The risk committee shall advise the management body on the institution's overall current and future risk appetite and strategy and assist the management body in overseeing the implementation of that strategy by senior management. The management body shall retain overall responsibility for risks.
The risk committee shall review whether prices of liabilities and assets offered to clients take fully into account the institution's business model and risk strategy. Where prices do not properly reflect risks in accordance with the business model and risk strategy, the risk committee shall present a remedy plan to the management body.
Competent authorities may allow an institution which is not considered significant as referred to in the first subparagraph to combine the risk committee with the audit committee as referred to in Article 41 of Directive 2006/43/EC. Members of the combined committee shall have the knowledge, skills and expertise required for the risk committee and for the audit committee.
The management body in its supervisory function and, where one has been established, the risk committee shall determine the nature, the amount, the format, and the frequency of the information on risk which it is to receive. In order to assist in the establishment of sound remuneration policies and practices, the risk committee shall, without prejudice to the tasks of the remuneration committee, examine whether incentives provided by the remuneration system take into consideration risk, capital, liquidity and the likelihood and timing of earnings.
Member States shall ensure that the risk management function ensures that all material risks are identified, measured and properly reported. They shall ensure that the risk management function is actively involved in elaborating the institution's risk strategy and in all material risk management decisions and that it can deliver a complete view of the whole range of risks of the institution.
Where necessary, Member States shall ensure that the risk management function can report directly to the management body in its supervisory function, independent from senior management, and can raise concerns and warn that body, where appropriate, where specific risk developments affect or may affect the institution, without prejudice to the responsibilities of the management body in its supervisory and/or managerial functions pursuant to this Directive and Regulation (EU) No 575/2013.
The head of the risk management function shall be an independent senior manager with distinct responsibility for the risk management function. Where the nature, scale and complexity of the activities of the institution do not justify a specially appointed person, another senior person within the institution may fulfil that function, provided there is no conflict of interest.
The head of the risk management function shall not be removed without prior approval of the management body in its supervisory function and shall be able to have direct access to the management body in its supervisory function where necessary.
( 1 ) Directive 2014/59/EU of the European Parliament and of the Council of 15 May 2014 establishing a framework for the recovery and resolution of credit institutions and investment firms and amending Council Directive 82/891/EEC, and Directives 2001/24/EC, 2002/47/EC, 2004/25/EC, 2005/56/EC, 2007/36/EC, 2011/35/EU, 2012/30/EU and 2013/36/EU, and Regulations (EU) No 1093/2010 and (EU) No 648/2012, of the European Parliament and of the Council (OJ L 173, 12.6.2014, p. 190).
( 2 ) OJ L 390, 31.12.2004, p. 38.
( 3 ) Regulation (EU) No 1094/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Insurance and Occupational Pensions Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/79/EC (OJ L 331, 15.12.2010, p. 48).
( 4 ) Regulation (EU) No 600/2014 of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Regulation (EU) No 648/2012 (OJ L 173, 12.6.2014, p. 84).
( 5 ) OJ L 309, 25.11.2005, p. 15.
( 6 ) Regulation (EU) No 1095/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Securities and Markets Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/77/EC (OJ L 331, 15.12.2010, p. 84).
( 7 ) Regulation (EU) 2019/2033 of the European Parliament and of the Council of 27 November 2019 on the prudential requirements of investment firms and amending Regulations (EU) No 1093/2010, (EU) No 575/2013, (EU) No 600/2014 and (EU) No 806/2014 (OJ L 314, 5.12.2019, p. 1).
( 8 ) Directive (EU) 2019/2034 of the European Parliament and of the Council of 27 November 2019 on the prudential supervision of investment firms and amending Directives 2002/87/EC, 2009/65/EC, 2011/61/EU, 2013/36/EU, 2014/59/EU and 2014/65/EU (OJ L 314, 5.12.2019, p. 64).
( 9 ) Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (OJ L 141, 5.6.2015, p. 73).
( 10 ) OJ L 331, 15.12.2010, p. 48.
( 11 ) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).
( 12 ) OJ L 157, 9.6.2006, p. 87.
( 13 ) OJ L 222, 14.8.1978, p. 11.
( 14 ) OJ L 193, 18.7.1983, p. 1.
( 15 ) OJ L 120, 15.5.2009, p. 22.
( 16 ) Commission Directive 2006/73/EC of 10 August 2006 implementing Directive 2004/39/EC of the European Parliament and of the Council as regards organisational requirements and operating conditions for investment firms and defined terms for the purposes of that Directive (OJ L 241, 2.9.2006, p. 26).
( 17 ) Directive (EU) 2018/843 of the European Parliament and of the Council of 30 May 2018 amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, and amending Directives 2009/138/EC and 2013/36/EU (OJ L 156, 19.6.2018, p. 43).
( 18 ) Regulation (EU) 2017/2402 of the European Parliament and of the Council of 12 December 2017 laying down a general framework for securitisation and creating a specific framework for simple, transparent and standardised securitisation, and amending Directives 2009/65/EC, 2009/138/EC and 2011/61/EU and Regulations (EC) No 1060/2009 and (EU) No 648/2012 (OJ L 347, 28.12.2017, p. 35).
( 19 ) Regulation (EU) No 806/2014 of the European Parliament and of the Council of 15 July 2014 establishing uniform rules and a uniform procedure for the resolution of credit institutions and certain investment firms in the framework of a Single Resolution Mechanism and a Single Resolution Fund and amending Regulation (EU) No 1093/2010 (OJ L 225, 30.7.2014, p. 1).
( 20 ) Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market and amending Directives 2002/65/EC, 2009/110/EC, 2013/36/EU and Regulation (EU) No 1093/2010 and repealing Directive 2007/64/EC (OJ L 337, 23.12.2015, p. 35).