysis of the creditworthiness of borrowers;

4.3.3. development, together with the Bank’s divisions, of ways to minimize risks when performing operations related to commercial lending and factoring;

4.3.4. analysis of the activities of insurance organizations in order to develop recommendations for insuring collateral and property of the Bank;

4.3.5. assessing and monitoring the creditworthiness of issuers of fixed income securities that do not have banking licenses;

4.3.6. development and improvement, together with the Bank’s divisions, of assessment methodologies and methods for minimizing the Bank’s risks when carrying out operations related to commercial lending and factoring;

4.3.7. monitoring compliance with credit limits. Identify and bring to the attention of the Credit Committee, as well as the heads of relevant departments, all cases of exceeding limits;

4.3.8. providing operational information to departments about the status of credit limits and the magnitude of risks.

5. Powers of the Department

5.1. The department has all the rights within the framework of current legislation and documents regulating the activities of the Bank.

5.2. The department has the right, taking into account risk exposure factors, to set and change, in agreement with the Credit Committee and the Asset and Liability Management Committee, credit and market limits corresponding to the maximum risk limits established by [name of the Bank's supreme body].

5.3. The department has the right to give instructions to the relevant divisions of the Bank to bring positions into compliance with established limits if they are exceeded.

5.4. The Department has the right to issue temporary orders (pending a decision by the relevant Committee) to prevent actions that could result in the Bank taking on excessive risks.

5.5. The department has the right to promptly change the values ​​of limits on counterparties and market limits downward for transactions on the money and stock markets in the event of unfavorable circumstances with mandatory subsequent notification of the Credit Committee and the Asset and Liability Management Committee, respectively.

5.6. To carry out its tasks and functions, the Department has the right to use the necessary for work computer programs and databases, archival documents, special periodicals.

5.7. The department has the right to receive from the Bank's divisions documents and information necessary to resolve issues within the competence of the department.

5.8. The department has the right to interact with counterparties (clients) to open and (or) increase limits.

6. Responsibility

6.1. The Head of the Department is responsible for the overall management and organization of the work of the Department to perform functions related to the timely identification, assessment and management of the Bank’s risks when performing various operations, including in all branches and other divisions of the Bank.

6.2. The Head of the Department is responsible for developing and implementing the department's policies.

6.3. The Head of the Department is responsible for exercising full control over the effectiveness of risk assessment and management, including in all branches and structural divisions of the Bank.

6.4. The Head of the Department is responsible for interaction with the structural divisions of the Bank to ensure the functioning of the Department.

6.5. The Head of the Department is responsible for the development, implementation and improvement of risk assessment methodologies and models.

6.6. The Head of the Department is responsible for the development and development of the limit system, as well as the control system for the established limits.

6.7. The Head of the Department is responsible for preparing proposals for establishing and changing credit and market limits for counterparties.

6.8. The Head of the Department is responsible for monitoring compliance with the limits established by the Credit Committee and the Asset and Liability Management Committee.

6.9. The Head of the Department is responsible for timely provision of reports to the Bank's management and department heads on the status of limits and their violation.

6.10. The Head of the Department is responsible for failure to fulfill or improper performance of his duties assigned to him job description, on instructions from the Head of the Service Internal Control, decisions of the Credit Committee, the Asset and Liability Management Committee, the Investment Committee and other organizational and administrative documents of the Bank in accordance with the current legislation of the Russian Federation.

6.11. Employees of the Department are obliged to prevent the disclosure of information constituting a commercial secret of the Bank, including maintaining secrecy regarding transactions, accounts and deposits of Bank clients, except for cases stipulated by the legislation of the Russian Federation.

7. Communications

7.1. The department provides [name of the Bank's supreme body] information on the amount of risk for the Bank's active operations, on all cases of exceeding limits and the persons who authorized them, on all identified cases of violations by employees of internal regulations, orders, and regulations.

7.2. The department provides the Credit Committee and the Asset and Liability Management Committee with information on exposure to credit and market risk factors, respectively, the size of the corresponding limits, current open positions, and exceeding limits.

7.3. The department provides the Bank's divisions with information on current open positions and the size of the corresponding limits.

7.4. Employees of the Bank's divisions must provide assistance to Department employees in the performance of their functions.

7.5. Bank employees are required to comply with the requirements regarding established credit and market risk limits.

7.6. Bank employees are required to stop carrying out operations (transactions) if the Department issues temporary orders until the relevant Committee makes a decision to prevent actions that may result in taking on excessive risks.

home » How to earn » Regulations on the risk management service. Regulations on risk management in CB "Investment Union" (LLC). Supervision and control requirements