Page 27 - CCFA Journal - Ninth Issue
P. 27
加中金融 风险管理 Risk Management
加中金融
The mandates also specify risk budget, risk metrics such as 这些授权还规定了风险预算、主动风险等风险指标、
active risk, ESG requirements, and address regulatory ESG 要求,并满足监管要求(例如养老金规则、衍生品
requirements (e.g., pension rules, derivatives rules), etc. 规则)等。这些规则和限制通过交易、会计和报告系统
These rules and limits are monitored through trading, 进行监控。问题被标记并传达给相关方。投资组合工程
accounting, and reporting systems. Issues are flagged and 用于构建有效的数据和分析平台,并用于优化投资组合
conveyed to relevant parties. Portfolio engineering is used to 回报/风险状况。将内部和外部採购的量化工具用于监控
build an effective data and analytical platform, and used to 投资组合风险并分析各个风险因素的敞口。
optimize portfolio return/risk profiles. Proprietary and vendor
quantitative tools are used to monitor portfolio risks and 大型金融机构的有效风险管理框架包括三道防线的概念:
analyze risks attributed to the risk factors.
第一道防线由负责识别和管理风险的管理人员和工作人
An effective risk management framework for large financial 员组成,作为他们实现工作目标的责任的一部分。总的
institutions includes a concept of three lines of defense. 来说,他们应该具备必要的知识、技能、信息和权限,
The first line of defence is formed by managers and staff who 以落实相关的风险控制政策和程序。这需要了解公司、
are responsible for identifying and managing risk as part of 要达到的目标、运营环境以及面临的风险。
their accountability for achieving objectives. Collectively, they 第二道防线通常由合规部门组成。该职能部门提供政策、
should have the necessary knowledge, skills, information, and 框架、工具、技术和支持,以支持在第一道防线管理风
authority to operate the relevant policies and procedures of 险和合规,进行监控以判断第一道防线的有效性并确保
risk control. This requires an understanding of the company, 对风险定义和衡量的一致性。
its objectives, the environment in which it operates, and the
risks it faces. 第三道防线是内部审计。它独立于前两道防线的流程之
外,其主要作用是确保前两道防线有效运作,并就如何
The second line of defence is typically performed by
Compliance area. This function provides the policies, 改进它们提出建议。它受董事会/审计委员会委托并向董
frameworks, tools, techniques and support to enable risk and 事会/审计委员会报告,通过基于风险的方法,向公司的
compliance to be managed in the first line, conducts 管理机构和高级管理层提供关于治理、风险管理和内部
monitoring to judge how effectively they are doing it, and 控制有效性的评估。它还可以向监管机构和外部审计师
helps ensure consistency of definitions and measurement of 确认适当的控制和程序已经到位运作有效。
risk.
一搬来说公司应该知道他们的风险承受能力。就风险而
The third line of defence is provided by internal audit. Sitting 言,公司愿意承担什么,他们有什么资源来管理它?在
outside the risk management processes of the first two lines 公司董事会的监督下,管理团队应就风险是什么、如何、
of defence, its main roles are to ensure that the first two lines 何时何地衡量风险达成一致并应评估每个流程和职能以
are operating effectively and advise how they could be 确定它如何影响公司的风险承受能力。公司可以确定其
improved. Tasked by, and reporting to the board / audit 风险优先级或风险地图 - 什么是最重大的风险,哪些地雷
committee, it provides an evaluation, through a risk-based 需要首先被发现和排除 - 分成高,中和低优先级并确定关
approach, on the effectiveness of governance, risk 键流程以及如果这些流程如果失效将会如何影响公司。
management, and internal control to the organisation’s 对流程与工作任务的对接会帮助理清关键系统、人员以
governing body and senior management. It can also give 及上下游依赖关系。
assurance to sector regulators and external auditors that
appropriate controls and processes are in place and are
operating effectively.
Firms should know their risk tolerance. What is a firm willing
to undertake in terms of risk, and what resources do they have
to manage it? Under the oversight of the firm’s board,
management teams should work in forum toward agreement
on what risks are, how, where and when to measure them,
and every process and function should be assessed to
determine how it affects a firm’s risk tolerance. Firms may
determine their risk priority or risk map—what are the most
material risks, which landmines need to be uncovered and
diffused first—categorizing high, medium and low priorities.
Determining key processes and how these processes may
impact a firm if shut down is essential to this task. Process
mapping exercises will also point out key systems, people, as
well as both up- and downstream dependencies.
CCFA JOURNAL OF FINANCE December 2022
Page 27 第27页
