Systems and Controls
PRU 4.15.11 PRU 4.15.11(1) An Authorised Person must implement and maintain systems and controls to identify its Exposures and effectively manage Concentration Risks as a result of its activities.(2) Such systems and controls in place must be proportionate to the nature, scale and complexity of the Authorised Person and must include written policies and procedures to address Concentration Risks, both on and off balance sheet, which:(a) are approved by the Governing Body on at least an annual basis; and(b) include internal approval limits for Exposures as well as limits for the risks associated with specific sectors, geographic location and single economic risk factors.
The Regulator expects the systems and controls to include:a. processes for the tiered approval of Exposures based on size, risk profile and complexity;b. mechanisms for identifying, recording and monitoring all Exposures with particular focus on Large Exposures;c. mechanisms in place for the monitoring and control of Exposures to Counterparties and Groups of Connected Counterparties;d. mechanisms for monitoring and recording Exposures within its Group;e. mechanisms to monitor Counterparties in the same economic sector and exposed to single economic risks;f. mechanisms to identify and control risks arising from single geographic jurisdictions; andg. mechanisms to identify risks arising from related activities or commodities.