Risk Management Consulting Services

Risk Management Consulting Services

The Risk Management function is crucial for all business entities, whether it is implemented voluntarily or mandatorily. To undertake this function, an organizational unit should be set up to be in charge of implementing this function. Further, specialized jobs should be created to perform the tasks of the function, including the development of risk management strategy, risk management framework that covers risk identification, risk analysis, risk measurement, risk mitigation, reporting and monitoring, collectively referred to as Risk Profile.

Given the critical role of risk management function, the regulators, e.g., Capital Markets Authority (CMA), Insurance Regulatory Unit (IRU) and Central Bank of Kuwait (CBK), stressed the requirement to set up an organizational unit for risk management and form a risk management committee to monitor the risk management activities and present the reports and findings to the Board of Directors.

In this regard, the regulators, i.e., Central Bank of Kuwait, Capital Markets Authority and Insurance Regulatory Unit, issued instructions related to risk management function.

What is the mandate for establishing and activating the risk management function as per the CBK’s instructions?

The CBK’s instructions issued on 10 September 2019 regarding the governance rules within the banks operating in Kuwait mandate establishing and activating the risk management function.

What is the mandate for establishing and activating the risk management function as per the CMA’s regulations?

The CMA’s Executive Bylaws of Law No. 7 of 2010 regarding the Establishment of the Capital Markets Authority, Module Six “Policies and Procedures of Licensed Person”, Chapter Four, mandate establishing and activating the risk management function.

Is the Risk Management Officer a registered job with the CMA?

Yes, it is a registered job with the CMA in accordance with the Executive Bylaws of Law No. 7 of 2010 regarding the Establishment of the Capital Markets Authority, Module Five “Securities Activities and Registered Persons”, Article 3-2-2.

What are the tasks and duties assigned to Risk Management Unit as per the CMA’s Executive Bylaws?

Pursuant to the provisions of Article 6-3 of Chapter 6, Module 15 “Corporate Governance” of the CMA’s Executive Bylaws detailing the Risk Management functions including measurement, monitoring and mitigation of all types of risks encountering the Company, the risk management activity will be performed as follows:

  1. Establishing effective systems and procedures of risk management, so that the company can perform its key functions, i.e., measuring and monitoring all types of risks to which the Company is exposed, provided that such process shall be conducted on ongoing basis and reviewed periodically, and such systems and procedures shall be amended when necessary.
  2. Developing periodical reporting mechanisms, as they are considered a crucial tool in the process of risks monitoring and mitigation.
  3. Reviewing transactions to be made by the Company with the related parties and make proper recommendations in this regard to the Board of Directors.

Does the CMA allow licensed companies to outsource the Risk Management Officer?

Yes, the Capital Markets Authority allows this as the Executive Bylaws of Law No. 7 of 2010 regarding the Establishment of the Capital Markets Authority and the Regulating Securities Activities in Module Five “Securities Activities and Registered Persons”, Chapter 3, Article 3-2-8 sets forth the following:

A licensed person may engage an external firm to perform the tasks of the registered jobs as follows:
  1. An external firm may be engaged to perform the following tasks of the registered positions:
    • Risk Management Officer
    • …………..

What are the requirements for preparing risk management reports in accordance with the CMA’s Executive Bylaws?

Risk management reports shall be prepared every six months and shall particularly include credit risks, market risks, liquidity risks, operation risks and any other risks that the company may expose to. The report shall be submitted to the board of directors with a copy of the same provided to the CMA as required by the CMA’s Executive Bylaws of Law No. 7 of 2010 regarding the Establishment of the Capital Markets Authority, Module Six “Policies and Procedures of Licensed Person”, Chapter Four, Article 4-4.

What is the mandate for establishing and activating the risk management function as per the IRU’s regulations?

The IRU’s Resolution No. 58 of 2023 regarding corporate governance, Article 33, mandates establishing an active risk management function within the insurance companies as part of the overall governance framework.

What are the roles and responsibilities assigned to the risk management function as per the IRU’s regulations?

Article 44 of the IRU’s Resolution No. 58 of 2023 regarding corporate governance provides for the roles and responsibilities assigned to the risk management function.

How mandated is the job of risk management officer at the IRU licensed insurance companies?

The IRU’s Resolution No. 58 of 2023 regarding corporate governance, Article 41, mandates employing a risk management officer at the insurance company.

Does the IRU allow insurance companies to outsource the risk management officer?

Yes, as per the IRU’s Resolution No. 58 of 2023 regarding corporate governance, it is permissible to engage a third party to perform specific functions or activities under articles 58 to 64 of the aforesaid resolution.

What is the added value to business entities from Risk Management Services?

  1. Ensure compliance with the applicable legal and regulatory requirements in the State of Kuwait.
  2. Utilize the expert knowledge and experiences brought through compliance consulting services.
  3. Maximize competitive potential and resilience in doing business and minimize costs.
  4. Improve processes and enhance the internal control and decision-making process.
  5. Enhance stakeholders’ trust in the business entity.

Considering the above instructions of the regulators, Baker Tilly renders the following services:

  1. Outsourced Risk Management Officer function, which includes:

    • Establishing effective systems and procedures of risk management.
    • Developing periodical reporting mechanisms
    • Reviewing transactions to be made by the Company with the related parties
  2. Preparing periodic risk management reports
  3. Developing risk management policies and procedures manuals
  4. Preparing risk management charter for the Risk Management Committee (RMC)
  5. Developing risk management job descriptions.
  6. Implementing risk management automation using software and applications.
  7. Providing workshops on risk management applications

 

E-mail Us
Call Us