Updated : 01 Aug 2021

Head: Mr Richard WISE

The Risk Management & Compliance Division consists of the following functions:

Group Risk Management

The Group Risk Management Department is responsible for the development, implementation and maintenance of the HKEX Group risk management framework, policy and standards and also ensures the alignment, integration and consistency of risk management across HKEX Group companies. It consists of the following functions:

Financial Risk Management
Financial Risk Management is responsible for the development and management of the financial risk management framework across the HKEX Group. The scope of work includes, but is not limited to, the development and management of the financial risk framework to assess HKEX clearing members, investment counterparties and related sovereigns, and subsequently conducts financial risk assessment on these entities to ensure policy standards and defined risk appetite are met.
Financial Risk Management is also responsible for ensuring an appropriate and consistent Default Management Process (DMP) to handle the default of clearing counterparties for Hong Kong clearing houses and facilitating the default management functions on any business and risk initiatives.

Quantitative Risk Management
Quantitative Risk Management is responsible for providing governance to the 1st line financial risk teams across all HKEX group clearing houses on initiatives such as new product/service launch, methodology changes and model parameter reviews. The team is also asked with the model validation exercise for the group to ensure its ongoing adherence to all the relevant regulations, policies and group risk appetite.

Quantitative Risk Management is also responsible for leading the efforts in new risk management initiatives such as policy/risk appetite reviews, group level financial risk data management and risk reporting and other group risk management related projects for continued enhancements of its risk management capabilities.

Technology Risk Management
Technology Risk Management is responsible for the Group’s information security framework and policies, and undertake independent oversight of 1st line functions.

Enterprise Risk Management
Enterprise Risk Management consists of the following teams:
1. The Business Continuity Management team is responsible for developing and enhancing HKEX’s resiliency and recovery capability in response to operational service interruptions. This includes partnering with business lines to undertake business impact analysis, incident response preparations, business continuity planning and ensuring drills are periodically scheduled and conducted to test these capabilities.
2. The Enterprise Risk Management team is responsible for the implementation and embedment of the Group risk management framework and culture across the organization. Also it coordinates Group wide risk management initiatives with effort split between risk framework development, risk assurance reviews and project risk advisory.
3. The Risk Governance team is responsible for the administration of the various executive, regulatory and Board level risk committees. Activities include agenda development, attendance coordination and resolution recording. Oversight of the enterprise risk framework, coordination of risk awareness activities and preparation of key enterprise risk reports are also conducted.

Regulatory Compliance

Regulatory Compliance seeks to ensure that HKEX and its regulated affiliates (other than LME and LME Clear) have adequate procedures to comply with their regulatory obligations under legislation and memoranda of understanding with regulators. Among other responsibilities, Regulatory Compliance provides an assessment of the adequacy of such procedures that is independent of HKEX business lines and leads or facilitates the self-assessments and on-site reviews performed at the request of HKEX regulators. Regulatory Compliance also develops, maintains and monitors internal compliance policies pertaining to staff ethics/code of conduct.