CERTIFIED RISK AND COMPLIANCE

MANAGEMENT PROFESSIONAL ( CRCMP )

International Association of Risk and Compliance Professionals (IARCP)
1200 G Street NW Suite 800, Washington DC 20005, USA
Web: www.risk-compliance-association.com

BENEFITS OF ATTENDING
1. You will learn the new international standards and best practices
in risk management and compliance.

2. You can become a Certi ed Risk and Compliance Management

Professional (CRMCP). This is an advantage on your resume,
serving as a third-party endorsement to your knowledge and
experience. Certi cates give the necessary assurance that you
have the knowledge and skills to accept more responsibility in
your organization.

3. You improve your resume in order to meet the new t and proper
requirements for managers and employees in risk management
and compliance.

CERTIFICATION AND EXAMINA-

TION PROCEDURE
We will follow the steps:
COURSE INTRODUC- www.risk-compliance-association.com/CRCMP_Certification_
TION AND OBJECTIVE Steps_1.pdf

After the nancial crisis, the new regulatory environment More information about the exam:
makes risk management and compliance more www.risk-compliance-association.com/Questions_About_The_
complicated and dif cult, but also much more important. Certi cation_And_The_Exams_1.pdf
There is always one major risk, that rms and organizations
do not comply with laws and regulations. It leads to
signi cant impairment of reputation, value, earnings,
business opportunities. An inadequate commitment to THE JOB TITLE /DESIGNATIONS THAT
compliance and risk management leads to liability and THE COURSE IS RELEVANT FOR
potential litigation. Now, more than ever, rms and
organizations devote resources to ensuring their risk Risk Manager, Compliance Manager from various industries
management systems are bulletproof. The damage is
done by negative media attention, and only the strongest
and best prepared entities can achieve their objectives.
Risk management is an organized methodology for COURSE SYNOPSIS
continuously identifying and measuring the unknowns;
Certi ed Risk and Compliance Management
developing mitigation options; selecting, planning, and
Professional (CRMCP)
implementing appropriate risk mitigations; and tracking
the implementation to ensure successful risk reduction. This course has been designed to provide with the knowledge and
Effective risk management depends on planning; early skills needed to understand and support regulatory compliance and
identi cation and analyses of risks; early implementation enterprise wide risk management, and to promote best practices
of corrective actions; continuous monitoring and and international standards that align with business and regulatory
reassessment; and communication, documentation, and requirements.
coordination. No matter how good the controls are,
no matter what risk management framework you have The course provides with the skills needed to pass the Certi ed
in place, no matter how much capital and liquidity you Risk and Compliance Management Professional (CRCMP) exam.
hold in your organization, it is risk awareness, training
and culture, that most determines success in identifying This course is intended for professionals that want to understand risk
and mitigating risks and protecting your organizations and compliance and to work as risk and compliance of cers. They
reputation and credibility. After this course, you will have will prove that they are quali ed, when they pass the Certi ed Risk
a very good understanding of the new international and Compliance Management Professional (CRCMP) exam.
standards and best practices in risk management and
This course is intended for employers demanding quali ed risk and
compliance. When you pass the Certi ed Risk and
compliance professionals. The course is recommended for senior
Compliance Management Professional (CRMCP) exam,
executives involved in risk and compliance.
you will be able to provide independent evidence that
you are quali ed. This is important in order to meet the
new t and proper requirements for managers and
employees in risk management and compliance.
International Association of Risk and Compliance Professionals (IARCP)
1200 G Street NW Suite 800, Washington DC 20005, USA
Web: www.risk-compliance-association.com

The Framework
PART A:
The 34 high-level control objectives
COMPLIANCE WITH LAWS AND REGULATIONS, What to do with the 318 speci c control objectives
AND RISK MANAGEMENT COBIT Cube
Introduction Maturity Models
Regulatory Compliance and Risk Management Critical Success Factors (CSFs)
De nitions, roles and responsibilities Key Goal Indicators (KGIs)
The role of the board of directors, the supervisors, the internal and Key Performance Indicators (KPIs)
external auditors How to use COBIT for compliance
The new international landscape and the interaction among laws,
regulations, and standards
The difference between a best practice and a regulatory obligation PART C:
Bene ts of an enterprise wide compliance program
SARBANES OXLEY
Compliance culture: Why it is important, and how to communicate
The Sarbanes Oxley Act
the obligations
The Need US federal legislation: Financial reporting or corporate
Policies, Workplace Ethics, Risk and CompliancePolicies, procedures,
governance?
the code of conduct
The Sarbanes-Oxley Act of 2002: Key Sections
Privacy and information security
Handling con dential information
SEC, EDGAR, PCAOB, SAG
Con icts of interest The Act and its interpretation by SEC and PCAOB
Use of organizational property PCAOB Auditing Standards: What we need to know
Fair dealings with customers, vendors and competitors Managements Testing
Reporting ethical concerns Managements Documentation
The de nition of Governance, Risk and Compliance Reports used to Validate SOX Compliant IT Infrastructure
The need for Internal Controls Documentation Issues Sections
Understand how to identify, mitigate and control risks effectively 302, 404, 906: The three certi cations
Approaches to risk assessment Sections 302, 404, 906: Examples and case studies
Qualitative, quantitative Managements Responsibilities
Integrating risk management into corporate governance and Committees and Teams
compliance Project Team Section 404
Disclosure Committee
Audit Committee
PART B: Report to the Board of Directors
Control De ciency
THE FRAMEWORKS De ciency in Design
Internal Controls - COSO The Internal Control Integrated De ciency in Operation
Framework by the COSO committee Using the COSO framework Signi cant De ciency
effectively Material Weakness
The Control Environment Is it a De ciency, or a Material Weakness?
Risk Assessment Reporting Weaknesses and De ciencies
Control Activities Examples
Information and Communication Case Studies
Monitoring Public Disclosure Requirements
Effectiveness and Ef ciency of Operations Real Time Disclosures on a rapid and current basis?
Reliability of Financial Reporting Whistleblower protection
Compliance with applicable laws and regulations Rulemaking process
IT Controls Companies Affected
Program Development and Program Change International companies
Deterrent, Preventive, Detective, Corrective Controls Foreign Private Issuers (FPIs)
Recovery, Compensating, Monitoring and Disclosure Controls American Depository Receipts (ADRs)
Layers of overlapping controls Employees Affected
COSO Enterprise Risk Management (ERM) Framework Effective Dates
Is COSO ERM needed for compliance?
COSO and COSO ERM
Internal Environment PART D:
Objective Setting
BASEL II / BASEL III
Event Identi cation
The Basel Capital Accords
Risk Assessment Realigning the regulation with the economic realities of the global
Risk Response banking markets
Control Activities New capital adequacy framework replaces the 1988 Accord
Information and Communication Improving risk and asset management to avoid nancial disasters
Monitoring Suf cient assets to offset risks
The two cubes The technical challenges for both banks and supervisors
Objectives: Strategic, Operations, Reporting, Compliance How much capital is necessary to serve as a suf cient buffer?
ERM Application Techniques The three-pillar regulatory structure
Core team preparedness Purposes of Basel
Implementation plan Pillar 1: Minimum capital requirements
Likelihood Credit Risk 3 approaches
Impact The standardized approach to credit risk
COBIT - the framework that focuses on IT Claims on sovereigns
Is COBIT needed for compliance? Claims on banks
COSO or COBIT? Claims on corporates
Corporate governance or nancial reporting? The two internal ratings-based (IRB) approaches to credit risk
Executive Summary
Some de nitions:
Management Guidelines
International Association of Risk and Compliance Professionals (IARCP)
1200 G Street NW Suite 800, Washington DC 20005, USA
Web: www.risk-compliance-association.com

PD - The probability of default, The key areas where the Basel Committee believes the greatest focus
LGD - The loss given default, is necessary
EAD - Exposure at default, 1. Board practices
M Maturity 2. Senior management
3. Risk management and internal controls
5 classes of assets 4. Compensation
Pillar 2: Supervisory review Key principles 5. Complex or opaque corporate structures
Aspects and issues of the supervisory review process 6. Disclosure and transparency
Pillar 3: Market discipline Sound Practices for the Management and Supervision of Operational
Disclosure requirements Risk
Qualitative and Quantitative disclosures The 9 principles
Guiding principles
Employees Affected
PART E:
Effective Dates
DESIGNING AND IMPLEMENTING A RISK
Operational Risk AND COMPLIANCE PROGRAM
What is operational risk Designing an Implementing an enterprise wide Risk and Compliance
Legal risk Program
Information Technology operational risk Designing an Internal Compliance System
Operational, operations and operating risk Compliance programs that withstand scrutiny
The evolving importance of operational risk How to optimize organizational structure for compliance
Quanti cation of operational risk Documentation
Loss categories and business lines Testing
Operational risk measurement methodologies Training
Identi cation of operational risk Ongoing compliance with laws and regulations
Operational Risk Approaches Compliance Monitoring
Basic Indicator Approach (BIA) The company and other stakeholders
Standardized Approach (SA) Managing the regulators and change in regulations
Alternative Standardized Approach (ASA) International and national regulatory requirements
Advanced Measurement Approaches (AMA) Regulatory compliance in Europe
Internal Measurement Approach (IMA) Regulatory compliance in the USA
Loss Distribution (LD) What is different
Standard Normal Distribution The GCC countries
Fat Tails in the normal distribution The Caribbean
Expected loss (EL), Unexpected Loss (UL) The Paci c Rim
Value-at Risk (VaR) Common elements and differences of compliance projects
Calculating Value-at Risk New standards
Stress Testing Disclosure issues
Stress testing and Basel (AMA) Multinational companies and compliance challenges
Advantages / Disadvantages
Operational Risk Measurement Issues
The game theory
The prisoners dilemma and the connection with operational risk
management
Operational risk management
Operational Risk Management Of ce
Key functions of Operational Risk Management Of ce
Key functions of Operational Risk Managers
Key functions of Department Heads
Internal and external audit
Operational risk sound practices
Operational risk mitigation
Insurance to mitigate operational risk
Basel II and other regulations
Capital Requirements Directive (CRD)
Markets in Financial Instruments Directive (MiFID)
What is the impact of MiFID to EU and non EU banks?
Aligning Basel II operational risk and Sarbanes-Oxley 404 projects
Common elements and differences of compliance projects
New standards
Disclosure issues
Multinational companies and compliance challenges

What is Basel III?

The Basel III papers
International Association of
Was Basel II responsible for the market crisis? Risk and Compliance Professionals
Introduction to the Basel III Amendments
The Financial Stability Board (FSB), the G20 and the Basel (IARCP)
III
framework
1200 G Street NW Suite 800,
The New Basel III Principles for risk management and corporate Washington DC 20005, USA
governance
Web: www.risk-compliance-association.com