Risk Horizon
Live

Intelligence generated by AI from public regulatory sources. Not investment or regulatory advice. Verify before relying on any output.

Governance
Quarterlyv1Updated 9 May 2026

Quarterly Board Risk Committee Pack — Enterprise Risk & Emerging Threats

This quarterly Board Risk Committee (BRC) pack provides non-executive directors with a consolidated view of enterprise-wide risk exposures, emerging regulatory developments, and forward-looking scenario analysis. The cadence aligns with PRA SS5/16 expectations on board risk oversight and the FRC UK Corporate Governance Code requirement for boards to carry out a robust assessment of principal and emerging risks at least quarterly. The pack is designed to enable the BRC to challenge executive management on risk appetite adherence, review the effectiveness of the risk management framework, and approve material changes to risk policies. Particular emphasis is placed on cross-cutting themes — AI model governance, operational resilience under DORA and PS6/21, climate-related financial risk following the PRA Biennial Exploratory Scenario, and the evolving regulatory perimeter for digital assets. The committee is expected to evidence its challenge through minuted debate and to escalate matters to the full Board where risk appetite breaches or strategic implications arise. Regulatory expectations under PRA SS5/21 on model risk management and the SMCR accountability regime require the BRC to demonstrate active, informed oversight rather than passive review.

CommitteeBoard Risk Committee

8

Required Materials

6

Key Questions

4

Related Themes

Required Materials(8)
  • Board Risk Dashboard
  • Risk Appetite Statement Update
  • Emerging Risks Horizon Scan
  • Top & Emerging Risks Heatmap
  • Model Risk Inventory Summary
  • Operational Resilience Self-Assessment
  • Climate Risk Exposure Report
  • Regulatory Change Log
Key Questions(6)
  • Are we operating within Board-approved risk appetite across all principal risk categories, and where are we trending toward amber or red thresholds?
  • How has the risk profile shifted since last quarter, and which emerging risks warrant elevation to principal risk status?
  • Are our AI and credit decisioning models compliant with PRA SS1/23 expectations, and can we evidence explainability to supervisors?
  • What is our exposure to ICT third-party concentration risk, and have we tested our ability to exit a critical provider within agreed impact tolerances?
  • Do the latest climate scenario results suggest we need to recalibrate sector-level concentration limits or capital allocation?
  • Where executive management's view of residual risk diverges from the second-line opinion, what is the basis for the difference and how is it resolved?
Related Themes(4)
crystallisingAI Model Risk & Explainability
establishedOperational Resilience & Critical Third Parties
establishedClimate-Related Financial Risk
emergingDigital Asset Regulatory Convergence
Related Signals(4)
highPRA Supervisory Statement SS1/23 — Model Risk Management Principles for Banks
highPRA/FCA Policy Statement PS6/21 — Building Operational Resilience
highPRA Biennial Exploratory Scenario — Climate Risk Results 2025
elevatedFSB High-Level Recommendations for the Regulation of Crypto-Asset Activities
Related Intelligence Packs(1)
Medium TermECBPRA

AI Model Governance Failure in Credit Decisioning