The Debt-Based Crowdfunding Company shall:
| |
| | 1- | Establish a written policy including a clear business strategy for risk management, approved and annually updated by its board of directors. The risk management policy shall take into account all relevant types of risks and how to deal with them. Such policy shall cover the analysis of at least the following risks:
|
| | | a. | Credit risk.
| |
| | | b. | Market risk.
| |
| | | c. | Operational risk.
| |
| | | d. | Legal risk.
| |
| | | e. | Reputational risk.
| |
| | | f. | Technological risk.
| |
| | | g. | Fraud risk.
| |
| | | h. | Information security risk.
| |
| | | i. | Cybersecurity risk.
| |
| | | j. | Money laundering and terrorist financing risk.
| |
| | | k. | Outsourcing risk.
| |
| | | l. | Debt-Based Crowdfunding Platform operational cessation risk.
| |
| | | m. | Participant protection-related risk, including the Institutional Beneficiary’s default risk.
| |
| | 2- | Develop appropriate procedures to identify, assess, manage, monitor, communicate, and report risks. These procedures must be included in a comprehensive risk management framework that ensures:
|
| | | a. | Early and comprehensive identification of risks.
| |
| | | b. | Assessment of correlations between risks.
| |
| | | c. | Immediate coordination with the board of directors, senior management and responsible staff, when needed.
| |
| | | d. | Immediate communication of identified risks to stakeholders.
| |
Please review Circular No. (44028131) dated 02/04/1444H regarding Quarterly Risk Report Preparation and Submission to the Central Bank, Including Audited Annual and Quarterly Financial Statements, Prudential Data, and Publication on the Company's Website.
