Article 435 Disclosure of Risk Management Objectives and Policies

1.

Institutions shall disclose their risk management objectives and policies for each separate category of risk, including the risks referred to in this Title. These disclosures shall include:

  1. (a) the strategies and processes to manage those categories of risks;
  2. (b) the structure and organisation of the relevant risk management function including information on the basis of its authority, its powers and accountability in accordance with the institution's incorporation and governing documents;
  3. (c) the scope and nature of risk reporting and measurement systems;
  4. (d) the policies for hedging and mitigating risk, and the strategies and processes for monitoring the continuing effectiveness of hedges and mitigants;
  5. (e) a declaration approved by the management body on the adequacy of risk management arrangements of the institution providing assurance that the risk management systems put in place are adequate with regard to the institution's profile and strategy;
  6. (f) a concise risk statement approved by the management body succinctly describing the relevant institution's overall risk profile associated with the business strategy; that statement shall include:
    1. (i) key ratios and figures providing external stakeholders with a comprehensive view of the institution's management of risk, including how the risk profile of the institution interacts with the risk tolerance set by the management body;
    2. (ii) information on intragroup transactions and transactions with related parties that may have a material impact of the risk profile of the consolidated group.

2.

Institutions shall disclose the following information regarding governance arrangements:

  1. (a) the number of directorships held by members of the management body;
  2. (b) the recruitment policy for the selection of members of the management body and their actual knowledge, skills and expertise;
  3. (c) the policy on diversity with regard to selection of members of the management body, its objectives and any relevant targets set out in that policy, and the extent to which those objectives and targets have been achieved;
  4. (d) whether or not the institution has set up a separate risk committee and the number of times the risk committee has met;
  5. (e) the description of the information flow on risk to the management body.

[Note: This rule corresponds to Article 435 of the CRR as it applied immediately before revocation by the Treasury]