Banking Regulation 2025

CYPRUS Law and Practice Contributed by: Marcos Georgiades, Dominique Pelides and Panayiota Elia, Georgiades & Pelides

• The risk management framework of a bank must extend to all its business activities, support functions and control units, and must recognise fully the economic substance of its risk exposures and encompass all relevant risks. The risk framework must also ensure that all material risks are identified and man - aged, including credit and counterparty risk, residual risk, concentration risk, liquidity risk and market risk. • Banks must ensure that appropriate, ade - quate and effective policies, systems, pro - cesses and procedures are in place for: (a) identifying all relevant risks, existing and emerging, at the transaction and portfolio levels, on a continuous basis; (b) assessing these risks and measuring the bank’s exposure to them, at the transac - tion and portfolio levels, on an individual and a consolidated basis by recognising interactions between these risks, in an accurate and timely manner; and (c) monitoring the risk exposures and deter - mining the corresponding capital needs on an ongoing basis. • The assessment of risks must not solely or mechanically rely on external assessments such as external credit ratings or purchased risk models, but banks should strive to develop internal assessment capacity propor - tionate to the size, nature and scale of their activities. Purchased risk models should be validated and adjusted to the bank’s indi - vidual circumstances to ensure accurate and comprehensive cover and analysis of its risk profile and risk capacity. • Regular and transparent reporting mecha - nisms should be established so that the man- agement body and all relevant functions are provided with up-to-date, accurate, concise, understandable and meaningful reports and can share relevant information on the iden -

tification, measurement or assessment and monitoring of risks. Risk committee and risk management function Banks are required to establish a risk committee and a risk management function. The duties of the risk committee include, among others: • advising the management body on the bank’s overall current and future risk appetite and strategy; • assisting the management body in oversee - ing the effective implementation of the risk strategy by senior management; • assessing and monitoring the independence, adequacy and effectiveness of the risk man - agement and information security functions; and • advising the management body on the ade - quacy and effectiveness of the risk manage - ment framework. The risk management function must be inde - pendent of the business and support units it monitors and controls, and must have the right to report its findings and assessments directly to the management body and the relevant com - mittees, independent from senior management through clear reporting lines. It must: • ensure that all material risks are identified, measured and properly reported; • be actively involved in elaborating the bank’s risk strategy; and • have knowledge of the entire range of risks of the bank. Capital Requirements The capital adequacy framework for banks in Cyprus consists of the CRR, the CRD and Direc - tive 2014/59/EU of the European Parliament

142 CHAMBERS.COM

Powered by