(a)

the strategies and processes to manage those risks;

(b)

the structure and organisation of the relevant risk management function including information on its authority and statute, or other appropriate arrangements;

(c)

the scope and nature of risk reporting and measurement systems;

(d)

the policies for hedging and mitigating risk, and the strategies and processes for monitoring the continuing effectiveness of hedges and mitigants;

(e)

a declaration approved by the management body on the adequacy of risk management arrangements of the institution providing assurance that the risk management systems put in place are adequate with regard to the institution's profile and strategy;

(f)

a concise risk statement approved by the management body succinctly describing the institution's overall risk profile associated with the business strategy. This statement shall include key ratios and figures providing external stakeholders with a comprehensive view of the institution's management of risk, including how the risk profile of the institution interacts with the risk tolerance set by the management body.

(a)

the number of directorships held by members of the management body;

(b)

the recruitment policy for the selection of members of the management body and their actual knowledge, skills and expertise;

(c)

the policy on diversity with regard to selection of members of the management body, its objectives and any relevant targets set out in that policy, and the extent to which these objectives and targets have been achieved;

(d)

whether or not the institution has set up a separate risk committee and the number of times the risk committee has met;

(e)

the description of the information flow on risk to the management body.