LogoRegulatory Alerts
2006-04-19

Decision on Risk Control Rules in Operations of the Voluntary Pension Fund Management Company and Voluntary Pension Fund

The Governor of the National Bank of Serbia issued this Decision to mandate risk identification, measurement, and control procedures for voluntary pension fund management companies and funds. The regulation requires companies to establish comprehensive risk management systems addressing market, operational, liquidity, and regulatory compliance risks, including specific quantitative limits and internal control structures. These rules define the responsibilities of competent bodies and management to ensure continuous monitoring, ethical standards, and adequate capitalization to protect fund assets and financial stability.

National Bank of Serbia logo

Serbia

National Bank of Serbia

Click to view thumbnail

RS Official Gazette, No. 27/2006 Pursuant to Article 68, paragraph 3 of the Law on Voluntary Pension Funds and Pension Schemes (ìRS Official Gazetteî, No. 85/2005), Governor of the National Bank of Serbia hereby issues the following DECISION ON RISK CONTROL RULES IN OPERATIONS OF THE VOLUNTARY PENSION FUND MANAGEMENT COMPANY AND VOLUNTARY PENSION FUND

  1. This Decision shall govern the rules of identification, measuring and control of risks that occur in operations of the voluntary pension fund management company (hereinafter: the fund management company) and the voluntary pension fund (hereinafter: the fund), and the management of these risks. For the purposes hereof, risks in operations of the fund management company, or the fund, shall represent the possibility of the occurrence of negative effects on the business and financial standing of the company, or the fund.
  2. The fund management company shall be obliged to establish by its internal acts the system of management of all risks that arise from its operations which shall provide for their effective identification, measuring and control, as well as management of these risks (hereinafter: risk control), and especially: market risk, operational risk, liquidity risk and risk of harmonization of operations with regulations. The risk management system referred to in paragraph 1 hereof (hereinafter: the risk management system) shall imply: the establishment of one or more organizational units in the fund management company whose scope of activities shall include risk control; the establishment of risk control procedures; the regulation of the internal control system.

The risk management system must be harmonized with rules of the profession, good business customs and business ethics. 3. For the purposes hereof, market risk shall represent the possibility of the occurrence of negative effects on the value of fund assets, due to changes in the market, and it shall include particularly the following risks: risk of change of interest rates, risk of change of securities prices, risk of change of real estate prices, and currency risk.

2 Procedures whereby the fund management company controls market risk shall include the qualitative and quantitative manner of risk control. The qualitative manner of market risk control shall particularly include procedures whereby the manner of control of system risks to which fund assets are exposed is determined, the manner of control of risk of some investments, the manner of verification of parameters of risk control, and procedures whereby database important for market risk control is formed. The quantitative manner of market risk control shall particularly include daily calculation of value at risk, which implies the greatest decrease in the value of fund assets in the 99% confidence interval. The value at risk shall also be expressed as the percentage of the value of fund assets. Data with regard to which the value at risk is calculated must cover the period of at least one year. 4. For the purposes hereof, operational risk shall represent the possibility of the occurrence of negative effects on the business and financial position of the fund management company or the fund, due to omissions in the work of employees, inappropriate internal procedures and processes, inadequate management of the information system and other systems, and due to unforeseen external events. Procedures whereby the fund management company controls operational risk shall include the qualitative and quantitative manner of risk control. The qualitative manner of operational risk control shall particularly include the procedures whereby the subject of control of this risk is more closely determined; the strategy of keeping data necessary for unhindered operations of the fund management company is established; adequate information system is established; the manner of estimate of the size of risk is determined; business flows that are especially jeopardized by this risk are determined; the manner of risk control by certain business flows is established; the database important for risk control is formed; the manner of verifying the parameters of the control of this risk is established. The quantitative manner of operational risk control shall include the formation of reserving for this risk on the burden of expenditures of the fund management company, determined on the basis of the estimate of the size of the risk, but which may not stand below 0.1% nor above 1% of the value of net assets of the fund managed by the company. The information system referred to in paragraph 1 hereof shall imply the established information flow which enables the acquisition of comprehensive, true and timely data that meet the needs of different aspects

3 of operations and which must be available to bodies of the fund management company and its employees, in line with its scope of activities or responsibilities. The right of entry and modification of these data must be clearly determined for particular persons, and responsibilities of these persons must be determined in line with activities that they perform or the function they discharge. 5. For the purposes hereof, liquidity risk shall represent the possibility of the occurrence of negative effects on the capacity of the fund management company to meet its due obligations. Risk control procedures shall particularly govern the obligation of the fund management company to constantly dispose with the sufficient amount of liquid funds, for the purpose of securing this risk in its operations. 6. For the purposes hereof, the risk of harmonization of operations with regulations shall represent the possibility of the occurrence of negative effects on the position of the fund management company due to the failure to abide by regulations, particularly regulations that govern the level of capital of this company, and/or the prevention of money laundering. Risk control procedures shall mandatorily include the estimate of this risk due to the failure to abide by requirements related to the level of capital of the fund management company, which is especially performed by the estimate of balance sheet assets, potential losses and availability of additional capital of the company, and they shall also include the recognition and prevention of money laundering. Procedures for money laundering recognition and prevention shall particularly imply the establishment of rules of conduct of employees regarding money laundering recognition and prevention in operations of the fund management company or the fund, in line with operations that these employees perform and the function they discharge, as well as the regulation of the procedure of reporting to the competent body the transactions with regard to which there are reasons for suspicion that money laundering has taken place, i.e. the regulation of the procedure of denouncing persons who perform these transactions, in line with regulations that govern money laundering prevention. 7. The fund management company shall be obliged to regulate the procedures for providing interested persons with access to information that provide insight into operations of this company or the fund ñ in the manner that does not damage business interests of this company.

4 On the occasion of concluding the contract on fund membership, the fund management company shall be obliged to provide interested persons with all information important for adopting the decision on membership. 8. The fund management company shall be obliged to regulate the internal control system which contains procedures, actions and activities that provide for continuous risk control in operations of this company or the fund, in line with the nature, complexity and risk of operations. The fund management company shall be obliged to check continuously the internal control system and to adapt it or modify it according to planned or modified conditions of operations. The internal control system shall particularly establish the responsibility of competent bodies of the fund management company, management of this company and persons with special competences and responsibilities in the company. The responsibility of competent bodies of the fund management company shall refer to:

  1. establishment and development of adequate and efficient internal control system within their scope of competences, and the control of the implementation of this system;
  2. preparation of rules of operations and periodical verification of the implementation of these rules;
  3. monitoring, analysis and establishment of limits of risk undertaken by this company, and the manner of risk management;
  4. control of operations of persons with special competences and responsibilities;
  5. control of efficiency of use of engaged resources;
  6. supervision of risks that occur in everyday performance of operations;
  7. the fact that all employees are fully and effectively included in the implementation of internal control procedures;
  8. establishment of high ethical and professional standards in the performance of operations;
  9. proposal, preparation and supplements and/or amendments to valid procedures. Responsibility of the management of the fund management company shall refer to the following:
  10. implementation of established acts of business policy of this company;
  11. development of the risk management system;

5 3) proposal, establishment and development of adequate organizational structure of this company, which provides complete and effective participation of all employees in the implementation and development of the internal control system; 4) care of efficient execution of duties and tasks of employees; 5) establishment of procedures and monitoring of their adequacy and efficiency in the elimination of spotted deficiencies; 6) implementation of modifications in business books in line with auditorís recommendations that have been accepted by the competent body. The responsibility referred to in paragraph 4, provisions 6-9 hereof that regard the responsibility of competent bodies in the fund management company shall also regard persons with special competences and responsibilities in the company. The internal control system must provide for comprehensive verification and upgrade of security and efficiency of operations ñ especially by the estimate of accomplished business results, the estimate of adequacy of set aims and the level of their accomplishment, the preparation and implementation of tests that check the capacity of the fund management company to control risks in line with the volume and type of operations that this company performs, as well as by the establishment of opportunity costs arising from inappropriate procedures and methods for the reduction of these costs. The internal control system must provide continuous monitoring of the adequacy of the regulation of this system and efficiency of its implementation, especially by the establishment of the system of timely informing of managers of competent organizational units, and/or management and supervisory bodies, on deficiencies in this system. 9. This Decision shall come into effect on the day following its publication in the ìRS Official Gazetteî, and shall be applied as of April 1, 2006. D. No. 42 Governor March 29, 2006 of the National Bank of Serbia Belgrade Radovan Jelaöić

Share