Reporting institutions must organize their permanent control system in such a way as to ensure that they have systems in place for regular and permanent control at the level of the operating units in order to guarantee the regularity, security and validation of the operations carried out and compliance with other requirements for monitoring the risks of all kinds associated with the operations.
The permanent control system must ensure that;
- The specific risk analysis has been carried out rigorously;
- That the procedures for measuring, setting limits on and controlling the risks incurred are adequate;
- That, where necessary, the procedures in place have been adapted;
- That risk monitoring is in place, together with sufficient resources for its implementation.
Ongoing control of the compliance, security and validation of the transactions carried out and compliance with the other due diligence procedures associated with the tasks of the risk management function is ensured, using a range of appropriate resources, by:
- Some staff, in central and local departments, dedicated exclusively to this function,
- Other staff carrying out operational activities.