Module: | MODULE B: RISK MANAGEMENT
Q409: Consider the following statements regarding the governance structure of Operational Risk Management:
1. The Board of Directors holds the ultimate responsibility for setting the overall operational risk appetite and approving the risk management framework.
2. The Risk Management Committee (RMC) is an executive-level body primarily tasked with implementing the strategic direction set by the Board.
3. The Board of Directors is directly responsible for the daily monitoring of Key Risk Indicators (KRIs) and resolving day-to-day operational breaches.
Which of the statements given above is/are correct?
2. The Risk Management Committee (RMC) is an executive-level body primarily tasked with implementing the strategic direction set by the Board.
3. The Board of Directors is directly responsible for the daily monitoring of Key Risk Indicators (KRIs) and resolving day-to-day operational breaches.
Which of the statements given above is/are correct?
✅ Correct Answer: A
The correct answer is A. Statement 1 is correct: In corporate governance for banks, the Board of Directors (BoD) bears the ultimate responsibility.
They dictate the strategic direction, set the acceptable risk appetite, and formally approve the overarching operational risk management framework.
Statement 2 is correct: The Risk Management Committee (RMC) or Operational Risk Management Committee (ORMC) functions at the executive management level.
Its primary mandate is to translate the BoD's strategic vision into practical execution, ensuring that policies are implemented across all business lines.
Statement 3 is incorrect: The Board of Directors operates at a macro-strategic level and does not engage in micro-management.
Daily monitoring of Key Risk Indicators (KRIs) and the resolution of day-to-day operational breaches are the responsibilities of the business line managers (First Line) and the ORMD (Second Line).
Therefore:
Option A is correct as both Statement 1 and 2 are true.
Option B is incorrect because Statement 3 is false.
Option C is incorrect because Statement 3 is false.
Option D is incorrect because Statement 3 is false.
They dictate the strategic direction, set the acceptable risk appetite, and formally approve the overarching operational risk management framework.
Statement 2 is correct: The Risk Management Committee (RMC) or Operational Risk Management Committee (ORMC) functions at the executive management level.
Its primary mandate is to translate the BoD's strategic vision into practical execution, ensuring that policies are implemented across all business lines.
Statement 3 is incorrect: The Board of Directors operates at a macro-strategic level and does not engage in micro-management.
Daily monitoring of Key Risk Indicators (KRIs) and the resolution of day-to-day operational breaches are the responsibilities of the business line managers (First Line) and the ORMD (Second Line).
Therefore:
Option A is correct as both Statement 1 and 2 are true.
Option B is incorrect because Statement 3 is false.
Option C is incorrect because Statement 3 is false.
Option D is incorrect because Statement 3 is false.