FoRM 4: Risk Appetite Course

IIRSM Date Range Logos Updated

Attitudes to risk can vary considerably across a spectrum of risk-taking. Some businesses and sectors are more risk averse, while others are more open to taking on risk.

The amount and type of risk a company is willing to take to meet its strategic objectives is known as its risk appetite. By setting a risk appetite and communicating it effectively to all staff, companies establish a risk threshold.

Our Risk Appetite course explains why setting a risk appetite is important and how to implement this model in your company.

Request a Free Trial

Chevron Skillcast chevron graphic
FoR 4 Risk Appetite

About this Course

Available as part of our Risk Management Library.

Learning objectives

  • Define risk appetite and its role and importance in our Company's overall risk management framework
  • Apply the risk appetite model in your day-to-day role
  • Recognise who takes ownership of risk appetite management and learn about your responsibilities in this area
  • Write risk appetite statements
  • Communicate and document risk appetite actions

Course Contents

Welcome

- Learning objectives
- How to complete this course

What is risk appetite?

- Risk appetite as part of a risk management framework
- The Management of Risk (MoR) framework

Why is determining risk appetite necessary?

- You decide: The nature of risk appetite

Risk categories

The risk appetite model

- A practical example
- Control & mitigation measures

The risk appetite scale

- You decide: Every company is different 

Who determines the risk appetite in our company?

- Scenario: Robert recognises a change in risk
- Scenario: The news reaches Samantha

Risk appetite statements

- Risk appetite detailed thematic statement
- A financial risk detailed thematic statement
- Acting on risk appetite in extraordinary situations
- Scenario: The perfect storm

Communicating & documenting risk appetite decisions

- You decide: Communicating, documenting & recording risk appetite

Reviewing risk appetite

Summary

Affirmation

Assessment

Course Specifications

Structure

Structure

Approximately 40-minute long e-learning course followed by a 10-question assessment.

Audience

Audience

Suitable for all staff - examples and interactivities designed for staff at all levels. No previous knowledge or experience is required.

Design

Design

SHARD-compliant, responsive display on all devices, accessibility on screen readers, visual design controlled via a client style sheet.

Compatibility

Compatibility

All Windows, Mac OSX, iOS, Android (Flash-free for mobile compatibility). AICC and SCORM 1.2-compliant, suitable for both hosted and deployed SCORM or AICC.

Tailoring

Tailoring

Fully customisable on Skillcast Portal CMS.

Translation

Translation

Pre-translated versions not available, but all text content can be exported for translation into all languages.

Localisation

Localisation

Based on best-practice risk management frameworks and suitable for global audiences.

Access Our Courses on Skillcast Plans

Our compliance training courses are available across Skillcast plans. Our plans cover businesses with small to large teams and offer a mix of tailored and off-the-shelf courses.

We have three plans available; simply choose the one that meets your needs below.

CoreCompliance

Skillcast CoreCompliance provides your own portal pre-loaded with the key compliance courses needed in your sector. It's the most comprehensive and cost-effective compliance training solution on the market for teams of up to 50 staff.

Prices start from £349 for 12 months.

Standard Plan

Skillcast Standard is a flexible plan for building your digital compliance portal. You start with our award-winning Learning Management System and select one or more course libraries to train your staff.

Later, you can add the Policy Hub for policy attestations, DSE self-assessment, Gifts and Hospitality register, and other features to streamline staff compliance.

Premium Plan

Skillcast Premium combines our innovative technology tools and features into one simple solution. The premium plan is designed for companies that want a fully featured, branded and managed portal to transform their staff compliance.

It enables you to create comprehensive user journeys to deliver learning and policies, obtain declarations and submissions, and consolidate data to achieve your compliance outcomes.

More on SMCR

In the United Kingdom, the Senior Managers and Certification Regime (SMCR) is designed to foster accountability among senior managers at financial services companies while elevating ethical and professional standards across the entire workforce.

The SMCR replaced the Approved Persons Regime (APR), which was previously applicable to key individuals in regulated entities. In the realm of insurance companies, this regime effectively superseded the Senior Insurance Managers Regime (SIMR), marking a significant shift in how financial services firms manage and hold their senior personnel accountable.

There are three key parts to the SMCR: Senior Managers Regime, Certified Persons Regime and Conduct Rules.

  • Senior Managers Regime
    This enforces a detailed and clear allocation of responsibilities between senior managers at each firm, with particular emphasis placed on key documents - 'Statements of Responsibilities' and 'Responsibilities Maps'. These help to record the distribution of responsibility to individual Senior Managers and to demonstrate to the regulators that there are no gaps or excessive overlaps. Always bear in mind that Senior Managers have a statutory duty of responsibility "to take reasonable steps to prevent regulatory breaches in the areas of the firm for which they are responsible".
  • Certification Regime
    This requires firms to check and confirm that employees performing roles relating to the firm's regulated activities are fit and proper, based on their qualifications, competence and personal characteristics. Once this has been confirmed, the firm needs to issue them with a certificate that must be renewed every year.
  • Conduct Rules
    This consists of a set of rules provided in the FCA's Code of Conduct Handbook (COCON) that covers all individuals:Senior Managers, Certified Persons and other employees.

How to comply with SMCR

1. Statement of Responsibilities - Set out the areas for which each Senior Manager is personally accountable
2. Responsibilities Map - This knits together the Statement of Responsibilities
3. Pre-approval for all Senior Managers - obtain this from the regulators before they carry out their roles
4. Duty of Responsibility - Ensure that Senior Managers understand their responsibilities and take reasonable steps to prevent regulatory breaches in their areas of responsibility
5. Identify all Certified Persons - These are all material risk takers
6. Fit and Proper Assessment - Of all Certified Persons, then re-assess on an annual basis
7. Training - Of all those who are subject to the Conduct Rules

SMCR Scope

SMCR rollout waves

The SMCR has been rolled out in three waves:

Wave 1: Banks, building societies, credit unions and large investment firms in March 2016 (updated July 2018)
Wave 2: Extended to insurance firms (those regulated by the FCA and PRA) in December 2018
Wave 3: The remaining financial services firms (otherwise known as 'solo-regulated firms' since they are regulated only by the FCA, not the FCA and PRA) came under the scope of this regime in December 2019.

SMCR categories

The third wave encompasses a wide variety of firms. To ensure that regulation is appropriate to their sizes and activities, the FCA has categorised them into three distinct groups:

Core: Firms that have to comply with the baseline requirements for solo-regulated firms
Limited scope: Firms that already had exemptions under the Approved Persons Regime, and are exempt from some requirements and require fewer senior management functions
Enhanced: Firms that have extra requirements - these are large, complex firms with potential impact on consumers or markets which warrant more attention from the FCA

SMCR & Duty of Responsibility

Senior Managers have a statutory duty of responsibility "to take reasonable steps to prevent regulatory breaches in the areas of the firm for which they are responsible". The FCA can take action against a Senior Manager (SM) where it can show that:

  • There was misconduct by the SM's firm,
  • At the time of the misconduct or during any part of it, the SM was responsible for the management of any of the firm's activities in relation to which the misconduct occurred, and the SM did not take such steps as a person in their position could reasonably have been expected to take to avoid the misconduct occurring or continuing.

The burden of proof for all these elements lies on the FCA. The SM does not need to show that they took reasonable steps - rather, it is for the FCA to prove that they did not. The defence against such action is if the senior manager can show that they took "the steps that are reasonable for a person in that position to take to prevent a regulatory breach from occurring".

Fitness and Propriety

The FCA must approve all senior managers, which assess whether they are fit and proper to perform the given function or responsibility.

Three key factors determine whether you are Fit and Proper:

  1. Honesty, integrity and reputation
  2. Competence and capability
  3. Financial soundness

When assessing a person's financial soundness, the FCA typically does not require a statement of the individual's assets or liabilities. Having limited financial means does not, by itself, impact the suitability of a person to perform a Senior Management Function (SMF).

When appointing a Senior Manager or Certified Person, firms must obtain regulatory references from all of their past employers from the past six years. This requirement also applies to the appointment of Non-Executive Directors (NEDs) who are not Senior Managers.

To meet this requirement, firms must keep records of disciplinary actions and fit and proper assessments for the past six years and avoid any agreements that would conflict with their disclosure obligations.

Want to learn more about SMCR?

This training aid is just one of 100+ free compliance training resources, including assessments, best practice guides, checklists, desk aids, eBooks, games, handouts, posters, training presentations and even e-learning modules!

You can keep up to date with SMCR best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech, and RegTech news, by subscribing to our FCA Compliance Bulletin.

Our SMCR Compliance roadmap will help you navigate the compliance landscape supported by a comprehensive library of SMCR Courses and a fully integrated SMCR 360 Compliance Toolkit to streamline, unify and automate your processes.

Finally, SkillcastConnect provides a unique opportunity to network with other compliance professionals in a vendor-free environment, as well as exclusive benefits, including access to our free online learning portal.

Try our courses for free...

Compliance Essentials Library is our best-selling comprehensive corporate training solution.

100+ e-learning and microlearning courses that help companies from SMEs to global corporates achieve compliance success.

Request a Free Trial

Chevron Skillcast chevron graphic
Compliance Essentials