What It Is

ISO 31000:2018, Risk management — Guidelines is a non-certifiable international standard providing principles-based guidance for systematic risk management. Its primary purpose is to help organizations of any size or sector manage uncertainty affecting objectives through a flexible framework and process.

Key Components

• Three pillars: eight principles (e.g., integrated, customized, dynamic), framework (leadership, integration, design, implementation, evaluation, improvement), and six-step process (communication, scope/context/criteria, assessment, treatment, monitoring/review, recording/reporting).
• Built on PDCA cycle; no fixed controls.
• Guidelines only, no certification model.

Why Organizations Use It

• Enhances decision-making, value creation/protection, resilience.
• Meets governance needs, builds stakeholder trust.
• Supports strategy, operations; aligns with regulations indirectly.

Implementation Overview

• Phased approach: leadership commitment, gap analysis, pilot, rollout, monitoring.
• Tailored to context; involves policy, training, tools like risk registers.
• Applicable universally; internal audits for assurance.

What It Is

Basel III is the international regulatory framework issued by the Basel Committee on Banking Supervision (BCBS) post-global financial crisis. It establishes prudential standards for banks, focusing on enhancing capital quality, constraining leverage, and ensuring liquidity resilience. The risk-based approach integrates minimum ratios, buffers, and non-risk metrics like leverage and liquidity standards.

Key Components

• **Three PillarsPillar 1 (capital ratios: CET1 4.5%, Tier 1 6%, Total 8%; leverage 3%; LCR/NSFR 100%), Pillar 2 (supervisory review/ICAAP), Pillar 3 (disclosures).
• Capital buffers (conservation 2.5%, countercyclical, G-SIB/D-SIB).
• RWA calculations with output floor (72.5% of standardized) and revised risk approaches.
• National implementation without central certification.

Why Organizations Use It

Banks implement for mandatory jurisdictional compliance, reducing systemic risk, improving funding costs, and boosting investor confidence. It enables better balance-sheet management, limits model arbitrage, and provides competitive resilience.

Implementation Overview

Phased enterprise program: governance setup, gap analysis, data/IT builds, model validation, training. Targets internationally active banks globally; involves ongoing supervisory reporting and audits.