Skip to main content


Search for

Implementation of Enterprise Risk Management Framework within CDC’s business operations

 March 18, 2019  /   Blog  /   no responses  Comments

Central Depository Company of Pakistan Limited (CDC) is one of the key capital and financial market infrastructure institutes providing service to a large number of market participants, including Issuers of securities, brokers, banks, mutual funds and investors. CDC holds assets valuing 5 trillion rupees on behalf of its stakeholders in fiduciary capacity and, therefore, has been qualified as a Public Interest Company on the basis of providing safety and security to clients’ assets.


Given the increasingly digital and interconnected global environment, business risks are occurring with greater frequency and velocity than ever before. In order to be more resilient and better positioned to capture the upside of changing risk landscape, CDC has adopted the guidelines issued by the Committee of Sponsoring Organizations of Treadway Commission (COSO) for the implementation of Enterprise Risk Management (ERM) Framework and has successfully employed it in to its business. CDC is the first Organization in the Capital Market to successfully implement the COSO based ERM Framework in the business.


ERM has championed as an effective approach for identifying, assessing and monitoring risks across CDC and has established communication protocols to efficiently share risk information quickly across CDC. A top-down approach has been set for a holistic view of the inventory of key risk exposures potentially affecting CDC’s ability to achieve its strategic objectives. This inventory of risks will be utilized with the goal of preserving and enhancing their stakeholder’s value. Accordingly, the Management has identified risks that could impact the business, assessed their likelihood & magnitude, and determined appropriate responses to capture the business opportunities. The key attributes of the framework are the following:

  1. Critical decision making relevant to risk management to be made at an appropriate level with adequate experience and knowledge;
  2. Governance of the enterprise wide risk management system and activities of the company;
  3. Preservation of CDC’s mission and core values
  4. Support in developing risk management culture within CDC.
  5. Assistance in providing guidelines to both new and existing employees;
  6. Have in place a system of risk monitoring in CDC’s operations; and
  7. Ensure that all activities within CDC are conducted in conformity with applicable laws, rules, regulations, and accounting standards applicable to the company.

The ERM framework assists CDC’s business functions to identify, assess, rank, prioritize and manage potential business risks associated with the relevant operational processes, system, strategy or action plan, and choose the best possible solution amongst various alternatives so as to grasp potential market opportunities while at the same time manage any potential weakness. Further, ERM practices throughout the organization improve decision-making in governance, strategy, objective-setting, and day-to-day operations while enhancing performance by more closely linking strategy and business objectives to risk.

Share This Blog