S.I. No. 395 of 1992 requires every credit institution to have robust governance arrangements taking into account the technical criteria set out in Annex V to the Capital Requirements Directive (Directive 2006/48/EC). Under Annex V, credit institutions are required to adopt policies and processes to evaluate and manage exposures to operational risk, including low-frequency high-severity events. Contingency and business continuity plans are required to be put in place to ensure a credit institution's ability to operate on an ongoing basis and limit losses in the event of severe business disruption. The supervision of banks with regard to compliance with these requirements is a matter for the Central Bank. The Central Bank (Supervision and Enforcement) Bill 2011 provides for further powers for the Central Bank to require procedures for identifying, monitoring, reporting on and managing risks as well as the procedures, systems and checks to be adopted for banks to meet their obligations to consumers.