201. To achieve a comprehensive understanding of the institution's credit risk profile, competent authorities should also review the governance and risk management framework underlying its credit activities. To this end, competent authorities should assess:
a. the credit risk strategy and appetite;
b. the organisational framework;
c. policies and procedures;
d. risk identification, measurement, management, monitoring and reporting; and e. the internal control framework.
Credit risk strategy and appetite
202. Competent authorities should assess whether the institution has a sound, clearly formulated and documented credit risk strategy, approved by the management body. For this assessment, competent authorities should take into account:
a. whether the management body clearly expresses the credit risk strategy and appetite, as well as the process for their review;
b. whether senior management properly implements and monitors the credit risk strategy approved by the management body, ensuri
…