ASK MAT: My firm has just opened in Guernsey. Can you tell me about the GFSC’s approach to risk management?

• The Guernsey Financial Services Commission [GFSC] uses.
• A risk-based approach to supervising licensees,
• Which is underpinned by a system known as PRISM (Probability Risk and Impact System).
• PRISM is a structured system that enables the GFSC to focus its finite supervisory resources on high-value, forward-looking supervisory activity with a strong emphasis on the business models and governance of the most significant licensees in Bailiwick.
• READ HERE –
• https://www.gfsc.gg/sites/default/files/uploads/13553%20GFSC%20RISK%20BASED%20SUPERVISION%20BROCHURE%20AW%20%28SINGLE%20PAGE%29.pdf
• https://www.gfsc.gg/sites/default/files/media/helix-file/20241008%20Approach%20to%20risk%20based%20supervision%20-%20a%20refresher%20slides_0.pdf
• OTHER LINKS AT THE END OF THIS POST

The Guernsey Financial Services Commission (GFSC) employs a risk-based approach to supervising regulated entities.

1. As noted above, the GFSC RISK approach is underpinned by a system known as PRISM (Probability Risk and Impact System), which helps the GFSC focus its supervisory resources on high-value, forward-looking activities.
1. The Central Bank of Ireland originally developed it, which the GFSC later adopted for its risk-based supervision framework.

SOURCE https://www.gfsc.gg/sites/default/files/20160208%20Risk%20Based%20Supervision%20in%20Guernsey_2.pdf

1. PRISM enables the GFSC to prioritise its efforts on the business models and governance of the most significant licensees in Bailiwick.
2. The system requires supervisors to challenge, make judgments, and mitigate unacceptable risks, whether prudential, financial crime or conduct-related.

Here are some key aspects of the PRISM system:

1. Risk-Based Supervision:
1. PRISM allows the GFSC to prioritise its supervisory efforts based on each regulated entity's risk profile.

1. 2. Entities posing higher risks receive more intensive supervision, while those with lower risks are monitored less frequently.
2. Impact and Probability Assessment:

1. 1. The system assesses the impact and the probability of potential risks. Impact refers to the possible consequences of a risk event, while probability measures the likelihood of that event occurring.

3.Proactive Risk Management:

1. 1. PRISM encourages a proactive approach to risk management. Supervisors use the system to identify and address potential issues before they escalate into significant problems.

4. Comprehensive Coverage:

1. 1. The system covers a wide range of risks, including prudential risks (financial stability), conduct risks (customer treatment), and financial crime risks (money laundering and terrorist financing).

5. National Risk Assessments (NRAs):

1. 1. As part of its risk management strategy, the GFSC conducts NRAs to understand and mitigate risks related to money laundering, terrorist financing, and the financing of proliferation of weapons of mass destruction.

2. These assessments help the GFSC and other authorities in Guernsey to better mitigate these risks.

Here are some key aspects of how PRISM handles this assessment:

1. Data Collection and Analysis:

1. PRISM collects extensive data from regulated firms [see yellow boxes in the engagement diagram below], including financial statements, operational reports, and compliance records.

2. This data is analysed to identify patterns and trends indicating potential risks.

2. Risk Categories:

1. PRISM considers risk categories: strategic, capital, liquidity, credit, insurance, governance, conduct, environmental, market, operational, and financial crime risks.

https://www.localinstitutes.cii.co.uk/media/17302/20200122-iig-presentation-by-the-gfsc.pdf

2. Each category is assessed for its probability of occurrence based on historical data and current conditions.

3. Scoring System:

1. The system uses a scoring mechanism to quantify the probability of different risks.
2. This involves assigning scores to various risk factors, which are then aggregated to produce an overall risk probability score for each firm.

4. Expert Judgment:

1. Supervisors interpret the data and scores using their expertise and judgment.
2. They consider quantitative and qualitative factors, such as the firm’s management quality, market conditions, and regulatory environment.

5. Regular Updates:

1. The risk probability assessments are regularly updated to reflect changes in the firm’s operations, market conditions, and regulatory landscape.
2. This ensures that the assessments remain current and relevant.

By combining these elements, PRISM provides a comprehensive and dynamic assessment of risk probability, helping the GFSC effectively prioritise its supervisory efforts.

Source:

1. Regulatory Framework - GFSC. https://www.gfsc.gg/commission/regulatory-framework.
2. National Risk Assessment (ML/TF/PF) - GFSC. https://www.gfsc.gg/commission/financial-crime/national-risk-assessment.
3. Risk-Based Supervision in Guernsey - GFSC. https://www.gfsc.gg/sites/default/files/20160208%20Risk%20Based%20Supervision%20in%20Guernsey.pdf.
4. Preparing for PRISM. https://www.resolvepartners.net/content/uploads/PreparingforPRISMFeb2015.pdf.
5. PRISM | Central Bank of Ireland. https://www.centralbank.ie/regulation/how-we-regulate/supervision/prism.
6. Preparing for PRISM. https://www.resolvepartners.net/content/uploads/PreparingforPRISMFeb2015.pdf.
7. https://www.localinstitutes.cii.co.uk/media/17302/20200122-iig-presentation-by-the-gfsc.pdf
8. https://www.gfsc.gg/sites/default/files/20160208%20Risk%20Based%20Supervision%20in%20Guernsey_2.pdf
9. https://www.gfsc.gg/sites/default/files/uploads/13553%20GFSC%20RISK%20BASED%20SUPERVISION%20BROCHURE%20AW%20%28SINGLE%20PAGE%29.pdf
10. https://www.gfsc.gg/sites/default/files/media/helix-file/20241008%20Approach%20to%20risk%20based%20supervision%20-%20a%20refresher%20slides_0.pdf