On 10 September 2024, the Prudential Regulation Authority (PRA) published a letter to Chief Risk Officers to share the thematic findings of a review, in which it asked the Internal Audit (IA) function of a selection of UK deposit taker (UKDT) non-systemic banks and building societies to undertake a review of their Credit Risk Management Framework (CRMF).
Background
The review was designed to provide assurance (both to the firms’ boards and the PRA) on the overall effectiveness of the control framework and in the specific areas of focus, which were the governance and control environment over credit and affordability assessments, approval processes and portfolio management.
The IA functions were asked to determine if current controls and practices are sufficient to mitigate the risks associated with these key areas of credit risk management. The PRA selected 33 UKDT non-systemic banks and building societies to take part in this exercise and to submit the IA report by 30 September 2023.
…