RiskTemplates · The Daily Brief Monday, May 18, 2026

RiskTemplates.

Wire
MAY 15 SEC's Final Judgment Against Black Hawk's Robert Newell: How a $37M Cannabis Fund Became a Ponzi Case Study MAY 14 SEC Adani $18M Settlement: When Anti-Bribery Disclosures Become Securities Fraud MAY 13 SEC and DOJ Charge 21 in BigLaw M&A Insider Trading Ring — What the Document Management Trail Tells You MAY 12 OCC Consent Orders: From Issuance to Termination — A Practitioner's Walkthrough MAY 12 SEC Charges Reign Financial and Berone Capital in $26M Prime Bank Scheme: The Due Diligence Failures Every Adviser Should Audit MAY 10 Parmar's $212M Constellation Healthcare Sentencing: Take-Private Fraud Lessons for Risk and Compliance MAY 15 SEC's Final Judgment Against Black Hawk's Robert Newell: How a $37M Cannabis Fund Became a Ponzi Case Study MAY 14 SEC Adani $18M Settlement: When Anti-Bribery Disclosures Become Securities Fraud MAY 13 SEC and DOJ Charge 21 in BigLaw M&A Insider Trading Ring — What the Document Management Trail Tells You MAY 12 OCC Consent Orders: From Issuance to Termination — A Practitioner's Walkthrough MAY 12 SEC Charges Reign Financial and Berone Capital in $26M Prime Bank Scheme: The Due Diligence Failures Every Adviser Should Audit MAY 10 Parmar's $212M Constellation Healthcare Sentencing: Take-Private Fraud Lessons for Risk and Compliance

Topic Operational Risk

The operational risk program, built one template at a time.

ERMF, RCSA, KRIs, issues management, loss tracking, third-party risk — the operational risk stack practitioners actually use. Aligned with COSO ERM, ISO 31000, FFIEC IT, and FRB SR 21-3.

◆ COSO ERM · ISO 31000 · FFIEC IT · FRB SR 21-3 · Basel

Browse templates Latest analysis

◆ What you'll find here

The core risk program — without the consulting markup.

◆ 01

ERMF, RCSA, KRIs

The three core building blocks of every operational risk program. Inventory the risks, self-assess the controls, monitor the indicators. Mapped to COSO ERM and FRB SR 21-3.

◆ 02

Issues & loss tracking

Track MRAs, audit findings, and operational losses with severity scoring, owners, and remediation timelines. Built for teams that need to show progress to regulators and bank partners.

◆ 03

Third-party & vendor risk

TPRM intake, due diligence, ongoing monitoring, and the evidence regulators expect when a critical vendor goes down. Aligned with FFIEC and OCC third-party guidance.

◆ Operational risk templates

Tools for the operational risk team.

Excel-native templates with editable workbooks and PDF guides. Buy once, tailor to your program, deploy in days.

Template
$79

Enterprise Risk Management Framework (ERMF)

Complete ERM documentation: risk appetite, 3 Lines of Defense, committee charter, and board reporting.

Learn more → Buy now →
Template
$69

RCSA (Risk & Control Self-Assessment)

141 pre-populated fintech risks with control assessments, questionnaire framework, and testing calendar.

Learn more → Buy now →
Template
$49

KRI Library (132 Key Risk Indicators)

132 KRIs with thresholds, data sources, and escalation triggers pre-built for financial services.

Learn more → Buy now →
Template
$49

Issues Management Tracker & Template

End-to-end issues tracking and remediation management for risk and compliance teams.

Learn more → Buy now →
Template
$59

Loss Monitoring & Event Tracking Kit

Basel-aligned operational loss event tracking and root cause analysis for financial services.

Learn more → Buy now →
Template
$59

Financial Risk Management Kit

Credit risk, liquidity, concentration, and capital adequacy templates built for fintechs.

Learn more → Buy now →
Template
$69

Third-Party Risk Management (TPRM) Kit

Complete vendor risk management lifecycle from initial due diligence to ongoing oversight.

Learn more → Buy now →

70+

Operational risk articles

7

Templates · Excel + PDF

US

COSO · ISO 31000 · FFIEC · Basel

◆ Latest analysis

From the journal.

Compliance Strategy

Acceptable Use Policy Template for Fintechs: Prohibited, Restricted, and Enhanced-Review Customers

A structural template for fintech acceptable use policies — covering the seven sections every AUP needs, a three-tier decision table, an approval path for restricted customers, and monitoring triggers that hold up to sponsor bank and examiner scrutiny.

· 10 min read

Operational Risk

CFP Fund Flow Testing: The Liquidity Exercise Most Fintechs Skip Until a Regulator Asks

A fund-flow test proves your contingency funding plan actually works — not just on paper. Here's how fintechs should map payment rails, confirm collateral, walk approval chains, and document gaps before a regulator does it for them.

· 9 min read

Operational Risk

Key Risk Indicators Examples: 40 KRIs for Operational and Financial Risk Teams

40 ready-to-use KRI examples for operational and financial risk programs — each with risk measured, data source, owner, threshold idea, and escalation path.

· 13 min read

Compliance Strategy

Restricted Business Due Diligence: Questions to Ask Before You Approve Cannabis, Weapons, Adult, Gambling, or Crypto Customers

A practitioner's due diligence checklist for fintechs evaluating five high-risk business categories — the questions that determine whether a restricted customer is manageable or a liability.

· 10 min read

Third-Party Risk

Bank Partner Alignment for AUPs: When Your Sponsor Bank's Risk Appetite Overrides Yours

How to map your fintech AUP to your sponsor bank's prohibited and restricted business rules, when to pre-clear customers, how to document exceptions, and what rising RFI volume signals about bank partner discomfort.

· 11 min read

Operational Risk

Contingency Funding Plan Triggers: How to Set Liquidity Thresholds You Can Defend to Regulators

Vague CFP triggers don't survive examiner scrutiny. Here's how to design Green/Yellow/Red liquidity thresholds with specific metrics, documented rationale, and clear ownership — so your CFP activates before it's too late.

· 9 min read
View all 70 articles →

◆ Immaterial Findings · Weekly

Sharp risk & compliance insights practitioners actually read.

Enforcement actions, regulatory shifts, and practical frameworks — no fluff, no filler.

◆ Practitioners from banks, fintechs, and asset managers · Delivered weekly

Immaterial Findings · Newsletter

The brief, in your inbox.

Enforcement of the week, a framework breakdown, and the prompts that are actually worth running. Delivered to your inbox. Free.