Article 321-78 into force since 01 August 2022

I. - Asset management companies shall establish, implement and maintain an adequate and documented risk management policy which identifies the risks to which the UCITS they manage are or might be exposed to.

In particular, the asset management company shall not solely or mechanistically rely on credit ratings issued by credit rating agencies as defined in Article 3(1)(b) of Regulation (EC) No 1060/2009 of the European Parliament and of the Council of 16 September 2009 on credit rating agencies for assessing the creditworthiness of the assets of UCITS.

II. - The risk management policy shall comprise such procedures as are necessary to enable the asset management company to assess for each UCITS it manages the exposure of that UCITS to market risk, liquidity risk, sustainability risk and counterparty risk, as well as to all other risks, including operational risks, which may be material for each UCITS portfolio it manages.

III. - The risk management policy shall address at least the following:

a) the techniques, tools and arrangements that enable them to comply with the obligations set out in Articles 321-81, 411-72 and 411-73;

b) the allocation of responsibilities within the asset management company pertaining to risk management.

IV. - Asset management companies shall ensure that the risk management policy referred to in I states the terms, contents and frequency of reporting of the risk management function referred to in Article 321-77 to the board of directors and to senior management and, where appropriate, to the supervisory function.

V. - For the purposes of this article, asset management companies take into account the nature, scale and complexity of their business and the UCITS they manage.