The objective of the gap analysis is to have a complete understanding of the risk management framework in order to identify the additional actions necessary to comply with regulatory requirements of the selected approaches. The analysis also provides a basis for the development of a roadmap that describes implementation actions.
We provide our clients with a comprehensive review which encompasses all major blocks of a sound and effective risk management framework:
- Governance: risk strategy, roles and responsibilities, escalation, etc.
- Documentation: guidelines, limits, operational procedures, internal reporting, etc.
- People: tasks, duties, skills and regulation knowledge, etc.
- Methodology: models and their assumptions, backtesting, robustness, compliance with regulatory requirements, etc.
- Systems: adequacy, security, etc.
- Data: quality, integrity, completeness, etc.
The review combines three levels of analysis:
- Analysis of the work already performed by the Risk Management function. This includes a detailed review of existing policies, measurement framework, procedures, reports, etc.
- Review of the data available to assess completeness of the information required to comply with the regulatory requirements
- Completion of the analysis through workshops with the Risk Management function and other relevant stakeholders (Credit department, IT, Internal Audit, etc.). The objective of these workshops is to enhance the initial analysis and to assess the maturity level of all these elements with those involved in the process