Free Practice Questions for PRMIA 8020 Exam

The facilitator’smain roleis toguide discussions without bias, ensuringobjective risk identification.

PRMIA’sRisk Governance Frameworkhighlightsneutral facilitationas key to effective risk workshops.

Objectivity ensures unbiased risk assessment.

Expressing personal opinions can influence risk ratings, leading todistorted outcomes.

Option A ("Guide the workshop toward a pre-determined conclusion")

Incorrect because risk workshops shoulddiscover risks, not confirm pre-set beliefs.

Option B ("Attendees can override results")

Incorrect asrisk results should be evidence-based, not subject to override.

Option D ("Attend via video connection")

Incorrect asfacilitators must engage actively, making remote facilitation less effective.

Step 1: Role of a Risk Assessment FacilitatorStep 2: Why Option C Is CorrectStep 3: Why the Other Options Are Incorrect

PRMIA Risk Governance Framework– Stresses objectivity in risk assessment facilitation.

PRMIA Risk Identification Best Practices– Encourages unbiased workshops.

PRMIA Risk References Used:

Final Conclusion:Facilitatorsmust remain neutral and objective, makingOption C the correct answer.

TheInternal Loss Multiplier (ILM)is a key component of theBasel III Standardized Approach for Operational Risk. It is designed to adjust capital requirements based on a bank’shistorical loss experience.

Definition of ILM

ILM is ascaling factorthat adjusts theoperational risk capital requirementbased on a bank’sinternal loss history.

It is derived using a formula that incorporateshistorical operational risk lossesrelative to a bank’s revenue.

Why ILM Exists in Basel III

Basel III replaced theAdvanced Measurement Approach (AMA)with aStandardized Approachthat includes ILM toensure that banks with high historical losses hold more capitalfor operational risk.

Why Other Answers Are Incorrect

Option

Explanation

A. It is a financial-statement-based proxy for operational risk.

Incorrect– ILM is not a general financial statement proxy; it specifically adjusts capital based on past operational losses.

B. It is a non-financial factor that is based on a bank's average historical losses.

Incorrect– ILM isfinancial in naturebecause it directly influences capital requirements.

D. It is uniform, and is used for indicating consistent incidents on an average return basis.

Incorrect– ILM isnot uniform; it is bank-specific and varies based on loss history.

PRMIA Operational Risk Standards

Basel III Standardized Approach for Operational Risk

PRMIA References for Verification

Role of the Risk Function

Therisk functionis responsible fordocumenting, monitoring, and overseeing risk policies and frameworks.

It ensures the organizationmaintains structured risk governance, reporting, and compliance.

Key Responsibilities

Developing Risk Management Manualsto definerisk appetite, risk frameworks, and risk governance structures.

Creating Risk Policiesthat align withregulatory standards and internal controls.

Why Answer B is Correct

The risk function primarilydevelops, implements, and maintains risk management frameworks, which include formalmanuals and policies.

Why Other Answers Are Incorrect

Option

Explanation

A. Documenting its activities, typically by operating and then recording the daily operation of controls.

Incorrect– The first line of defense (business units) handles daily operational controls, not the risk function.

C. Putting in place the servers, firewalls, and software to ensure cybersecurity.

Incorrect– Cybersecurity is anIT responsibility, while the risk functionoversees cyber risk frameworks.

D. Creating a trial balance, balance sheet statement, and cash flow statement.

Incorrect– These arefinancial accounting responsibilities, not risk management duties.

PRMIA Governance Framework for Risk Management

Basel Risk Management Principles

PRMIA References for Verification

Key Resources for Calibrating Risk Appetite

Risk appetite defineshow much risk an organization is willing to acceptto achieve its objectives.

Two of the most critical resourcesfor maintaining confidence and setting risk appetite arenet earnings and capital.

Why Net Earnings and Capital are Critical

Net earningsreflectprofitability and financial stability, influencing risk-taking capacity.

Capitalensures that the institutioncan absorb lossesand meet regulatory requirements.

Basel III emphasizes capital adequacyas a core measure of financial resilience.

Why Answer B is Correct

Net earnings support operational stability, whilecapital determines how much risk an institution can bear.

Both are used todefine and calibrate risk appetite levels.

Why Other Answers Are Incorrect

Option

Explanation

A. Capital expenditure and liquidity.

Incorrect– Capital expenditure is aninvestment measure, not a direct risk appetite determinant.

C. Strong regulatory assessment and net earnings.

Incorrect– Regulatory assessments are important butdo not directly set risk appetite.

D. Quality human resources and reputation.

Incorrect– HR and reputation areimportant for governance but do not directly influence risk capital and earnings stability.

PRMIA Risk Appetite Framework

Basel III Capital and Earnings Management Guidelines

PRMIA References for Verification

Overview of the National Australia Bank (NAB) FX Options Case Study

Traders atNational Australia Bank (NAB)engaged inunauthorized foreign exchange (FX) options trading.

Theysmoothed profits and concealed lossesusingfictitious transactions and manipulated reporting.

This led toa major financial scandal and loss of investor confidence.

Key Findings of the Investigation

Tradersartificially smoothed profitsto avoid drawing attention to large fluctuations.

Losses wereconcealed from internal risk controlsby manipulating trade records.

The bank’srisk management and governance controls failedto detect and prevent these activities.

Why Other Answers Are Incorrect

Option

Explanation

A. Currency traders were allowed access to the risk system by the CEO.

Incorrect– No evidence suggests CEO involvement in granting system access.

B. Currency traders concealed losses using back-office knowledge.

Incorrect– While they concealed losses, they alsosmoothed profitsto manipulate earnings trends.

D. Currency traders were able to complete a Management Buy Out (MBO).

Incorrect– This event wasnot related to a Management Buyout (MBO); it was atrading scandal.

PRMIA Fraud and Risk Management Case Studies

Basel Principles on Market Risk and Internal Control Failures

PRMIA References for Verification

Risk capacityis the maximum level of risk a firm can bear based onfinancial resources, earnings, and capital structure.

Management canadjust risk capacityby modifyingrisk exposure, balance sheet size, or earnings retention.

Increasing dividends reduces retained earnings, whichlowers capital reservesandreduces risk capacity.

Firms seeking toimprove risk capacity should retain earnings, not distribute them.

Option A ("Reduce scale of risks")→Correctas reducing balance sheet size lowers risk exposure.

Option B ("Improve quality of risks")→Correctas taking onlower-risk assetsimproves stability.

Option D ("Improve retained earnings")→Correctas more capitalincreases risk capacity.

Step 1: Aligning Strategy with Risk CapacityStep 2: Why Option C Is IncorrectStep 3: Why the Other Options Are Correct

PRMIA Capital Management Framework– Defines risk capacity and earnings retention strategies.

Basel III Capital Standards– Stresses retained earnings as a key factor in risk capacity.

PRMIA Risk References Used:

Final Conclusion:Reducing retained earnings through dividends weakens risk capacity, makingOption C the correct answer.

Definition of Control Rating Scales

Control rating scalesmeasure the effectiveness and performance of risk management controls.

They help organizationsevaluate control strength and identify weaknesses.

Key Components

Control effectiveness→ Measureshow well the control mitigates risks.

Control performance→ Assesseswhether the control operates as designed in practice.

Why Answer C is Correct

Botheffectivenessandperformancearecrucial for assessing control reliability.

A control may bedesigned effectively but fail in execution, makingboth factors essential.

Why Other Answers Are Incorrect

Option

Explanation

A. They are enhanced by the use of software that includes inherent risk.

Incorrect– Software can improve ratings, but control scales arebased on evaluation criteria, not just software tools.

B. A control rating scale should consider control effectiveness but not control performance.

Incorrect– Ignoring performance could lead tomisjudging actual control reliability.

D. A control rating scale should consider neither control effectiveness nor control performance.

Incorrect– This wouldrender the control rating scale useless.

PRMIA Governance and Control Framework

Basel Operational Risk Management Guidelines

PRMIA References for Verification

TheThree Lines of Defense (3LoD) modelensures thatrisk management responsibilities are properly segregated:

First Line: Business units (own and manage risk).

Second Line: Compliance and risk management (independent oversight).

Third Line: Internal audit (provides assurance).

PRMIA andBasel Compliance Principlesstate that compliance shouldnot report to business units, as this creates aconflict of interest.

Compliance must beindependent to ensure objective oversightof regulatory adherence.

Option A ("Report to the business")→ Incorrect becausecompliance must provide independent oversight, not report to business units.

Option C ("Outsource compliance if risk function exists")→ Incorrect becausecompliance and risk functions have distinct roles.

Option D ("Outsource risk if compliance exists")→ Incorrect becauserisk management is a core function, not an outsourcing candidate.

Step 1: Compliance Function and the Three Lines of Defense ModelStep 2: Why Compliance Must Be IndependentStep 3: Why the Other Options Are Incorrect

PRMIA Compliance Risk Governance– States compliance must beindependentunder the Three Lines of Defense model.

Basel Compliance Principles– Recommends separate reporting structures for compliance and business units.

PRMIA Risk References Used:

Final Conclusion:Compliance must be independent from the business to avoid conflicts of interest, makingOption B the correct answer.

Financial Crime Risk Management

Managing financial crime requires implementingcontrols, monitoring, and reporting systemsto detect and prevent illegal activities.

Developing red flags and monitoring scenariosallows firms to detect suspicious transactions related tomoney laundering, fraud, and terrorist financing.

Why Answer C is Correct

PRMIA emphasizes thateffective risk management requires proactive monitoring of transactionsusing red flags, transaction patterns, and anomaly detection systems.

This is aligned with Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) regulatory requirements.

Why Other Answers Are Incorrect

Option

Explanation

A. Having the business be a cash-only business and not report any transactions.

Incorrect– Cash-only businesses withno reportingarehigh-riskfor financial crime.

B. The requirements to trace all transactions when they are entered into spreadsheets.

Incorrect– While transaction tracing is important,spreadsheets alone are not an effective control mechanismfor financial crime.

D. Local regulations that allow a bank to not report transactions by family members of the board.

Incorrect– This would violateAML and financial crime regulations, increasing corruption risk.

PRMIA Financial Crime and AML Risk Guidelines

Basel Committee on Financial Crime and Money Laundering

PRMIA References for Verification