Notifications

Sunday 03 March 2024

Sunday 03 March 2024

CBUAE: "FATF" Announcement of UAE Completion of the Requirements is a Testament of Concerted National Efforts to Combat Money Laundering and Terrorism Financing

Press Release

Tuesday 06 February 2024

Tuesday 06 February 2024

CBUAE revokes the licence and registration of Smart and Secure Insurance Agent

Press Release

Monday 05 February 2024

Monday 05 February 2024

CBUAE launches the fifth cohort of the Executive Certificate for Risk-Based Supervision Professionals

Press Release

Wednesday 31 January 2024

Wednesday 31 January 2024

CBUAE Maintains the Base Rate at 5.40%

Press Release

Tuesday 30 January 2024

Tuesday 30 January 2024

CBUAE imposes a financial sanction of AED 1.2 million on an insurance company operating in the UAE

Press Release

Monday 29 January 2024

Monday 29 January 2024

Mansour bin Zayed witnesses UAE Central Bank's Golden Jubilee

Press Release

Tuesday 16 January 2024

Tuesday 16 January 2024

Summary Report - Monetary Banking Developments - November 2023

Press Release

Accessibility settings

Text size

A-

A+

Theme color

Color blind mode

Night reading mode

Rate this page

Rated by 3 People

Thanks for rating

Please provide a valid value for Name
Please provide a valid value for Email Address
Please provide a valid value for Phone number
Please provide a valid value for Subject
Please provide a valid value for Message

Back

Risk Management

On this Page

Overview

Financial Risk

Operational Risk

Business Continuity

Compliance

Information Security

Cyber-Security Centre of Excellence
The Risk Management and Compliance Department is the second line of defence for the Central Bank of the UAE, responsible for the management and oversight of the financial risks and non-financial risks.

It Identifies, manages, and reports all financial and non-financial risks faced by all CBUAE functions. Its primary purpose is promoting awareness of risk management among CBUAE staff, and establishing a CBUAE risk-aware culture.

Related Links

Operational Risk Policy Statement

Operational Risk Framework and Tools

Cyber-Security Centre of Excellence

Compliance

Financial Risk

Financial risk management aims to identify, mitigate, and manage exposure to various financial risks stemming from the CBUAE’s activities. Financial risks can be classified into three main categories:

Market risk, Credit risk and Liquidity risk.

Market risk is the potential for loss of value stemming from adverse changes in market rates or prices. Our exposure to market risk arises principally from the management of the nation’s foreign reserves. We have a market risk framework in place and operate prudently to mitigate market risk, taking into account expected returns, the external environment, and developments in our own balance sheet.

Credit risk is the potential for loss that could arise if a counterparty fails to meet its payments on time. The CBUAE has a credit risk framework in place, which outlines the limit-setting methodology, guidelines for the maintenance and monitoring of the exposure, and operating procedures for ensuring compliance and breach management. Consistent with widely- adopted approaches, we apply minimum standards for acceptable creditworthiness among counterparties and issuers, and use numerical limits to manage credit risk exposures.

Liquidity risk refers to the inability to buy or sell assets of a given size over a given period, without affecting the asset price adversely. Safeguarding the liquidity of foreign reserves is a core objective of the CBUAE. To achieve this, we have a liquidity risk framework that defines the methodology and criteria for measuring liquidity risk, and which stipulates rules for compliance monitoring.

Operational Risk

Operational Risk Management is an independent second line of defence that falls within the umbrella of Risk Management Department.

A key mandate of the function is as follows:

  • Design, maintenance and ongoing development of the Operational Risk Framework within the organisation.
  • Facilitates and monitors the implementation of effective risk management practices, by assisting risk owners in defining the target risk exposure and reporting adequate risk-related information throughout the organisation.
  • Developing and maintaining the operational risk management policies and procedures.
  • Assist business areas in conducting risk and control self-assessments (RCSAs).
  • Assist business areas in defining appropriate controls.
  • Defining and monitoring Key Risk Indicators.
  • Agreeing with business areas on risk mitigation plans and monitoring execution.
  • Review and Challenge the reported/ known operational risks and issues that different department/ units reports across the CBUAE.  Conduct an independent review and challenge of the Root Cause Analysis for Material/ significant incidents/ near-miss or issues.
  • Reporting to Senior Management, Risk Committee and Board Risk Committee on operational risk.
  • Conduct other risk assessment processes (ORAP) as requested.
  • Co-ordinate with other RMCD sections to ensure the consistent management of non-financial risks.
  • Conducts periodic reviews and control assurance to assess the effectiveness of the internal control environment.

Business Continuity

An independent second line of defence, which falls under the umbrella of Risk Management Department. The Business Continuity Function develops, implements, and manages the Business Continuity Management System (BCMS) across the CBUAE. The function is responsible for the overall readiness for potential disruptive scenarios that can affect normal functioning of business.

The key activities of the function are as follows:

  • Develops key Business Continuity policies, procedures, and plans in line with regulatory standards and drives the enforcement of the CBUAE Business Continuity policies and standards.

  • Performs and periodically maintains the Business Impact Analysis (BIA) and the business and technical requirements for recovery of each critical function.

  • Establishes and maintains corporate awareness about Business Continuity Management.

  • Promotes corporate awareness about Business Continuity Management and embeds a BCM culture within CBUAE.

  • Liaises with governmental bodies, regulators, international organisations and external parties on matters related to business continuity.

full image

Compliance

An independent second line of defence, which falls under the umbrella of the Risk Management Department.

Learn more

Information Security

An independent second line of defence, which falls under the umbrella of the Risk Management Department, involved in numerous national cyber-security programmes.
The Information Security function is responsible for developing and maintaining the information security policies of the organisation's information security management system. The function conducts periodic information security and cyber-risk assessments across various departments, to enhance the robustness of internal information security controls.
The function plays a critical role in liaising with other governmental bodies, regulators, international organisations and external parties on information security matters.

Cyber-Security Center of Excellence

full image

Cyber-Security Centre of Excellence

As part of our broader efforts to ensure cyber-security across the UAE, we maintain a sector-wide situational awareness.  

Learn more

Related Committees

Financial Stability

Reserve Management

Monetary Policy

Risk Committee

Board Risk Committee

Rate this page

Rated by 3 People

Thanks for rating

Last updated on: Wednesday 25 October 2023

Total visitors 14588