Express an interest

If you are interested & require further information, we will email you a copy of the programme brochure.

An error has occurred

Data Protection Notice

DATA PROTECTION NOTICE - UPDATED 3rd April 2025

The Institute of Bankers in Ireland (trading as IOB) takes privacy and the protection of our customer, affiliate, member, student and designate data very seriously. In this notice, we explain how we collect your personal information, how we use it and how you can interact with us about it.

Who are we?

When we talk about “IOB”, or “us” or “we” in this notice, we are talking about IOB.

Data Protection Officer

Our Data Protection Officer oversees how we collect, use, share and protect your information to ensure your rights are fulfilled. You may contact our Data Protection Officer at [email protected] or by writing to: Data Protection Officer, IOB, 47-49 Pearse Street, Dublin 2.

How we collect information about you

We collect personal information from you, for example when you become a member; or a customer in order to create an account on IOB Learn; register to an educational programme; apply for information on our products and services; apply for a designation/CPD scheme or express an interest in one of our programmes or a programme offered in association with one of our educational partners. We also collect information through our websites, web-conferencing, social media, the IOB Learn application, CCTV footage and through communication between you and IOB by telephone, email and chat (for example, when you call to make enquiries about a course or when you are raising concerns or queries). We will sometimes record phone conversations and we will always let you know when we do this.   We may also obtain your personal data from third parties, for example:  

  • Information provided by your employer or representative acting on your behalf 

  • Information from or required from a funding body (e.g. Springboard, IFS Skillnet) 

  • Information about you provided by referees you have nominated 

  • Issuing authorities of documents you have submitted as proof of qualifications (e.g. verification of your degree by your previous university) 

Some of our educational partners are "joint" data controllers with IOB (e.g. UCD, the Compliance Institute, the Central Bank of Ireland) in the delivery of specific educational and designation services which we provide to you. This means that IOB, together with these "joint" controllers, make decisions in respect of the information about you which we process.   Our websites use ‘cookie’ technology. A cookie is a little piece of text that our server places on your device when you visit any of our websites or applications. They help us make the sites work better for you. When you apply to us for products and services and during the time you avail of these, we may verify your identity. We may do this by sending and receiving information about you, to and from third parties including your employer.

Cookie technology is also used on the Chat & Help Centre application by Intercom, which operates the Chat & Help Centre application on our behalf. Intercom is responsible for cookies on Chat & Help Centre and you may consult the cookies policy on www.intercom.com for further details.

Information we collect about you 

IOB collects personal data relating to you in order to provide our services to you. 

The types of personal data processed by IOB may include (depending on the context of the service being provided to you) but are not limited to: 

  • Customer number – generated when an IOB account is created for you 

  • Unique personal identifiers and biographical Information, such as student number, name, title, date of birth, country of birth, nationality 

  • Your contact details including residential and employer addresses, mobile phone number, email address(es) 

  • PPS number 

  • Employer details 

  • Details of previous examination results and qualifications awarded 

  • Schools/colleges attendance records 

  • Bank details, including IBAN, BIC, Name of bank/building society 

  • Credit card details (processed by our payment provider) 

  • Information to provide student support services such as career guidance, where applicable 

  • Image in digital photograph for ID cards 

  • Image as part of online examination/assessment processes as part of online invigilation  

IOB may in some cases process “special category data”, for example, health data, where relevant to applications for support, extenuating circumstances relating to examinations or pro-rata adjustments relating to designations, disability information (for example, where needed for the provision of student support services). 

How we keep your information safe

We use technical and organisational measures to protect your personal information from unauthorised access, to maintain data accuracy and to help ensure the appropriate use of your personal information. These security measures include encryption of your personal information, firewalls, intrusion detection systems, 24/7 physical protection of facilities where your personal information is stored, background checks for personnel that access physical facilities, and strong security procedures across all service operations. We use strong encryption algorithms for the transmission and storage of your information. When you contact us to ask about your information, we may ask you to identify yourself. This is to help protect your information.

How long we keep your information for

How long we hold your information depends on the nature of the information and the purposes for which it is processed. We determine appropriate retention periods which meet our academic, legal and regulatory obligations. We hold your information while you are a member, affiliate member, customer, student or designate and for a period of time after that. We do not hold it for longer than necessary. If the purpose for which the information was obtained has ceased and the personal information is no longer required, the personal data will be deleted or anonymised (i.e. all identifying characteristics are removed).

Meeting our academic, legal and regulatory obligations

To meet our academic, regulatory and legal obligations, we collect some of your personal information, verify it, keep it up-to-date through regular checks, and delete it once we no longer have to keep it. We may also gather information about you from third parties to help us meet our obligations. If you do not provide the information we need, or help us keep it up-to-date, we may not be able to provide you with our products and services.

To use your information lawfully, we rely on one or more of the following legal bases:

  • your consent;

  • necessary for the performance of a contract with you;

  • necessary for compliance with a legal obligation (e.g. "Minimum Competency Code", "Fitness & Probity", Universities Act 1997);

  • necessary to protect the vital interests of you or others;

  • necessary for the performance of a task carried out in the public interest; or

  • necessary for the purposes of our legitimate interests, including to pursue our goals and promote our services, or the legitimate interests of a third party (e.g. your employer). We will not process your personal data for these purposes if to do so would constitute an unwarranted interference with your own interests, rights and freedoms.

Consent

Sometimes we need your explicit consent to use your personal information. When we use sensitive personal information about you, such as health data, for example when you request a maternity leave pro-rata adjustment, we may ask for your consent. Before you give your consent, we tell you what information we collect and what we use it for. You can withdraw your consent at any time by contacting us.

Automated Decision-Making

Examinations are marked by human markers who access exam scripts and mark the questions according to the marking standard specified by IOB. The online invigilation system will flag activities that could indicate suspected non-conformance with Examination Regulations. However, no automated decisions will be made based on these flags. IOB uses Multiple Choice Questions (MCQs) for some assessments. These questions are marked using automated software against an answer key which is developed by the Examiner. The evaluation methods are regularly reviewed and tested to ensure they remain fair, effective and unbiased. As part of our Quality Assurance (QA), the questions are reviewed by an external examiner for accuracy and fairness. You may ask us not to make decisions about you that are based solely on automated processing.

Direct Marketing

We would like to make you aware of products and services which may be of interest to you. We may do this by phone, post, email, text or through other digital media. You can decide how much direct marketing you want to accept when you apply for new products and services. You can make changes to your marketing preferences at any time via "Quick Links > My Details" section on IOB Learn or by contacting us directly at: Phone: + 353 1 6116500, Email: [email protected]

How we use your information

We use information about you to:

  • process and administer your membership, programme registrations and designations/CPD;

  • create your account on IOB Learn, add you to channels we think will be of interest to you, send you notifications via IOB Learn (if notifications are enabled) and otherwise facilitate your use of IOB Learn in accordance with our Terms and Conditions (available here: https://iob.ie/terms);

  • organise events, conferences and webinars;

  • track your professional development in respect of your stated professional goals;

  • give you access to on-going learning and networking opportunities including career support;

  • ensure we provide you with the best service possible, including customer support for any technical issues you may experience accessing our websites or IOB Learn;

  • manage your fees;

  • administer the relationship with any of your funders or sponsors; 

  • administer assessment processes , specifically online processes;  

  • provide other operational supports;

  • provide and promote information on our membership, education, designation and continuing professional development services;

  • safeguard and promote the welfare of members;

  • carry out surveys and statistical analysis;

  • respond to your enquiries or complaints;

  • confirm details relating to you to your employer, where they have a legitimate interest in providing or receiving those details;

  • confirming details relating to you to other professional education partners or professional standards bodies (e.g. European Financial Planning Association (EFPA)), where there is a legitimate interest in sending those details;

  • provide reference requests subject to your consent;

  • tailor communications to make them relevant to any preferences that you have demonstrated;

  • prevent unauthorised access to your information;

  • meet our legal and regulatory obligations;

  • establishing, exercising or defending legal claims; and

  • identify ways we can improve our products and services to you.

To provide our products and services under the terms and conditions we agree between us, we need to collect and use personal information about you. If you do not provide this personal information, we may not be able to provide you with our products and services.

Your information and third parties

Sometimes we process and share your information with trusted third parties. For example, we share information with:

  • service providers (e.g. assessment facilitators, printers, auditors, legal advisors and other professional advisors);

  • educational and funding partners (e.g. UCD, Higher Education Authority (HEA), IFS Skillnet, The Central Bank of Ireland) or professional standards bodies (e.g. EFPA);

  • employers (e.g. to confirm details regarding designations, CPD schemes or programme participation, or to inform your employer where a designation is removed including due to membership default or resignation);

  • other legal and regulatory bodies (e.g. The Central Bank of Ireland);

  • Information and Communications Technology (ICT) and information security providers.

We may also share information with third parties to meet any applicable law, regulation or lawful request, including with law enforcement agencies, which may be either in or outside Ireland or to deal with any claim or dispute that may arise.

We expect these third parties to have the same levels of information protection that we have. In some cases we share information via systems that we control and where we do this, we require the third party recipients to comply with appropriate terms and conditions that govern access to those systems.

Your personal information rights

When your personal information is handled by IOB in relation to a product or service, you are entitled to rely on a number of rights. These rights allow you to exercise control over the way in which your personal information is processed, subject to applicable exemptions.

For example, we may help you in:

Accessing your personal information: You can ask us for a copy of the personal information we hold about you.

Correcting and Updating your personal information: If you believe that any personal information we hold about you is inaccurate or out of date, you can look for the information to be corrected at any time.

Withdrawing consent: You can change your mind wherever you give us your consent, such as for direct marketing, or using your sensitive information, such as medical or biometric data.

Restricting our use of your personal information: You have the right to restrict our use of your personal information in certain circumstances, such as where our use of it is not compliant with applicable law.

Objecting to our use of your personal information: You have the right to object to us using your personal information, where we are doing so based on this being necessary for the performance of a task carried out in the public interest or for the purposes of a legitimate interest. Where you exercise this right to object, we will be obliged to stop using your personal information in that way, unless there are compelling legitimate grounds for us to continue to do so, despite your objection.

Not to be subject to automated decision making: You have a right (subject to limited exceptions) not to be subject to a decision based solely on automated processing of information, including profiling, which produced significant legal effects concerning you or otherwise significantly affects you.

Deleting your information (your right to be forgotten): You may ask us to delete your personal information.

Moving your information in electronic form (your right to Portability): You may request (in certain cases) that your personal information is transferred to you or another organisation in digital form.

How to exercise your rights

You may execute any of these rights free of charge. You may do so by contacting us:

Phone: + 353 1 6116500 Email: [email protected]

When you contact us to ask about your information, we may ask you to identify yourself. This is to help protect your information. Once we are satisfied that we have effectively verified your identity, we will respond to the majority of requests without undue delay and within a one month period (i.e. 30 calendar days) of receipt of the request. IOB will action your request to have your personal information corrected within 10 calendar days. These periods may be extended in exceptional circumstances and we will inform you where the extended period applies to you along with an explanation of the reasons for the extension.

International transfers of data

We sometimes need to share your information with organisations which are located or who undertake processing outside the European Economic Area (EEA) to help us provide you with our products and services. Some educational programmes/partners, for example, are provided/located outside the EEA. This may mean that some personal information may be processed in countries such as India, Singapore or the United States. We expect the same standard of data protection is applied outside of the EEA to these transfers and the use of the information, to ensure your rights are protected and will only transfer personal information to a country or territory outside of the EEA: (a) if that country provides an adequate level of protection for personal information as set down by the European Commission or (b) where the transfer is made under a legally binding agreement which covers the EU requirements for the transfer of personal information to recipients outside of the EEA, such as the model contractual clauses approved for this purpose by the European Commission, or (c) where there is an alternative basis for engaging in the transfer that is compliant with applicable laws. For more information about the European Commission’s decisions on the adequacy of the protection of personal information in countries outside the EEA, please visit: ec.europa.eu/info/law/lawtopic/data-protection_en

For more information about IOB’s arrangement regarding transfers of personal information outside EEA you can contact us by phone or email via the details set out below.  

Making a complaint

If you have a complaint about the use of your personal information, please let a member of staff know, giving them the opportunity to correct things as quickly as possible. If you wish to make a complaint you may do so in writing and by email [email protected]. Please be assured that all complaints received will be fully investigated. We ask that you supply as much information as possible to help our staff resolve your complaint quickly.

You may also contact the Data Protection Commission in Ireland to lodge a complaint (details below).

Data Protection Commission 21 Fitzwilliam South, Dublin 2, D02 RD28 Web: dataprotection.ie

Data Protection Policy

IOB, as a provider of Professional Education, CPD (Continuing Professional Development) and Membership Services to the financial services sector in Ireland and beyond, processes personal data for a variety of purposes relating to its members, employees, service providers and other third-parties involved with the organisation. IOB is therefore a data controller, and in some cases a data processor, and is subject to data protection legislation and regulation. IOB's Data Protection policy (available here) sets out data protection requirements which must be complied with by anyone who processes personal data for or on behalf of IOB.

Updates to this notice and policy

We keep this notice and policy under regular review and will make changes from time-to-time, particularly when we change how we use your information, and change our technology and products or services. We will inform you of material changes to the contents of this Data Protection Notice, through a notification posted on our website or through other communication channels.

 

Before you continue...

As you are not registered with us, you will need to upload proof you can enrol to this programme.

I know, let’s sign upI have an account, let me sign in first
 
Risk Management
Professional Certificate

Conduct Risk, Culture and Operational Risk Management

Apply now
Express an interest
  • Duration
  • 1 trimester
  • Programme
  • 2 modules
  • Study
  • Online
  • Fees
  • From €520 p/module
  • Level
  • NFQ 8, 15 ECTS

    • At a glance

    The programme is a unique and specialist risk management programme for those working in the banking industry. The programme was designed in conjunction with operational risk and conduct risk professionals working in banking, this Certificate is the benchmark operational risk management and conduct risk management qualification for the banking industry in Ireland.

    Awarding Body

    University College Dublin

    Propel your career

    The programme is a progression for individuals who have completed the Professional Diploma in Financial Advice, who are designated Qualified Financial Advisers (QFA), and also individuals who have completed the Professional Certificate or Diploma in Compliance.

    Download brochure

    PRMIA

    PRMIA and the PRMIA Global Operational Risk Manager Certificate

    PRMIA is a global brand in risk management education with more than 50,000 members worldwide. Over 2,400 companies employ PRMIA designates, demonstrating that employers around the world realise that PRMIA’s education programmes equip participants with the specialised knowledge and skills necessary to succeed in the dynamic banking industry. PRMIA is active in nearly every major financial centre worldwide with members in over 65 countries.

    Award

    Upon successful completion of the programme, participants will be awarded the Professional Certificate in Conduct Risk, Culture and Operational Risk Management by UCD. This is a level 8 qualification on the National Framework of Qualifications and carries 15 ECTS.

    Participants can then apply directly to PRMIA, at no additional fee, to be awarded the globally recognised PRMIA Operational Risk Manager Certificate. Completing this programme will allow participants to stand out among their peers, providing participants with a competitive advantage with colleagues, clients, and prospective employers by developing the necessary skills and experience needed to succeed in today’s dynamic work environment.

    The PRMIA Global Operational Risk Manager Certificate is recognised as the industry standard for Operational Risk. You can find more details here

    Who is this programme for?

    The programme is designed to provide a deep and practical understanding of the key operational risks and conduct risks facing financial services professionals in Ireland today and the tools to identify, measure and mitigate those risks to improve business performance.

    The programme is relevant to holders of the QFA, holders of the Professional Certificate or Diploma in Compliance, banking compliance and risk professionals, financial institutions’ frontline staff, retail business centre and corporate banking staff, financial institutions central functions risk and compliance professionals including;

    Compliance, Operational risk, Internal Audit, Credit review, Legal, Finance, Technology, Change Management. Credit Union Board compliance and risk committees and Credit Union managers and staff, Regulatory bodies, auditors, accountants, lawyers, stockbrokers, business consultants and other professionals who provide risk management advisory services.

    How will you benefit

    This specialist programme will provide you with the skills to:

    • Explain the key risks facing banks in Ireland and discuss the strategies to manage them

    • Outline the components of risk management frameworks and advise colleagues and management on their application

    • Evaluate risk MI including Key Risk Indicator (KRI) data and trend analysis and communicate clearly relevant insights to the appropriate stakeholders in an appropriate format and timely manner

    • Independently apply the learning skills developed on this programme to advance your professional and personal career ambitions

    • Review CBI, ECB, and other relevant sources for advances in best practice in banking risk management practices, and advocate for their adoption within your work environment as appropriate.

    Continuous Professional Development

    If you hold an IOB designation or a designation managed by IOB, CPD hours may be awarded on successful completion of this programme.

    Delivery

    Online.

    Assessment

    Operational Risk Management Practices module is assessed by:

    • MCQ continuous assessment - 10%

    • An end of trimester two-hour written exam - 90%

    Banking Risk Management Framework, Culture and Conduct Risk module is assessed by:

    • Continuous assessment - 30%

    • An end of trimester two-hour written exam - 70%

    IOB programmes are largely delivered and assessed online. Students should ensure they have appropriate equipment (laptop), and that appropriate software (including MSOffice: Office and Word) is available to them to participate in the programme and related assessments (continuous assessments and exams).

    Award

    When you successfully complete this programme you will be awarded the Professional Certificate in Conduct Risk, Culture and Operational Risk Management by UCD.

    This is a special purpose award and a level 8 qualification on the National Framework of Qualifications.

    Progression

    The Professional Education Framework is a flexible education pathway that provides learning and development opportunities wherever you are in your career. You can access the framework at any step to take specialist qualifications depending on your career and learning need. Please click here to view the 2024/25 portfolio of programmes.

    Fees

    • Operational Risk Management Practices €625

    • Banking Risk Management Framework, Culture and Conduct Risk €520

    Next intake

    • Summer Trimester 2025 - (Assessment in September 2025)

    Trimester start date

    • 28 May 2025

    Closing date

    • 16 May 2025

    This programme enrols three times a year. To see other enrolment dates in the 2024-25 academic year, please click on Key Dates.

    Contact us

    For more information please contact the Programme Manager Calum Conneely at [email protected]

    Modules and learning outcomes

    Operational Risk Management Practices

    (NFQ Level 8, 10 ECTS)

    Operational risk defined. The importance of operational risk and the Probability Risk and Impact SysteM (PRISM). The differences between operational risk and other types of risk. Recent failures in operational risk. Operational risk basics. Three lines of defence. Operational risk taxonomies. Operational risk management frameworks. Risk capacity. Risk appetite statements. Risk policies. Risk pricing and capital. Risk information, Key Risk Indicators (KRIs) reporting and KRI framework. Risk assessment. Risk management and action plans. Risk modelling. Insurance mitigation.

    The practical workshop areas will include inter alia: Financial crime prevention. Anti–Money Laundering/Countering of Financing of Terrorism. Know Your Customer, Irish and UK. Anti- Corruption laws. External and internal fraud. Information security, IT resilience, cybercrime. Outsourcing. Business continuity planning. Data quality and other practical areas.

    Banking Risk Management Framework, Culture and Conduct Risk

    (NFQ Level 8, 5 ECTS)

    Definition of conduct risk: How does conduct risk transpire. Application to retail and wholesale markets. Conduct risk as defined by the FCA and what lies at its core i.e. seeking the best outcome for the customer. Drivers/causes of conduct risk. Constituents of conduct risk including behavioural economics. Conduct risk frameworks and its relationship with the overall banking risk framework. Conduct risk appetite statements. Conduct risk policies and common metrics for assessing conduct risk performance in an organisation. How conduct risk relates to operational risk. The difference between conduct risk and compliance. Conduct risk impacts on customers, on employees, the financial institution and on markets (positive/negative). How ethical behaviours and decisions can improve customer outcomes. Applying the theory to a number of real life Irish and UK examples using case studies. Risk governance. People, roles and responsibilities. The Board .The CRO. Wider reporting. Systems and documentation. Risk management process. Risk culture. Leadership and risk culture. The role of the risk management function in risk culture. The place of other staff in risk culture. Evaluating risk culture.

    Key dates

    Level 7 and 8 Key Dates 2024/25

    Examination schedule 2023/2024

    This programme enrols three times a year.

    Next intake

    • Summer Trimester 2025 - (Assessment in September 2025)

    Trimester start date

    • 28 May 2025

    Closing date

    • 16 May 2025

    Entry Requirements

    Individuals seeking admission to the Professional Certificate in Conduct Risk, Culture and Operations Risk Management will have:

    • 3 years’ experience (full-time) in a relevant banking role and have completed the Professional Diploma in Financial Advice or equivalent 30 ECTS level 7 programme or

    • Have an Honours degree (min. H2.2, level 8 NFQ) or

    • Admission will also be considered from experienced professionals who do not meet the minimum admission requirements as set out above, who can demonstrate learning based on work and training experience e.g. Individuals employed in a risk role with responsibility for decision-making.

    Professional Body Membership

    You must be a current member of IOB, or become a member, to undertake this programme, (membership year - January to December).

    For more information on the membership fee and the benefits of being an IOB member, please click here.

    English Language Requirements

    Teaching in IOB is through the medium of English; therefore, applicants must demonstrate a high level of competence in the English language to be admitted to study. Students whose native language is not English are required to demonstrate their proficiency in the language and must provide verifiable evidence of that proficiency. Further information on these requirements is provided in the IOB English Language Policy

    Anne-Marie Butler
    Member Testimonial

    This course explores how firms can support and develop a consumer-focused culture within their organisations and offers powerful learning and tremendous insights to all learners.

    Anne-Marie Butler, Teagasc

    James Butler
    Member Testimonial

    The evolving developments and threats from technology, cyber risk, and disruptive business models will continue to make operational risk a critical and increasing focus for firms and a great area for study and career opportunities.

    James Butler, Albany Beck

    Your lifelong learning partner

    Join the IOB Community

    Begin your journey with IOB today and unlock exclusive member content, events and insights!

    Join IOB

    Registered Number: 197171

    Registered Charitable Organisation Charity Registration Number: 20026950 CHY Number: 10530

    The Institute of Bankers in Ireland (a company limited by guarantee) trading as IOB

    Discover

    Learn

    Contact

    47-49 Pearse Street

    Dublin 2

    D02 YN40

    Ireland

    Chat: Orange circle bottom right of website (Support hours 9am to 5pm)

    Email: [email protected]

    Phone: +353 (0)1 6116500 (Support hours 10am to 2pm)

    Copyright © 2025