Skip to content
RiskTemplates · The Daily Brief Thursday, July 9, 2026
Wire CFPB's New Enforcement Principles: What the Bilt Case Tells You About How the Bureau Intends to Police Consumer Finance JUN 22
Bundle Best for Risk Teams

Operational Risk Program

Build a complete ORM program: ERM framework, RCSA, loss monitoring, financial risk, KRIs, and the Contingency Funding Plan for chartered banks.

Price

$199

Individually $315 — save 37%

Buy now →
Secure checkout Emailed access Fully editable 30-day money-back

Delivered immediately after checkout — your template and guide links are emailed to you with your receipt.

Used by compliance teams at banks, fintechs, and asset managers

◆ Quick buying summary

What you get and when you can use it

Good fit if
You're a CRO or VP of Risk building a formal ORM program that regulators will recognize as mature
Format
Editable workbook plus PDF/supporting guide materials where included. Instant download after checkout.
Time to value
Start reviewing, editing, and assigning owners the same day; customize to your organization before sharing outputs externally.
After purchase
After checkout, your templates and guides are available immediately and the download link is sent to your email with your Stripe receipt. No account required.

◆ What's included

  • Enterprise Risk Management Framework (ERMF)
  • RCSA (Risk & Control Self-Assessment)
  • Loss Monitoring & Event Tracking Kit
  • Financial Risk Management Kit
  • KRI Library (132 Key Risk Indicators)
  • Contingency Funding Plan — Banks (2023 Interagency Addendum-aligned)

Use rights: customize for internal business use and use outputs with your auditors, customers, bank partners, and regulators. Do not resell or redistribute the template files.

◆ FAQ

Frequently asked questions.

How do these 5 products form a "closed-loop" ORM program?

The ERMF provides governance (risk appetite, 3LoD, committee structure). The RCSA evaluates control effectiveness against your risk inventory. The KRI Library monitors whether risk levels are moving in the right direction. The Loss Monitoring Kit captures when controls fail. The Financial Risk Kit provides the financial dimension. Together: you're identifying risks (ERMF/RCSA), monitoring them (KRIs), capturing losses (Loss Monitoring), tracking financial exposure (Financial Risk), and governing it all (ERMF). That's a complete ORM cycle.

What's the implementation sequence for all 5 products?

Recommended sequence: (1) Start with the ERMF to establish governance structure and risk appetite. (2) Use the RCSA to map risks and control effectiveness — this feeds your board reporting. (3) Stand up the KRI Library using the same risk taxonomy. (4) Configure the Loss Monitoring Kit and seed with any available historical events. (5) Implement the Financial Risk Kit for the credit and liquidity dimensions. Each step builds on the previous one.

Does this bundle include the RCSA's 141 pre-populated risk assessments?

Yes. The RCSA Kit includes all 141 pre-populated risk assessments, control effectiveness scoring, the self-assessment questionnaire framework, and the control testing calendar. These use the same 21-category risk taxonomy as the Free Risk Register, so if you've already populated that, the risk IDs map directly.

Is this appropriate for a fintech that already has some ORM infrastructure?

Yes — all 5 products are designed to be adopted modularly. If you have an existing ERMF but no RCSA, you can use just the RCSA and KRI Library. If you have loss tracking but no financial risk monitoring, the Financial Risk Kit fills that gap. The shared taxonomy means new products integrate with existing ones without requiring a rebuild.

How does the KRI Library connect to the Financial Risk Kit?

The KRI Library includes ~20 Financial KRIs covering the same metrics the Financial Risk Kit monitors — delinquency rates, liquidity coverage, concentration ratios, and capital adequacy. When a Financial Risk threshold is breached, the corresponding KRI status should flip to Amber or Red. The shared risk IDs make this linkage explicit in both templates.

Can I share completed outputs externally?

Yes. You can use completed outputs with auditors, customers, bank partners, regulators, and internal stakeholders. Customize the template for internal business use — just don't resell or redistribute the source template files.

How do I receive the files?

Checkout is handled through Stripe. After purchase, you receive the template and guide download link immediately on the confirmation page and by email, along with your Stripe receipt. No account is required.

What if it's not a fit?

Email within 30 days for a full refund, no questions asked. The guarantee is meant to remove purchase risk while you evaluate whether the template fits your use case.

● First-time buyer offer

Get 20% off your first template.

Drop your email and we'll send the code.

◆ Not ready to buy?

Start with the free Risk Register.

141 pre-populated fintech risks across 21 categories. ISO 31000 structure.

Download free Risk Register →

◆ Ready when you are

Get the Operational Risk Program.

Start building a defensible risk program today.

Buy — $199 →
Secure checkout Emailed access Fully editable 30-day money-back

Immaterial Findings · Newsletter

The brief, in your inbox.

Enforcement of the week, a framework breakdown, and the prompts that are actually worth running. Delivered to your inbox. Free.