Compliance risk refers to the risk that a company may suffer legal sanctions or regulatory penalties, major financial losses or reputation losses due to its failure to comply with compliance laws, rules and standards. The task of compliance risk management is to find and stop risks and their damage in time. The responsibilities of the Compliance Department include formulating compliance policies, identifying compliance risks, monitoring and evaluating, sorting out and integrating various bank rules and regulations, compliance training, participating in bank organizational structure and business process reengineering, and providing compliance support for new products. \x0d\ Risk management refers to the management process of how to minimize risks in a certain risk environment. It includes risk measurement, assessment and emergency strategy. The ideal risk management is a series of prioritization processes, which give priority to the things that can cause the greatest losses and the most likely to happen, and postpone the things with relatively low risks. \x0d\ It can be seen that there is an inevitable compliance relationship between them, and the general motivation of risk management comes from avoiding compliance risks. But in reality, the optimization process is often difficult to decide, because the risk and the possibility of occurrence are usually inconsistent, so we must weigh the ratio of the two to make the most appropriate decision. \x0d\ Risk management also faces the problem of effective use of resources. This involves the factor of opportunity cost. Using resources for risk management may reduce the resources available for incentive activities; The ideal risk management is to resolve the biggest crisis as much as possible with the least resources. \x0d "Risk management" is a compulsory subject for executives who went to China to invest in western business in 1960s and 1990s. At that time, "risk management" was added to many MBA courses. \x0d\ Risk management \ x0d \ The process of weighing the benefits and costs of reducing risks and deciding what measures to take. \x0d\ The process of determining the cost-benefit balance scheme and deciding the action plan (including deciding not to take any action) becomes risk management. \x0d\ First, risk management must identify risks. Risk identification is to determine which risks may affect the enterprise, and the most important thing is to quantify the degree of uncertainty and possible loss of each risk. \x0d\ Secondly, risk management should focus on risk control, and companies usually take active measures to control risks. By reducing the probability of its loss? Reduce its loss degree to achieve the purpose of control. The most effective way to control risks is to formulate feasible emergency plans and prepare multiple alternative plans to fully prepare for the risks faced by enterprises to the maximum extent. When risks occur, losses can be kept to a minimum according to the pre-planned implementation. \x0d\ Third, risk management should learn to avoid risks. Under the condition that the established goal remains unchanged, the implementation path of the scheme is changed to fundamentally eliminate specific risk factors. Such as establishing modern incentive mechanism, training scheme, and doing a good job of talent reserve, etc., can reduce the risk of brain drain of knowledge workers.