Risky Business
Red flags. Information security. BSA. Third party due diligence. What do all these things have in common? They all involve measuring risk. Each one of the regulatory arenas involves a risk-based approach to compliance.Â
With all this attention on risk, I thought I'd share with you a good "risk" resource. It is chapter one of NCUA's Examiner's Guide, titled "Risk Focused Program." While the chapter is written for examiners, I think you'll find it to be useful. You can access it here. And talk about timely...you can read what FDIC Chairman Sheila Bair has to say about risk management here. This comes from a speech given just last week.
In NCUA's words:
Credit unions should have in place a risk management program that
includes a strategic plan with implementing policies, procedures, and
internal controls necessary to manage the risks inherent in their
operations. Successful risk management programs rely on credit union
management to employ sufficient staff and have available necessary
resources to identify, measure, monitor, and control existing and
potential risks.
For those working on risk assessments, the chapter is a must read.