Basic Principles


The CBCG’s operational risk management policy encourages effectiveness, efficiency and transparency principles. It relies on confidentiality, responsibility, awareness and risk culture as integral elements of the risk management process.


  • Effectiveness: providing a systematic and structured approach following best practices; using operational risk tolerance policy as a common reference point while ensuring sufficient flexibility when implemented in a diverse and changing environment.


  • Efficiency: risk management process optimisation in practice; synergy and avoiding effort duplication; encouraging the implementation of cost-benefit analysis following the operational risks tolerance policy; rational use of resources proportional to the risks to be treated.


  • Transparency: exchanging information between relevant stakeholders on incidents and timely warning of possible risk events.


  • Confidentiality: without questioning the transparency principle, the information owner must harmonise all collected information with the appropriate classification of confidentiality that all recipients must respect.


  • Accountability: clearly assigning roles and responsibilities in the risk management process, including risk acceptance, which are appropriately communicated to employees.


  • Risk awareness and culture: informing all interested parties about their responsibilities in the risk management process, promoting integrity and ethical business behaviour, and raising awareness of the operational risk importance.