Contact@esgweise.com | +971585075373

Credit Risk & Internal Control
A robust internal control framework translates credit-risk policy into repeatable practice. This page summarises the governance, controls and reporting capabilities required to manage credit risk, support IFRS 9 ECL provisioning and ensure ICAAP stress-testing outputs are auditable and regulator-ready. The framework is aligned with the CBUAE Credit Risk Management Standard and GCC supervisory expectations.
Why this matters
Strong controls reduce model, data and reporting risk and demonstrate preparedness to supervisors, auditors and stakeholders. A clear framework ensures that provisioning, staging (SICR), model changes and stress-testing are governed, documented and traceable — helping to protect capital, financial statement integrity and stakeholder confidence.
At a glance — what the framework covers
-
Governance & responsibilities (Board → Risk Committee → Senior Management → Model Owners)
-
Policy pillars: risk appetite, underwriting/delegation, SICR/staging, restructuring and provisioning
-
Controls: data lineage, reconciliations, model versioning and validation
-
Reporting & disclosure: board packs, regulatory annexes and audit trails
-
Deliverables: policy documents, validation reports, reconciliation logs and remediation trackers
Diagnostic→ Policy drafting & RACI → Controls & automation → Validation & scenario alignment → Embed & monitor
Governance & responsibilities
Board & Risk Committee
Senior Management
Core functions and accountabilities
-
Programme Lead
-
Model Owners
-
Validation / Internal Audit
-
Data & IT
-
Business Owners
Core policy components
-
Risk appetite & limit architecture
-
Underwriting & delegation
-
SICR / Staging rules
-
Restructuring policy
-
Provisioning & classification
-
Collateral management
Control mechanisms — practical checks
Data & system controls
Model & analytics controls
Process & operational controls
IT & security controls
