Risk Management in a FinTech startup (13 employees).
- A FinTech start-up offers a portal for investors and small businesses looking for start-up and growth capital.
- The FinTech start-up itself is looking for investors and partners, but these require proper risk reporting
- Partnerships with banks require professional risk reporting that not only identifies financial portfolio risks, but also operational risks.
- Sound risk management strengthens the image.
- Several work sessions with the partners show that the company does not have a systematic approach to identify and manage risks.
- It is decided to implement “Enterprise Risk Management” in a systematic way, with knowledge transfer to the FinTech employees
- Through workshops, both internal and external risks were identified in different domains
- The risk appetite was determined.
- The risks were analyzed and included in a fully elaborated risk register with heatmap.
- A specific approach was developed for each type of risk.
- (risk management framework)
- Risk Owners are indicated.
- Relevant Key Risk Indicators have been chosen as the basis for reporting.
- The ICT risks have been identified (according to the ISO 27001 and ISO 27032 standards).
- This approach ensured greater transparency of the risks throughout the organization, which facilitated rapid remediation.
- The systematic approach was incorporated into the daily way of working and formed the basis for subsequent compliance audits.
- A maturity model was drawn up, with a plan to reach the target level within three years.