OPERATIONAL RISK

Risk management in banking

 Operational risk is the risk of loss resulting from
inadequate or failed procedures, systems or policies,
employee errors, system failures, frauds or other
criminal activities or any event that disrupts business
processes.
WHAT IS
OPERATIONA Operational risk can also be summarized as human
risk; it is the risk of business operations failing due to
L RISK? human errors.
 Until Basel II reforms to banking supervision,
operational risk was a residual category reserved for
risks and uncertainties which were difficult to quantify
and manage in traditional ways- the "other risks"
basket.

OPERATIONA Events such as the09/11 terrorist attacks, rogue

L RISK trading losses atSocit
Gnrale,Barings,UBSandNational Australia
BACKGROUN Bankserve to highlight the fact that the scope ofrisk
D managementextends beyond
merelymarketandcredit risk.

These reasons underscore banks' and supervisors'

growing focus upon the identification and
measurement of operational risk.
 The list of risks faced by banks today includes fraud,
system failures, terrorism and employee
compensation claims.

OPERATIONA These types of risk are generally classified under the

term 'operational risk'.
L RISK
BACKGROUN The identification and measurement of operational
D risk is a real and live issue for modern-day banks,
particularly since the decision by theBasel
Committee on Banking Supervision(BCBS) to
introduce a capital charge for this risk as part of the
new capital adequacy framework (Basel II).
 Operational risk focuses on how things are
accomplished within an organization and not
necessarily what is produced within an industry.

FOCUS OF These risks are often associated with active decisions

relating to how the organization functions and what it
OPERATIONA prioritizes.
L RISK
 In August 1994, the NASDAQ market had to close for
more than half an hour, losing valuable trading time,
as an energetic squirrel had gnawed through the
power lines supplying the stock market's computer
centre in Connecticut.
The system failed to perform the automatic
EXAMPLE OF switchover to the temporary backup power supply
and consequently the market was down for 34
OPERATIONA minutes.

L RISK
METHODS
OF
OPERATIONA
L RISK
MANAGEMEN
T
These approaches were brought by Basel II.
 Regular process

Different types of controls, e.g.: preventive and

detective
OPERATIONA
L RISK Fully documented audit trail (ideally electronic
CONTROL document storage)

Results should feed in to Internal Audit Programme

 Transfer e.g. insure the risk via a third party,
instead of carrying the burden
DEALING
WITH Treat enhance controls / introduce new controls
OPERATIONA
L RISK Tolerate accept the risk exposure as part of the risk
appetite
EXPOSURE;
THE 4Ts Terminate stop undertaking the activity which
gives rise to that risk
 Operational risk is a broad discipline, close to good
management andquality management.

Contrary to other risks (e.g.credit risk,market

risk,insurance risk) operational risks are not
diversifiable and cannot be laid off, meaning that, as
long as people, systems and processes remain
imperfect, operational risk cannot be fully eliminated.

Wider trends such as globalization, the expansion of

the internet and the rise of social media, as well as
the increasing demands for greater corporate
accountability worldwide, reinforce the need for
proper operational risk management.
 Basel II divides operational risk into seven different event type
categories which are as follow:
1. Internal Fraud:Bribery, intentional mis-marking of positions, tax
evasion and mishandling of assets
2. External Fraud:Hacking damage, theft of information, forgery and
third-party theft

BASEL II 3. Employment Practices and Workplace Safety:Workers

compensation, discrimination, employee health and safety
AND 4. Clients, Products and Business Practice:Account churning,

OPERATIONA fiduciary breaches, product defects, improper trade, antitrust and

market manipulation

L RISK 5. Damage to Physical Assets:Natural disasters, terrorism and

vandalism
6. Business Disruption and Systems Failures:Hardware failures,
software failures and Utility disruptions
7. Execution, Delivery and Process Management:Negligent loss
of client assets, data entry errors, failed mandatory reporting and
accounting errors
 THANK YOU FOR YOUR ATTENTION

HENA HADZIC