In order to help organizations manage and mitigate risks to which they are exposed to, Entropy provides services and solutions that rely on its professionals’ accumulated experience in various risk areas (operational and IT risks, credit and market risks, financial risks and others) and tailored international methodologies such as COSO ERM and COBIT.

• Solvency II
• Establishing Risk Management Policies
• Operational Risk Surveys
• Establishing Mitigation Plans
• Fraud Embezzlement and Anti-Money Laundering Surveys
• ICAAP
• Risk Management Systems Implementation
• Key Risk Indicators
• Business Continuity Planning
• COSO Methodology-based Procedures and Controls Planning
• Guidance and Coaching for Risk Management Units
• Risk Manger Position Outsourcing
• Capital Market, Insurance and Savings Directives Implementation

Solvency II

The Solvency II directive constitutes a fundamental and comprehensive change of the regulations relevant to the insurance companies’ solvency and capital adequacy enforcement. Its objectives are to protect insurance policy holders, enhance the market integration and increase the competition in the sector. The directive includes a thorough examination of risks to which the insurance companies are exposed, sets standards to quantify and measure those risks while the capital allocation expresses the inherited risks in its activities. Apart from the quantitative aspects, the directive also focuses on internal audit and inspection activities, market discipline, disclosure and reporting. In light of the Entropy’s experience, guidance of the banks in Basel II directive implementation and profound familiarity with the insurance sector, Entropy guides Insurance companies in implementing the directive instructions through establishing an efficient and qualitative process which suitably addresses the compliance requirements.

Back to top

Establishing Risk Management Policies

Establishing risk management policies is an important stage in the creation of a comprehensive risk management framework. The ERM / Risk Management policy is established for material risks to which organizations are exposed to. ERM policies include topics such as:

• Risk Management organizational vision and objectives.
• Risk corporate governance structure.
• Risk quantification methods.
• Risk identification methods.
• Roles and responsibilities within units involved in the ERM.
• Interface between units involved in the ERM.
• Definition of issues subject to reporting.
• Compliance with the relevant laws and regulations.
• Establish business continuity processes for disaster recovery.

Back to top

Operational Risk Surveys

Entropy performs operational risk surveys based on the COSO approach using evaluation methodologies for risk exposure within units, processes, systems and activities. The survey helps to identify inherited risk in organizational units / processes and effective evaluation of those risks, focusing on critical risks. Operational risks survey support effective risk management with optimal resource allocation to mitigate and monitor risks using cost benefit considerations in order to prevent failure, damages and reputational risk. Furthermore, the survey’s results enable the organization qualitative operational risk management and to comply with regulatory requirements.

Back to top

Establishing Mitigation Plans

In order to mitigate the existing and identified risks, Entropy Consultants Ltd. assists establishing mitigation plans that enable defining individual work plans in order to implement additional controls or to improve existing ones.

Back to top

Fraud Embezzlement and Anti-Money laundering surveys

Nowadays, many organizations run specific embezzlement and fraud risk surveys on various organizational activities. Embezzlement and fraud surveys are required both as part of ongoing managerial requirements and of regulatory demand to decrease the risks which expose the organization to severe financial loss and reputational damage. The embezzlement and fraud risk survey also includes a review of anti-money laundering risks, carried out according to the processes and systems mapping and in accordance with existing databases. In general, money laundering risks expose the organization to both domestic and international regulatory risks. Entropy Consultants has the tools and the know-how to perform embezzlement and fraud surveys and to guide organizations through the implementation of money-laundering prevention mechanisms.

Back to top

ICAAP

Entropy helps financial institutions establish the ICAAP process and document which includes calculation of capital allocation against the various risks categories according to pillar 1 and pillar 2, stress tests, risk appetite statement, analysis of existing corporate governance, capital planning and future improvements. In addition, Entropy accompanies internal audit units that perform the ICAAP independent review by defining specific audit work plans and performance of dedicated surveys and controls evaluation.

Back to top

Risk Management Systems Implementation

Entropy helps organizations characterize, establish and implement operational risk management systems that support compliance with anti-money laundering and OP risk management. The company has a profound expertise with leading information systems in this area and with advanced implementation methods that allow integrating operational risk management within the organizational culture.

Back to top

Key Risk Indicators

Key Risk Indicator (KRI) is an operational or statistical factor used to monitor the organization’s risk profile. KRI is the only component that “revives” the risk survey and “leads” it to the implementation stage. Integrating KRIs enables a dynamic review of the risk profile and its level by measuring events and transitions in the organization. In order to produce an ongoing review of the organization’s daily activity, it is necessary to build the capability of monitoring and measurement of the KRIs. Building the KRI repository and thus the ability to monitor risks enables the organization to adjust its current activities and various data to the risk survey and the mitigation plans. In this activity, we define measurable indicators with different measurement thresholds that are related to specified, focused and dynamic risks.

Back to top

Business Continuity Planning

A malfunction in the production process, a physical damage to the organization’s infrastructures or any other event that significantly affects the company’s current business activity, constitutes a crisis with immediate and long-term implications on the company activity and reputation. Business continuity planning instructs the company management and employees as to the required steps to be taken in order to minimize the implications of a crisis. This plan must refer to the management level (Executive Crisis Management), business level (Business Continuity Operations) and the technological level (Disaster Recovery).

Entropy helps its clients to prepare cross-board organizational levels while applying the Top-Down principals, thus ensuring implementation of appropriate preparation within a short time and at low costs.

Back to top

COSO Methodology-based Procedures and Controls Planning

During this activity, Entropy defines risk mitigation methods by designing controls depending on the mapped risks. The control design is based on international methodologies (e.g. COSO). The company helps to plan and design procedures and automated controls in accordance with the risk profile and the processes significance.

Back to top

Guidance and Coaching for Risk Management Units

Entropy has developed training sets designed to increase awareness of the organization’s managers and employees to the operational risk management culture which should be part of the organization business strategy. Additionally, Entropy provides personal coaching sessions for risk managers in organizations in order to train and instruct the risk manager on how to manage the different risk areas.

Back to top

Risk Manger Position Outsourcing

The regulations require organizations to designate a risk management function that will lead and define the activities required for risk management. Entropy provides risk management outsourcing services with its constant professional and managerial support. The added value of this service lies in the usage of Entropy’s methodologies and knowledge base.

Back to top

Capital Market, Insurance and Savings Directives Implementation

Entropy provides services which help insurance companies to comply with the directives defined by the regulator. The various services cover market risk management, credit risks and operational risks. Entropy provides Solvency II services – consultancy support and systems for compliance and risk mitigation. Furthermore, Entropy provides the insurance companies with services that help to comply with additional requirements such as information security risk management, fraud and embezzlement risks detection, business continuity plan, etc.

Back to top