Interactive Single Rulebook

The Interactive Single Rulebook is an on-line tool that provides a comprehensive compendium of  the level 1 text for the Capital Requirements Regulation (CRR) and the Capital Requirements Directive (CRD IV); Bank Recovery and Resolution Directive (BRRD); the Deposit Guarantee Schemes Directive (DGSD); and the Payments Services Directive (PSD2)  the corresponding technical standards developed by the European Banking Authority (EBA) and adopted by the European Commission (RTS and ITS), as well as the EBA Guidelines and related Q&As.
The purpose of the Single Rulebook is to ensure the consistent application of the regulatory banking framework across the EU.
This Interactive Single Rulebook is meant purely as a documentation tool and the EBA does not assume any liability for its contents. For the authentic version of EU legislation users should refer to the Official Journal of the European Union.
Please click on the relevant legislative text to see technical standards, guidelines and Q&As relating to each Article.

Interactive Single Rulebook

Path Capital Requirements Regulation > PART EIGHT > TITLE II > Article 435 (Copy link to article)
Title Article 435
Description Risk management objectives and policies
Main content

1. Institutions shall disclose their risk management objectives and policies for each separate category of risk, including the risks referred to under this Title. These disclosures shall include:

(a) the strategies and processes to manage those risks;

(b) the structure and organisation of the relevant risk management function including information on its authority and statute, or other appropriate arrangements;

(c) the scope and nature of risk reporting and measurement systems;

(d) the policies for hedging and mitigating risk, and the strategies and processes for monitoring the continuing effectiveness of hedges and mitigants;

(e) a declaration approved by the management body on the adequacy of risk management arrangements of the institution providing assurance that the risk management systems put in place are adequate with regard to the institution's profile and strategy;

(f) a concise risk statement approved by the management body succinctly describing the institution's overall risk profile associated with the business strategy. This statement shall include key ratios and figures providing external stakeholders with a comprehensive view of the institution's management of risk, including how the risk profile of the institution interacts with the risk tolerance set by the management body.

2. Institutions shall disclose the following information, including regular, at least annual updates, regarding governance arrangements:

(a) the number of directorships held by members of the management body;

(b) the recruitment policy for the selection of members of the management body and their actual knowledge, skills and expertise;

(c) the policy on diversity with regard to selection of members of the management body, its objectives and any relevant targets set out in that policy, and the extent to which these objectives and targets have been achieved;

(d) whether or not the institution has set up a separate risk committee and the number of times the risk committee has met;

(e) the description of the information flow on risk to the management body.