Guidance on risks to be covered as part of the IRAP
11. An Authorised Person should consider the following risks, where relevant, in its IRAP:
a. Credit Risk, including Large Exposures and Concentration Risks;
b. Market Risk;
c. Liquidity Risk;
d. for Islamic Financial Business involving PSIAs, displaced commercial risk;
e. interest rate risk in the Non-Trading Book;
f. Operational Risk;
g. internal controls and systems; and
h. reputational risk.
12. This Guidance is merely an indicative list of risk categories, which does not preclude an Authorised Person from assessing other risks that it considers significant (for example, securitisation risks and residual risks). Likewise, certain categories of risks might not be relevant to all Authorised Persons completing the IRAP. In this case, the IRAP should clearly indicate why the risk is considered minimal or not relevant. The IRAP should also consider all risks arising from any non-regulated activities of the Authorised Person, if they are seen as material to the risk profile of the firm.