Risk Officer, Links



Frontier Risk

Emerging Risk

Hybrid Risk

Cognitive Risk

Artificial Superintelligence Risk

AI-Human Hybridization Risk

Political Risk

Geoeconomic Risk

Strategic Risk

Systemic Risk

Climate Risk

Conduct Risk

Reputation Risk

Liquidity Risk

Cyber Risk

Credit Risk

Market Risk

Operational Risk


Advanced Specialization

The Certified Risk and Compliance Management Professional in Hybrid Risk and Resilience Management - CRCMP(HR²M), distance learning and online certification program, is an advanced specialization designed exclusively for Certified Risk and Compliance Management Professionals (CRCMPs).

It builds on the solid foundation of the CRCMP designation and equips participants with cutting-edge knowledge to understand, identify, assess, and effectively manage complex hybrid risks.

The program prepares CRCMPs to strengthen organizational resilience across interconnected domains, including geopolitical and regulatory risk, counterintelligence, and supply chain resilience, while advancing capabilities in hybrid threat psychology, hybrid stress testing, and crisis management, ensuring readiness for an increasingly complex risk landscape.

CRCMP(HR²M)

Learning form important financial reports and presentations


1. Lloyds Banking Group, Financial Reports and Presentations


2. JPMorgan Chase, Financial Reports and Presentations


3. SAP, Financial Reports and Presentations


4. Mitsubishi UFJ Financial Group, Inc., Financial Reports and Presentations


5. The Mercedes-Benz Group AG (former Daimler AG), Financial Reports and Presentations


6. Amazon, Financial Reports and Presentations


7. ExxonMobil, Financial Reports and Presentations


8. CVS Health, Financial Reports and Presentations


9. Alphabet, Financial Reports and Presentations


10. The Volkswagen Group (Volkswagen, Volkswagen Commercial Vehicles, ŠKODA, SEAT, CUPRA, Audi, Lamborghini, Bentley, Porsche and Ducati), Financial Reports and Presentations


11. Microsoft Corp, Financial Reports and Presentations


12. AT&T Inc., Financial Reports and Presentations


13. UnitedHealth Group, Financial Reports and Presentations


14. Samsung Electronics, Financial Reports and Presentations


15. The Allianz Group, Financial Reports and Presentations


16. McKesson Corporation, Financial Reports and Presentations


17. Dell Technologies, Financial Reports and Presentations


18. Philips, Financial Reports and Presentations


19. Berkshire Hathaway Inc., Financial Reports and Presentations


20. Deutsche Telekom, Financial Reports and Presentations


Compliance LLC

Compliance LLC, Business Units

Compliance LLC is a company incorporated in Wilmington, NC, with offices in Washington, DC, a provider of risk and compliance training in fifty-eight countries. Several of its business units are associations, offering a wide range of services to their members, including membership programs, regular updates (weekly or monthly), specialized training, certification, Authorized Certified Trainer (ACT) programs, advocacy, and other professional services.

Some of the business units of Compliance LLC:

Sarbanes Oxley Compliance Professionals Association (SOXCPA)

A. The Sarbanes Oxley Compliance Professionals Association (SOXCPA).

The Sarbanes Oxley Compliance Professionals Association (SOXCPA) is the largest association of Sarbanes Oxley professionals in the world.

https://www.sarbanes-oxley-association.com

Is Sarbanes-Oxley compliance still necessary many years after its enactment?

https://www.sarbanes-oxley-act.com

Basel iii Compliance Professionals Association (BiiiCPA)

B. The Basel ii / Basel iii / Basel iv Associations.

The Basel ii Compliance Professionals Association (BCPA) was the largest association of Basel ii Professionals in the world.

https://www.basel-ii-association.com

Basel II was a groundbreaking step forward in global banking regulation. It introduced a more refined, risk-sensitive framework, enhanced supervisory oversight, and greater transparency through market discipline.

https://www.basel-ii-accord.com

The Basel iii Compliance Professionals Association (BiiiCPA) is the largest association of Basel iii Professionals in the world.

https://www.basel-iii-association.com

The Basel III Accord is a comprehensive set of reforms developed by the Basel Committee to enhance the stability and resilience of the global financial system.

https://www.basel-iii-accord.com

For a Basel IV framework to exist officially, we need a formal announcement from the Basel Committee on Banking Supervision (BCBS), supported by a clear naming convention. As of now, the Committee refers to the post-2017 reforms as the "finalization of Basel III," not as a new framework. Unless the BCBS decides to issue a distinct, standalone set of rules under a new name, Basel IV for example, there will be no official Basel IV framework.

But what would need to happen for “Basel IV” to move from an informal term to an official regulatory framework? What steps would lead to formal recognition?

https://www.basel-4.com

The Basel iv Compliance Professionals Association (BivCPA) is under development, much like Basel IV itself.

https://www.basel-iv-association.com

In the USA, the term 'Basel IV' is not, as of now, an official term recognized by the Federal Reserve, the Office of the Comptroller of the Currency (OCC), or the Federal Deposit Insurance Corporation (FDIC).

Basel IV in the United States | Progress, Challenges, Outlook.

https://basel-iv.us

Solvency ii Association

C. The Solvency ii Association.

The Solvency ii Association is the largest association of Solvency ii Professionals in the world.

https://www.solvency-ii-association.com

There is no official “Solvency III” directive or framework, at least not yet. The term Solvency III is used informally by some industry professionals to describe a set of significant revisions to the Solvency II framework. These reforms, however, are officially considered part of Solvency II.

The Solvency II Association will continue to monitor developments as they unfold and keep you informed of any updates.

https://www.solvency-iii.com/

The Solvency III Association is under development, much like Solvency III itself.

https://www.solvency-iii-association.com

International Association of Risk and Compliance Professionals (IARCP)

D. The International Association of Risk and Compliance Professionals (IARCP).

The Certified Risk and Compliance Management Professional (CRCMP) certificate, from the IARCP, has become one of the most recognized certificates in risk management and compliance. There are CRCMPs in fifty-eight countries. Companies and organizations around the world consider the CRCMP a preferred certificate.

You can find more about the demand for CRCMPs at: https://www.risk-compliance-association.com/CRCMP_Jobs_Careers.pdf


CRCMP

https://www.risk-compliance-association.com


Risk Officers play a crucial role in identifying, assessing, and mitigating risks that could impact an organization’s objectives. They ensure compliance with regulations and promote a strong risk culture across all levels of management.

https://www.risk-officer.com

The Chief Risk Officer (CRO) is responsible for the establishment, implementation, and continuous supervision of the organization’s risk management framework. The CRO ensures that the organization operates within its defined risk appetite, and enhances decision-making, regulatory compliance, and overall resilience.

https://www.chief-risk-officer.com

The Compliance Officer is entrusted with ensuring that the organization conducts its activities in full conformity with applicable laws, regulations, and internal policies.

https://www.compliance-officer.org

The Chief Compliance Officer (CCO) develops and maintains the compliance program, including policies, procedures, and control mechanisms, and conducts compliance risk assessments to identify, evaluate, and mitigate legal, regulatory, and ethical risks.

https://www.chief-compliance-officer.org

Risk management is the process through which an organization identifies, assesses, monitors, and mitigates risks that could adversely affect the achievement of its objectives. Effective risk management ensures that material risks are properly understood, measured, and managed within approved limits.

https://www.risk-management.us

Risk governance is the system of principles, roles, responsibilities, and accountability structures through which an organization’s board and senior management direct and oversee the risk management framework. It defines the decision-making hierarchy, reporting lines, and oversight mechanisms ensuring that risk-taking activities remain aligned with the organization’s strategy, risk appetite, and legal obligations.

https://www.risk-governance.us

International Association of Potential, New and Sitting Members of the Board of Directors (IAMBD)

E. The International Association of Potential, New and Sitting Members of the Board of Directors (IAMBD).

The IAMBD offers independent guidance on rapidly evolving responsibilities, and supports informed decision-making. It assists boards worldwide in addressing hybrid, cyber, and other emerging threats, and in managing the complexities inherent in modern regulatory frameworks, technological advancements, and geopolitical challenges.

https://www.iambd.org


International Association of Hedge Funds Professionals (IAHFP)

F. The International Association of Hedge Funds Professionals (IAHFP).

The IAHFP provides independent, specialized guidance on the evolving regulatory, fiduciary, and risk management obligations governing hedge fund formation, operations, and investment activities. It enhances the ability to identify and address hybrid, cyber, and other emerging threats, and to understand better the strategic implications for hedge fund models, operations, and investment approaches.

https://www.hedge-funds-association.com

Cyber Risk GmbH

Cyber Risk GmbH

Cyber Risk GmbH (Dammstrasse 16, 8810 Horgen, Switzerland, CHE-244.099.341) is a trusted strategic partner delivering tailored services to support the association’s objectives. The company specializes in providing advanced cybersecurity and compliance training, helping organizations navigate and implement complex European, U.S., and international cybersecurity regulations. Cyber Risk GmbH supports professionals in completing online training programs, passing exams, and obtaining Certificates of Completion, which serve as independent verification of their expertise for firms and organizations.

Cyber Risk GmbH carefully monitors the regulatory challenges and opportunities in the EU, and offers online training programs for the NIS 2 Directive (NIS 2), the Digital Operational Resilience Act (DORA), the Critical Entities Resilience Directive (CER), the Digital Services Act (DSA), the Digital Markets Act (DMA), the European Chips Act, the European Data Act, the European Data Governance Act, and the European Artificial Intelligence Act.

Cyber Risk GmbH websites include the following:


a. General, Sectors, Industries.

1. Hybrid Risk

2. Hybrid Risk Management

3. Hybrid Stress Testing

4. Defensive Hybrid Intelligence (DHI)

5. Cognitive Intelligence (COGINT)

6. Legal Intelligence (LEGINT)

7. Algorithmic and AI Intelligence (ALGINT)

8. Synthetic Cognitive Intelligence (SCINT)

9. Hybrid Resilience Initiative (HRI)

10. Cyber Risk GmbH

11. Social Engineering Training

12. Healthcare Cybersecurity

13. Airline Cybersecurity

14. Railway Cybersecurity

15. Maritime Cybersecurity

16. Oil Cybersecurity

17. Electricity Cybersecurity

18. Gas Cybersecurity

19. Hydrogen Cybersecurity

20. Transport Cybersecurity

21. Hotel Cybersecurity

22. Sanctions Risk

23. American Privacy Rights Act of 2024 (APRA)

24. Travel Security

25. Risk management, what is different in Switzerland


b. Understanding Cybersecurity.

1. What is Disinformation?

2. What is Steganography?

3. What is Cyberbiosecurity?

4. What is Synthetic Identity Fraud?

5. What is a Romance Scam?

6. What is Quantum Risk Management?

7. What is Cyber Espionage?

8. What is Sexspionage?


c. Understanding Cybersecurity in the European Union.

1. The NIS 2 Directive

2. The Digital Operational Resilience Act (DORA)

3. The Critical Entities Resilience Directive (CER)

4. The European Data Act

5. The European Data Governance Act (DGA)

6. The European Cyber Resilience Act (CRA)

7. The Digital Services Act (DSA)

8. The Digital Markets Act (DMA)

9. The European Chips Act

10. The Artificial Intelligence Act

11. The Artificial Intelligence Liability Directive

12. The Framework for Artificial Intelligence Cybersecurity Practices (FAICP)

13. The EU Cyber Solidarity Act

14. The Digital Networks Act (DNA)

15. The European ePrivacy Regulation

16. The European Digital Identity Regulation

17. The European Media Freedom Act (EMFA)

18. The Corporate Sustainability Due Diligence Directive (CSDDD)

19. The Systemic Cyber Incident Coordination Framework (EU-SCICF)

20. The European Health Data Space (EHDS)

21. The European Financial Data Space (EFDS)

22. The Financial Data Access (FiDA) Regulation

23. The Payment Services Directive 3 (PSD3), Payment Services Regulation (PSR)

24. The Internal Market Emergency and Resilience Act (IMERA)

25. The Digital Fairness Act

26. The European Cyber Defence Policy

27. The Strategic Compass of the European Union

28. The European Space Law (EUSL)

29. The European Space Act

30. The EU-US Data Privacy Framework

31. The European Cloud and AI Development Act

32. The European Quantum Act

33. The EU Biotech Act

34. The EU Cyber Diplomacy Toolbox


Membership and certification


Membership


certification


RR

In the Reading Room (RR) of the association you can find our newsletter. Our Reading Room

Contact IARCP

Contact Us

Lyn Spooner
lyn@risk-compliance-association.com

George Lekatis
President of the IARCP
1200 G Street NW, Suite 800, Washington, DC 20005, USA
(202) 449-9750
lekatis@risk-compliance-association.com

Privacy, legal, impressum