Operational risk

Operational risk
Categories of
financial risk
Credit risk
Concentration risk
Market risk
Interest rate risk
Currency risk
Equity risk
Commodity risk
Liquidity risk
Refinancing risk
Operational risk
Legal risk
Political risk
Reputational risk
Volatility risk
Settlement risk
Profit risk
Systemic risk
v · d · e

Basel II

Bank for International Settlements
Basel Accords - Basel I
Basel II

Background

Banking
Monetary policy - Central bank

Risk - Risk management

Regulatory capital
Tier 1 - Tier 2

Pillar 1: Regulatory Capital

Credit risk
Standardized - IRB Approach
F-IRB - A-IRB
PD - LGD - EAD

Operational risk
Basic - Standardized - AMA

Market risk
Duration - Value at risk

Pillar 2: Supervisory Review

Economic capital
Liquidity risk - Legal risk

Pillar 3: Market Disclosure

Disclosure

Business and Economics Portal

An operational risk is, as the name suggests, a risk arising from execution of a company's business functions. It is a very broad concept which focuses on the risks arising from the people, systems and processes through which a company operates. It also includes other categories such as fraud risks, legal risks, physical or environmental risks.

A widely used definition of operational risk is the one contained in the Basel II [1] regulations. This definition states that operational risk is the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events.

The approach to managing operational risk differs from that applied to other types of risk, because it is not used to generate profit. In contrast, credit risk is exploited by lending institutions to create profit, market risk is exploited by traders and fund managers, and insurance risk is exploited by insurers. They all however manage operational risk to keep losses within their risk appetite - the amount of risk they are prepared to accept in pursuit of their objectives. What this means in practical terms is that organisations accept that their people, processes and systems are imperfect, and that losses will arise from errors and ineffective operations. The size of the loss they are prepared to accept, because the cost of correcting the errors or improving the systems is disproportionate to the benefit they will receive, determines their appetite for operational risk.

Determining appetite for operational risk is a discipline which is still in its infancy. Some of the issues and considerations around this process are outlined in this Sound Practice paper published by the Institute for Operational Risk in December 2009.[2]

Contents

Background

Since the mid-1990s, the topics of market risk and credit risk have been the subject of much debate and research, with the result that financial institutions have made significant progress in the identification, measurement and management of both these forms of risk. However, it is worth mentioning that the near collapse of the U.S. financial system in September 2008 is a clear indication that our ability to measure market and credit risk is far from perfect.

Globalization and deregulation in financial markets, combined with increased sophistication in financial technology, have introduced more complexities into the activities of banks and therefore their risk profiles. These reasons underscore banks' and supervisors' growing focus upon the identification and measurement of operational risk.

Events such as the September 11 terrorist attacks, rogue trading losses at Société Générale, Barings, AIB and National Australia Bank serve to highlight the fact that the scope of risk management extends beyond merely market and credit risk.

The list of risks (and, more importantly, the scale of these risks) faced by banks today includes fraud, system failures, terrorism and employee compensation claims. These types of risk are generally classified under the term 'operational risk'.

The identification and measurement of operational risk is a real and live issue for modern-day banks, particularly since the decision by the Basel Committee on Banking Supervision (BCBS) to introduce a capital charge for this risk as part of the new capital adequacy framework (Basel II).

Definition

The Basel Committee defines operational risk as:

"The risk of loss resulting from inadequate or failed internal processes, people and systems or from external events."

However, the Basel Committee recognizes that operational risk is a term that has a variety of meanings and therefore, for internal purposes, banks are permitted to adopt their own definitions of operational risk, provided that the minimum elements in the Committee's definition are included.

Scope exclusions

The Basel II definition of operational risk excludes, for example, strategic risk - the risk of a loss arising from a poor strategic business decision.

Other risk terms are seen as potential consequences of operational risk events. For example, reputational risk (damage to an organization through loss of its reputation or standing) can arise as a consequence (or impact) of operational failures - as well as from other events.

Basel II event type categories

The following lists the official Basel II defined event types with some examples for each category:

  1. Internal Fraud - misappropriation of assets, tax evasion, intentional mismarking of positions, bribery
  2. External Fraud- theft of information, hacking damage, third-party theft and forgery
  3. Employment Practices and Workplace Safety - discrimination, workers compensation, employee health and safety
  4. Clients, Products, & Business Practice- market manipulation, antitrust, improper trade, product defects, fiduciary breaches, account churning
  5. Damage to Physical Assets - natural disasters, terrorism, vandalism
  6. Business Disruption & Systems Failures - utility disruptions, software failures, hardware failures
  7. Execution, Delivery, & Process Management - data entry errors, accounting errors, failed mandatory reporting, negligent loss of client assets

Difficulties

It is relatively straightforward for an organization to set and observe specific, measurable levels of market risk and credit risk because models exist which attempt to predict the potential impact of market movements, or changes in the cost of credit. It should be noted however that these models are only as good as the underlying assumptions, and a large part of the recent financial crisis arose because the valuations generated by these models for particular types of investments were based on incorrect assumptions.

By contrast it is relatively difficult to identify or assess levels of operational risk and its many sources. Historically organizations have accepted operational risk as an unavoidable cost of doing business. Many now though collect data on operational losses - for example through system failure or fraud - and are using this data to model operational risk and to calculate a capital reserve against future operational losses. In addition to the Basel II requirement for banks, this is now a requirement for European insurance firms who are in the process of implementing Solvency II [3], the equivalent of Basel II for the banking sector.

Methods of operational risk management

Basel II and various Supervisory bodies of the countries have prescribed various soundness standards for Operational Risk Management for Banks and similar Financial Institutions. To complement these standards, Basel II has given guidance to 3 broad methods of Capital calculation for Operational Risk

  • Basic Indicator Approach - based on annual revenue of the Financial Institution
  • Standardized Approach - based on annual revenue of each of the broad business lines of the Financial Institution
  • Advanced Measurement Approaches - based on the internally developed risk measurement framework of the bank adhering to the standards prescribed (methods include IMA, LDA, Scenario-based, Scorecard etc.)

The Operational Risk Management framework should include identification, measurement, monitoring, reporting, control and mitigation frameworks for Operational Risk.

See also

External links


Wikimedia Foundation. 2010.

Игры ⚽ Поможем решить контрольную работу

Look at other dictionaries:

  • Operational Risk — A form of risk that summarizes the risks a company or firm undertakes when it attempts to operate within a given field or industry. Operational risk is the risk that is not inherent in financial, systematic or market wide risk. It is the risk… …   Investment dictionary

  • operational risk — The risk to the bank that errors made in the course of conducting its business will result in losses. The Federal Reserve calls this operational risk and states in its definition that operational risk arises from the potential that inadequate… …   Financial and business terms

  • operational risk — The risk of direct or indirect loss resulting from inadequate or failed internal processes and systems, or from a wide variety of external events. The control of operational risk has been the object of much attention in recent years, for example… …   Accounting dictionary

  • operational risk — The risk of direct or indirect loss resulting from inadequate or failed internal processes and systems, or from a wide variety of external events. The control of operational risk has been the object of much attention in recent years, for example… …   Big dictionary of business and management

  • operational risk — operacinė rizika statusas Aprobuotas sritis draudimas apibrėžtis Nuostolių rizika dėl darbuotojų, sistemų, netinkamų ar nepavykusių vidaus procesų arba išorės įvykių poveikio. atitikmenys: angl. operational risk šaltinis Lietuvos Respublikos… …   Lithuanian dictionary (lietuvių žodynas)

  • operational risk — operacinė rizika statusas Aprobuotas sritis kredito ir finansų įstaigos apibrėžtis Tikimybė patirti nuostolių dėl žmonių, sistemų, netinkamų ar nepavykusių vidaus procesų arba dėl išorės įvykių poveikio, įskaitant teisinę riziką. atitikmenys:… …   Lithuanian dictionary (lietuvių žodynas)

  • Operational risk management — See also: Risk management The term Operational Risk Management (ORM) is defined as a continual cyclic process which includes risk assessment, risk decision making, and implementation of risk controls, which results in acceptance, mitigation, or… …   Wikipedia

  • Standardized approach (operational risk) — In the context of operational risk, the standardized approach or standardised approach is a set of operational risk measurement techniques proposed under Basel II capital adequacy rules for banking institutions.Basel II requires all banking… …   Wikipedia

  • Risk — takers redirects here. For the Canadian television program, see Risk Takers. For other uses, see Risk (disambiguation). Risk is the potential that a chosen action or activity (including the choice of inaction) will lead to a loss (an undesirable… …   Wikipedia

  • Risk adjusted return on capital — (RAROC) is a risk based profitability measurement framework for analysing risk adjusted financial performance and providing a consistent view of profitability across businesses. The concept was developed by Bankers Trust in the late 1970s. Note,… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”