10.1.1The ultimate responsibility for the formulation and implementation of an effective risk management framework lies with the Board of Directors (or with the Owner/Partners where there is no Board of Directors);
10.1.2The Licensed Person must maintain a Risk Management Policy approved by the Board of Directors (or by the Owner/Partners where there is no Board of Directors);
10.1.3The Licensed Person must designate a Risk Officer who must be given the overall responsibility of the risk management function;
10.1.4Depending on the nature, size and complexity of the business, the Licensed Person may appoint a dedicated Risk Officer or combine this role with another suitable function subject to the conditions under Paragraphs 7.2.4 (a) of Chapter 7, 16.4.7 (a) and 16.5.1 (g) of Chapter 16; and
10.1.5The Risk Management Policy must be reviewed annually and updated if necessary.