1 the objective of operational risk management is the same as for credit, market and liquidity...
TRANSCRIPT
![Page 1: 1 The objective of operational risk management is the same as for credit, market and liquidity risks that is to find out the extent of the financial](https://reader036.vdocument.in/reader036/viewer/2022081420/5697c0101a28abf838ccb49f/html5/thumbnails/1.jpg)
![Page 2: 1 The objective of operational risk management is the same as for credit, market and liquidity risks that is to find out the extent of the financial](https://reader036.vdocument.in/reader036/viewer/2022081420/5697c0101a28abf838ccb49f/html5/thumbnails/2.jpg)
1
![Page 3: 1 The objective of operational risk management is the same as for credit, market and liquidity risks that is to find out the extent of the financial](https://reader036.vdocument.in/reader036/viewer/2022081420/5697c0101a28abf838ccb49f/html5/thumbnails/3.jpg)
The objective of operational risk management is the same as for credit, market and liquidity risks that is to find out the extent of the financial institution’s operational risk exposure; to understand what drives it, to allocate capital against it and identify trends internally and externally that would help predicting it.
Failure to understand and manage operational risk, which is present in virtually all banking transactions and activities, may greatly increase the likelihood that some risks will go unrecognized and uncontrolled.
2
![Page 4: 1 The objective of operational risk management is the same as for credit, market and liquidity risks that is to find out the extent of the financial](https://reader036.vdocument.in/reader036/viewer/2022081420/5697c0101a28abf838ccb49f/html5/thumbnails/4.jpg)
Corporate Governance Corporate Governance
• Board of Directors to provide guidance, approve and periodically review bank’s OR management framework
• Senior management to translate framework into specific policies, processes and procedures consistently and comprehensively
• Establishment of independent OR management function
Identification and AssessmentIdentification and Assessment
• OR identification based on process/activity maps, and loss data collection• Development of forward-looking early warning indicators and self-
assessments• OR quantification, based on data sources and scenario analysis• Validation and back-testing of results
Control andMitigation
Control andMitigation
• Internal control policies, processes, procedures and systems• Incorporation in budgeting, strategy and business applications• Evaluation of alternative risk mitigants
MonitoringMonitoring
• Systematic tracking of loss events, KRIs and CRSA scores• Timely, accurate, relevant and periodic MIS and other (e.g. ‘heat map’)
reporting • Education and communication workshops, Forums etc.
* Largely based on ‘Sound Practices for the Management and Supervision of Operational Risk’, Basel Committee on Banking Supervision (February 2003).
3
![Page 5: 1 The objective of operational risk management is the same as for credit, market and liquidity risks that is to find out the extent of the financial](https://reader036.vdocument.in/reader036/viewer/2022081420/5697c0101a28abf838ccb49f/html5/thumbnails/5.jpg)
EVENT-TYPE CATEGORY (LEVEL 1) DEFINITION
CATEGORIES (LEVEL 2)
ACTIVITY EXAMPLES (LEVEL 3)
Transactions not reported (intentional) Trans type unauthorized (w/ monetary loss)
Unauthorized Activity
Mismarking of position (intentional)
Fraud/ credit fraud/ worthless deposits Theft/ extortion/ embezzlement/ robbery Misappropriation of assets Malicious destruction of assets Forgery Check kiting Smuggling Account take-over/ impersonation/ etc. Tax non-compliance/ evasion (willful) Bribes/ kickbacks
Internal Fraud Losses due to acts of a type intended to defraud, misappropriate property or circumvent regulations, the law or company policy, excluding diversity/ discrimination events, which involves at least one internal party
Theft and Fraud
Insider trading (not on firm's account)
Theft/ Robbery Forgery
Theft and Fraud
Check kiting
Hacking damage
External Fraud Losses due to acts of a type intended to defraud, misappropriate property or circumvent the law, by a third party
Systems Security Theft of information (w/ monetary loss)
* Based on Basel Committee’s OR loss event classification
4
![Page 6: 1 The objective of operational risk management is the same as for credit, market and liquidity risks that is to find out the extent of the financial](https://reader036.vdocument.in/reader036/viewer/2022081420/5697c0101a28abf838ccb49f/html5/thumbnails/6.jpg)
EVENT-TYPE CATEGORY (LEVEL 1) DEFINITION
CATEGORIES (LEVEL 2)
ACTIVITY EXAMPLES (LEVEL 3)
Compensation, benefit, termination issues Employee Relations Organized labor activity
General liability (slip and fall, etc.) Employee health & safety rules events
Safe Environment
Workers compensation
Employment Practices and Workplace Safety
Losses arising from acts inconsistent with employment, health or safety laws or agreements, from payment of personal injury claims, or from diversity/ discrimination events
Diversity & Discrimination
All discrimination types
Fiduciary breaches/ guideline violations Suitability/ disclosure issues (KYC, etc.) Retail consumer disclosure violations Breach of privacy Aggressive sales Account churning Misuse of confidential information
Suitability, Disclosure & Fiduciary
Lender Liability
Antitrust Improper trade/ market practices Market manipulation Insider trading (on firm's account) Unlicensed activity
Improper Business or Market Practices
Money laundering
Product defects (unauthorized, etc.) Product Flaws Model errors
Failure to investigate client per guidelines Selection, Sponsorship & Exposure Exceeding client exposure limits
Clients, Products & Business Practices
Losses arising from an unintentional or negligent failure to meet a professional obligation to specific clients (including fiduciary and suitability requirements), or from the nature or design of a product
Advisory Activities Disputes over performance of advisory activities
5
![Page 7: 1 The objective of operational risk management is the same as for credit, market and liquidity risks that is to find out the extent of the financial](https://reader036.vdocument.in/reader036/viewer/2022081420/5697c0101a28abf838ccb49f/html5/thumbnails/7.jpg)
EVENT-TYPE CATEGORY (LEVEL 1) DEFINITION
CATEGORIES (LEVEL 2)
ACTIVITY EXAMPLES (LEVEL 3)
Damage to Physical Assets
Natural disaster losses
Losses arising from loss or damage to physical assets from natural disaster or other events
Disasters and other events
Human losses from external sources (terrorism, vandalism)
Business Disruption and System Failures
Hardware
Software Telecommunications
Losses arising from disruption of business or system failures
Systems
Utility outage/ disruptions
Execution, Delivery & Process Management
Miscommunication
Data entry, maintenance or loading error Missed deadline or responsibility Model/ system misoperation Accounting error/ entity attribution error Other task misperformance Delivery failure Collateral management failure
Transaction Capture, Execution & Maintenance
Reference Data Maintenance
Failed mandatory reporting obligation Monitoring and Reporting Inaccurate external report (loss incurred)
Client permissions/ disclaimers missing Customer Intake and Documentation Legal documents missing/ incomplete
Unapproved access given to accounts Incorrect client records (loss incurred)
Customer/ Client Account Management
Negligent loss or damage of client assets
Non-client counterparty misperformance Trade Counterparties Misc. non-client counterparty disputes
Vendors & Suppliers Outsourcing
Losses from failed transaction processing or process management, from relations with trade counterparties and vendors
Vendor disputes
* Based on Basel Committee’s OR loss event classification
6
![Page 8: 1 The objective of operational risk management is the same as for credit, market and liquidity risks that is to find out the extent of the financial](https://reader036.vdocument.in/reader036/viewer/2022081420/5697c0101a28abf838ccb49f/html5/thumbnails/8.jpg)
ThreePillars
Minimum capitalrequirements
Supervisory reviewprocess
Market discipline
Risk weightedassets
Definition ofcapital
Credit riskOperational
riskMarketrisks
Standardized Approach
InternalRatings-based
Approach
BasicIndicatorApproach
StandardizedApproach
AdvancedMeasurementApproaches
StandardizedApproach
ModelsApproach
CoreCapital
SupplementaryCapital
7
![Page 9: 1 The objective of operational risk management is the same as for credit, market and liquidity risks that is to find out the extent of the financial](https://reader036.vdocument.in/reader036/viewer/2022081420/5697c0101a28abf838ccb49f/html5/thumbnails/9.jpg)
The Advanced Measurement Approach is the most advanced of the three options. Under this approach, each firm calculates it own capital requirements, by developing and applying its own internal risk measurement system. As with the Standardized Approach, the firm must meet certain qualifying criteria, and the risk measurement system must be validated by the regulator before it will be allowed to take advantage of the AMA.
In calculating operational risk capital charges, Basel II sets out three different methods which may be adopted.
The Basic Indicator Approach is the simplest of the three approaches, and will be the default option for most firms. It applies a calculation based on the firm's income to determine its capital requirements.
The Standardized Approach relies on calculations based on income, but with different percentages applying across different business lines. To be able to take advantage of the Standardized Approach, firms will have to meet certain qualifying criteria.
8
![Page 10: 1 The objective of operational risk management is the same as for credit, market and liquidity risks that is to find out the extent of the financial](https://reader036.vdocument.in/reader036/viewer/2022081420/5697c0101a28abf838ccb49f/html5/thumbnails/10.jpg)
Loss Data Collection Framework
- Collection of Losses
- Validity of Losses
- Analysis of Losses - Tailored Insurance Policies - Risk Sensitive Control Framework
Risk and Control Mitigation Framework
- Identification of Risk & Control
- Mitigation of Control (i.e mitigating risk and hence reducing loss)
9
![Page 11: 1 The objective of operational risk management is the same as for credit, market and liquidity risks that is to find out the extent of the financial](https://reader036.vdocument.in/reader036/viewer/2022081420/5697c0101a28abf838ccb49f/html5/thumbnails/11.jpg)
10