By Ateya Mohammad Abu Elbeh

Publications of Basle Committee, Sorban-Oxely ,COBIT, ISO, BSI & many others that deal with Risk Management stress the need for a continuous process of Risk Identification, Assessment, Monitoring, Mitigation and Control. Specifically. Starting off this point ,you at PSE, need to identify and assess all kinds of risks especially Operational risk, Business Continuity, Information Security and Regulatory Compliance.
The increased potential for Disaster , electronic attacks or system outage, Internal & External Fraud ... suggest that you have to create your continuity & Disaster Recovery plans ,and those plans should be reviewed in a systematic and periodically basis , or if necessary developed, to account for the greater risk of physical threats and malicious attacks on people, property, computer and telecommunications systems. Additional consideration needs to be given to the proximity of threats as well as the vulnerability of back-up facilities in case of its existence.

1.2 Objective

Our objective is to establish a comprehensive Risk Management Department based on the best practices In our area & globally to identify and prioritize the risks and processes that are critical to our business at the Country & international Level to meet local and international regulatory requirements.

1.3 Definition

Today, Risk Management occupied the top priority in the financial & monetary system locally and globally ., because of the rapid and huge revolution in this industry .

There are four main Divisions under Banking Risk Management Department:
· Regulatory Compliance
· Operational Risk
· Business Continuity
· Information Security

1.4 Scope

This department applies to all PSE branches, Products, operations, services & IT in order to enable us in mitigate ,reduce ,manage and a verse those exposures in a right time with the minimum costs .

2.1 Jobs Description and Responsibilities
2.1.1 General Department Responsibilities:

The key task of the Risk Control & Regulatory Compliance Department is to monitor PSE members compliance with all the regulatory requirements. The main mission is to ensure that PSE has a robust system for the identification and management of Risk and Regulatory Compliance requirements in all jurisdictions and provide reasonable assurance to the CEO/Audit Committee/Board of Directors that it is applied consistently across PSE .

Develop and maintain the risk assessment framework..
Implement the Risk Framework as the basis of any risk assessment requirement and where necessary, including for projects.

Produce the required risk assessment and action plan reports.

· The link point between the PSE management and local /global regulatory bodies .
· Develop and maintain Regulatory Compliance, operational risk, Business Continuity and Information security Manuals .
2.1.2 Department Manager Responsibilities (General):
· Ensure the implementation of the customer's identification, verification, and due diligence programs.
· Monitoring conspicuous business relationships.
· Take the necessary action in case of any suspicious transaction/activity within the limitations specified.
· Responsible for maintaining awareness within the PSE staff of Money Laundering and Terrorism Financing risks, issues, and PSE policies and procedures.
· Act as the central point for all contact and communication between PSE and the Competent Authorities.
· Produce regulatory compliance business plan and budget.
· Plan and execute regulatory compliance projects.
· Prepare Operational risk, Regulatory Compliance, Information Security and business continuity handbooks and manuals .
· Advice the CEO/ BOD and other departments on new developments.
· Assess impact of local regulatory change on business.
· Obtain approval from the local Competent Authorities on relevant policies and procedures.
· Ensure appropriate policies and procedures are defined in compliance with local regulatory requirements.
· Consult on specific transactions.
2.1.3 Department Responsibilities (regarding Operational Risk & BC ):
· Identification of risks process and Risk universe.
· Evaluation and developing existing controls to enhance organizational performance and raise awareness across the department of procedures relating to operational risk
· analyze procedures and controls within the department, checking them for relevance, effectiveness, and consistency.
· assess the impact of new system, product, services ,activities implementations and will be accountable for the continuous awareness of operational risk mitigation.
· Maintain an active understanding of developments in operational risk management both through peer review and regulatory developments (e.g. Basel II).