Sheet1

Risk Register
Risk area

1.1

Control objective
Explanatory note
Know
Your
Customer
procedures
are
not
understood and complied
with
by
all
account
opening staf

1.2

Anti-Money
Laundering
Procedures
are
not
understood or complied with
by all staff

1.3

Branch
fails
to
display
information required by the
local regulators e.g. Banking
licence, audited accounts etc

1.4

Regulatory requirements are

complied with regards to the
issuance of dud cheques

Regulations

Management
2.1

Branch is not operating with

an up-to-date set of operating
procedures or staff do not
understand them.

An
effective
Business
Continuity Plan is not in place
for the branch in the event of
inability to operate from the
existing location
Premises are vulnerable to
external threats.
Assets are vulnerable
external threats.

to

Internal controls are not being

adhered to

Page 1

Likelihood(1-5)
5

Impact

Sheet1
Operations

Suspense accounts, P&L

accounts and petty cash are
not reconciled on a timely
basis.
General Ledger, P&L and
Suspense
accounts
are
opened or closed without
proper authority.

Purchases

Local purchases are

within authorised limits.
Branch
holds
stationery.

Cash Handling

not

excessive

Cash in vaults is vulnerable to

theft.
Cash in transit is vulnerable to
theft

Liquidity

Account
Openning

Fixed deposit contracts are

not approved and authorised
Accounts are opened for
fraudsters and ghost or nonexistent clients.
Accounts are not opened in
line with KYC procedures

ATM

Cards captured in the ATM

are not secured.
ATMs are not replenished
under secure conditions.
ATM
accounts
are
not
reconciled.
System down time not
recorded

Credit

Page 2

Sheet1

Governance

Credit
Committees,
lending authorities and
referral
processes
must
be
clearly
Up to date Credit Policy is not documented
and
available
adhered
to.
Staff
should
sign
to
acknowledge that they
have
read
and
understood its contents

Regulations

It is critical to ensure
regulatory
Staff are not aware of KYC
requirements
in
and AML regulations
respect of KYC and
AML are complied with

Management

Branch is not operating with

an up-to-date set of credit
procedures or staff do not
understand them.

Any amendments to
policy and procedures
must be communicated
to all staff

Page 3

Sheet1

Credit policy should

stipulate
acceptable
debt service ratios
when
considering
client
borrowing
Clients are burdened with requests.
Clients
debts they cannot afford
should be encouraged
not to borrow from
other bank. This would
also link with the
financial
literacy
program

Page 4

Sheet1

Credit
is
sanctioned
policy).

this
includes
loan
assessment,
id,
not
correctly
collateral, authorisation
(approved per
level, loan as %
previous loan, loan as
% free income etc

Documentation must
be stored securely and
Loan documentation and be readily accessible in
collateral pledges are not need. Local regulations
securely protected
will determine how long
such material must be
retained.

Page 5

Sheet1

Controls would include

valuations,
legal
Collateral security does not charges checked and
realise expected value
reviewed periodically in
accordance with terms
of approval

Page 6

Sheet1

Loans
must
be
monitored
for
unsatisfactory features
Arrears are not followed up in
and timely follow up for
a timely fashion.
arrears. Arrears reports
should be actioned on
a daily basis.

Credit
procedures
should
include
a
Arrears management is not in detailed step by step
accordance with procedures. delinquency
process
including the timeframe
for different actions.

Page 7

Sheet1

Portfolio quality should

be reviewed weekly to
Overall
quality
of
loan
ensure
that
PAR
portfolio is not monitored
remains within agreed
parameters

Page 8

Sheet1

Loans should not be

granted for purposes
Loans may be granted for
on
the
institutions
illegal
or
unacceptable
exclusion
list
e.g.
purposes
Gambling, prostitution
etc

This can be staff fraud

or client fraud. It can
Loans are made to Ghostalso
include
nominee customers.
differences in loan
amounts.

Page 9

Sheet1

Risk Register
Inherent

Mitigation /control activity

Post likelihood

Page 10

Post impact

Residual risk

Sheet1

Page 11

Sheet1
1. Credit manuals and
policies are made available to
all credit staff.
2. Policy updates are made
available to credit staff by
communication and follow up
teaching done on it by BM
during sales meetings.
3. Amendments made are
approved at Excom and
communicated to staff
4. Branch manager internally
trains Relationship Officers to
be abreast with the loan
processes and procedures.
5. Enforcement of policies will
be ensured by Branch
Manager
and
Regional
Relations Officer.
6. Lending discretions are
allocated by position.

1. Credit staff are trained and

updated
during
branch's
monthly meetings on KYC
and AML regulations.
2.
Branch
management
conducts surprise checks on
KYC and AML compliance.
3. Branch is abreast with the
businesses of their top loan
clients.

1. Mails are sent to all staff on

any amendments made to
credit
procedures
and
implementation.
2. Credit manuals/policies are
reviewed and updated.

Page 12

Sheet1
1.Proper clients assessment
is conducted by Relationship
Officer
to
determine
appropriate funding.
2. Client education on effects
of multiple borrowing is done
by ROs.
3. The debt service ratio is
calculated for every loan in
order to know the right loan
amount to be given to clients.
Debt service ratios should be
adhered to when approving
loans for clients.
4. Cash flow is always
reviewed by BM to ensure
figures that are put in the
financials are realistic.

Page 13

Sheet1
1. There is segregation of
duties.
2.Lending
policies are adhered to
including valuation of pledged
assets.
3.Customer
details
are
checked
by
BM
for
completeness and ensured to
be realistic.
4.Pre-lending exercise is
completed by RO including
complusory savings.
5.Approval limits are adhered
to by branch management.
6.Exceptional approval is
sought
from
H/O
for
exceeding approval limit.
7.Funding below request is
monitored. All amendments to
loans are approved.

10.Credit Bureau search is

undertaken by RO.

1. Loan files are kept in

cabinets (under lock and key)
by RO.
2.
Assets
pledged
as
collateral are registered and
kept in strong room by RO.
3. Collateral documents like
car documents or house
ownership documents are
kept in the strong room under
dual control.

Page 14

Sheet1

1. The expected collateral

documents are taken from
client.
2.
Pre-lending
exercise
completed including credit
bureau, and perfection of
collateral documents etc.
3. Insurance documents for
collaterals are monitored by
Relationship Manager.
4. Asset realisations are
monitored to identify weak
collateral types.

5. Asset realisation is done

only through auction using
outside agents such as
auctioneers.

9. Stocks are pledged as

security.

Page 15

Sheet1

1. Delinquent report is
reviewed daily by RM and
necessary action taken.

2. Escalation report is sent by

RO to manager and then HO.
3. Continues calls and visits
to clients in delinquent
handed over to ROs to
ensure arrears are collected.
4. Relationship Manager visits
the field to ascertain the
genuineness or otherwise of
causes of delinquents and
outcome documented.
5. Demand letters are issued
by ROs to defaulting clients .

1. Policy stipulation on
delinquent management must
be clear indicating limits i.e by
officer
and
branch
management.
2. Management of arrears is
in accordance with laid down
policies in the procedural
manual. (refer to 17.1)
3. Branch sales meetings
sometimes
focuses
on
measures to reduce the
branch PAR.

Page 16

Sheet1

1. A system is implemented
and reviewed to monitor
sanctioning, arrears and other
trends to provide early
warning of possible problems.

2. Economic and social

impacts are factored into
assessment by ROs of levels
of acceptable risk.
3. Monthly and daily reviews
are organised and remedial
actions taken.
5.
Field
monitoring
is
undertaken
by
Branch
Manager to ensure constant
monitoring.
6. Project assessment is
done by RO including visiting
client's
residence
and
business site before loan
recommendation.
7. Cash flow analysis is done
by RO to reflect clients ability
to repay.
8. Trust Bank members are
self selected. Clients are well
informed on the loan polices
during orientation.
9. Loans Portfolios are
properly handed over and
documented.

Page 17

Sheet1
1. Policy prohibits lending to
businesses
which
are
prohibited by law.
2. The purpose for the loan is
investigated by the Officer
thoroughly
during
assessment.
3. The BM reviews and signs
this to ensure purpose for the
loan
meets
expected
requirements.

1. Disbursement is done
through clients' accounts.
2. Common addresses and
business sites of clients are
checked by RO and BM for
clarification.
3. Disbursement is monitored
by Branch Manager.

Page 18

Sheet1

Audit likelihood

Audit Impact Residual Risk Increase in residual risk

Page 19

Sheet1

Page 20

Sheet1

Page 21

Sheet1

Page 22

Sheet1

Page 23

Sheet1

Page 24

Sheet1

Page 25

Sheet1

Page 26

Sheet1

Page 27