What are regulations on organizational structure in risk management of securities companies in Vietnam?

What are regulations on organizational structure in risk management of securities companies in Vietnam?

Pursuant to Article 4 of the Circular 70/2022/TT-BTC (takes effect from 01/01/2023) stipulating organizational structure in risk management of securities companies in Vietnam as follows:

1. Insurance companies, reinsurance companies and foreign branches shall use three separate Lines of Defence hereunder for their risk management:

a) First Line of Defence: This Line of Defence is formed by functional departments, divisions or units that directly identify, receive, assess, control, report and monitor business risks;

b) Second Line of Defence: This Line of Defence is formed by the Risk Management, the Compliance Control and other departments or divisions having the function of controlling risks to the First-Line-of-Defence roles;

c) Third Line of Defence: This Line of Defence is formed by the Internal Audit department or division.

2. Depending on the size, condition and complexity of their business activities, insurance companies, reinsurance companies and foreign branches may build their organizational structure of the Second Line of Defence provided that it performs all of the following functions:

a) Provide expert counsels in order for the General Director (Director) to issue internal rules and regulations on risk management;

b) Work with operational departments or divisions in the First Line of Defence to identify and monitor material risks that may arise;

c) Build and use risk assessment and measurement models to early warn of and identify risks and hazards of risk limits; proposing measures or approaches for control, prevention and minimization of any risk that may arise;

d) Construct the scenario for testing of their risk tolerance;

dd) Submit quarterly, annual and ad-hoc update reports regarding their risk management activities to their General Directors (Directors); promptly report risks that may materially affect financial safety and operational effectiveness to Governing boards or Boards of Members of insurance companies, reinsurance companies or parent companies of foreign branches. Each quarterly report shall be submitted no later than 30 days following the last day of the quarter in question while each annual report shall be submitted no later than 90 days following the last day of the year in question.

What are regulations on risk management policies; internal rules and regulations on risk management of securities companies in Vietnam?

Pursuant to Article 5 of the Circular 70/2022/TT-BTC (takes effect from 01/01/2023) stipulating risk management policies; internal rules and regulations on risk management of securities companies in Vietnam as follows:

Insurance companies, reinsurance companies and foreign branches shall formulate their Risk Management Policies; Internal Rules and Regulations on Risk Management as follows:

1. Their risk management policies must satisfy the regulations laid down in point c of clause 2 of Article 86 in the Law on Insurance Business.

2. Their internal rules and regulations on risk management shall cover the following:

a) Functions, tasks, mechanism for delegation of authority, decision-making authority and responsibilities of individuals and departments in their risk management activities;

b) Procedures for identifying, measuring, tracking, monitoring and supervising material risks; making reports and exchanging information or feedback on risk changes and response;

c) Specific limits specific to material risks and other related risks; correlation between those risks. Risk limits mentioned above shall be in line with the taste for risk and conform to their internal rules and regulations on risk management; be reviewed periodically at least once a year and irregularly whenever there are major changes affecting the operational risk of these insurance companies, reinsurance companies or foreign branches;

d) Measures or approaches applied to control risks arising from business activities, and control individuals and departments involved in those activities.

dd) Risk tolerance tests meeting regulations laid down in Article 7 herein.

e) Contingency plans for response to emergencies aimed at maintaining continuation in their business operations. These plans shall be subject to approval or consent from the Governing boards or the Boards of Members of insurance companies, reinsurance companies and parent companies of foreign branches;

g) Internal regime for reporting of risk management.

What are regulations on identification, measurement, monitoring and control of risks of securities companies in Vietnam?

Pursuant to Article 6 of the Circular 70/2022/TT-BTC (takes effect from 01/01/2023) stipulating identification, measurement, monitoring and control of risks of securities companies in Vietnam as follows:

Insurance companies, reinsurance companies and foreign branches shall identify, measure, monitor and control risks in a timely and accurate manner, subject to the following regulations:

1. Identify material risks that they may face during their business.

2. Measure risks on the basis of defining impacts of these risks on their business, capital and solvency. Risk measurement shall be carried out by using methods or models. Risk measurement methods and models shall be regularly examined and reviewed to ensure accuracy and rationality in accordance with their internal rules and regulations on risk management. All data used in these risk measurement methods and models shall be reliable and inspectable.

3. Check the risk status, duly assess, give early warning of the possibility of violating risk limits, and restrict exposure to risks to ensure safety in their operations; make internal reports on risk monitoring and send them to relevant individuals and departments.

4. Control the implementation of functional or operating procedures within corresponding risk limits; test risk tolerance as prescribed in Article 7 of this Circular, take measures to prevent, minimize and promptly deal with risks to ensure compliance with risk limits.

Best regards!