RSK4801 notes. 100% TRUSTED Answers, guidelines, workings and references.LESSON 01: WHAT IS OPERATIONAL RISK?
Define operational risk and its sub-categories:
Op risk: The risk of loss resulting from inadequate or failed internal processes, people and systems or from external events.
The Basel Co...
Op risk: The risk of loss resulting from inadequate or failed internal processes, people and systems or from external events.
The Basel Committee defines the operational risk as the "risk of loss resulting from inadequate or failed internal processes,
people and systems or from external events". It limited its own definition by adding a ridder that it incl legal risk, but excl
strategic & reputational risk.
The Basel Committee classified Op risk losses:
• Internal fraud
• External fraud
• Employment practices & workplace safety
• Clients, products & business practices
• Damage to physical assets
• Business disruption and systems failures
• Execution delivery & process management
Some Op risks that keep an Org up at night:
- Loss of reputation
- Failure of the org to change/adapt
- Business interruption
- Failure to retain employees
- Political risk
- General liability
- Failure of a key strategic alliance
- ICT failure
Equate operational risk to enterprise risk management:
- Operational risk: An uncertainty associated with the delivery of specific program, functional, or operational
objectives, and includes risks inherent to the design, management or performance of business processes,
systems, people, and external events.
- Enterprise risk: An uncertainty whose impacts could significantly affect the ability to achieve the mission.
Enterprise risks can be:
✓ Pervasive: Cut across an agency’s organizational boundaries
✓ Localized, high-impact: Applicable to one office/division
, lOMoARcPSD|21776200
Identify the overlap with other risks and the boundary issue:
Table 1.2 page 13 provides a useful way of approaching this.
Transaction-based: Before a firm opens its doors its exposed to operational risk in the guise of, for ex, fire, theft or floods.
All risks are transactional in nature.
Assumed proactively: Practically all financial services are about the assumption and management of risk, whether it is a
bank lending money, an insurer underwriting or a dealer trading currencies or bonds. Operational risk is essentially
unavoidable, whether we like it or not. Generally operational risk is to be taken on to be reduced an controlled, rather
than increased.
Identified from accounting information: For reporting, we have to rely considerably on human honesty and human
reporting, rather than data feeds from the accounting system.
Can the occurrence of risk events be audited? It is certainly possible to audit whether an operational risk loss has been
correctly recorded – but only if it has been reported. And its also possible to do this even for ones which haven’t been
admitted to – provided the auditors are aware of the incident.
Can limits be put on operational risk? Rarely, mainly because it is not assumed proactively. With other types of risk, you
can limit your exposure to an entity, a currency, a maturity, a geographical area and so on. Operational risk, alas, happens.
Can you trade operational risk? Again, unlike the other risks, the answer no. It is true that catastrophe bonds exist, but
these tend to deal with very specific events, such as damage to property caused by earthquakes / hurricanes within a
particular geographical area or radius.
Operational risk is universal: It is everywhere and universal, which is why its management should be a paramount concern
for the board and senior executives.
The boundary issue: Op risk overlaps with other risks. Many of the losses which are ascribed to other classes of risk have
strong operational risk component.
State why operational risk is different from other risks:
Operational risk is heavily dependent on the human factor: mistakes or failures due to actions or decisions made by a
company's employees. A type of business risk, operational risk is distinct from systematic risk and financial risk.
Follow the chain of causality:
Cause -> Event -> Effect: Op risk management is about managing events, it does so through preventative controls and
indicators to manage their causes and through detective controls and actions to mitigate their effects.
Measurement and Management of Operational risk:
How do we measure operational risk?
According to the Basel Committee, there are three ways to measure operational risk: the basic indicator approach (BIA),
the standard approach (SA) and the advanced measurement approach (AMA).
, lOMoARcPSD|21776200
What are the four principles of operational risk management?
1. Identify the risk.
2. Analyze the risk.
3. Prioritize the risk.
4. Treat the risk.
5. Monitor the risk.
Explain the challenges of operational risk management:
- Getting the board on board: The board and employees at all levels must assume operational risk management for
it to be effective.
- Getting buy-in throughout the firm: Understanding and explaining the benefits of good operational risk
management is probably the best way to get buy-in throughout the firm.
- It’s common sense, or what we do every day: The activities of identifying, assessing, managing, and mitigating risks
are largely commonplace but must be structured in a coherent framework to facilitate understanding, control and
allocation of resources.
- Why colours and not numbers? If it’s a risk, it must be a number. And, indeed, there’s a view that if it isn’t a
number, you can’t manage it. The other one is that numbers are not as accessible as colours
- So why model it, then? In operational risk, modelling may not provide the perfect answer, but it but it can provide
good answer – provided you understand what you’re getting.
- Reporting: The first challenge is to set up a system and a culture in which reporting of events and ‘near misses’ is
what we do, rather than what we try not to do. All reports, and all the information in them, should lead to action.
If a report is not intended to lead to action, drop it.
- Just give me the manual: If operational risk is managed intelligently, it demands constant re-evaluation both of the
risks and their controls. Operational risk is part of the everyday process of management, for which is a procedures
manual is not the answer. It needs to be in the blood.
LESSON 2: THE BUSINESS CASE FOR OPERATIONAL RISK MANAGEMENT
Getting Management’s Attention:
The fundamental elements of informed decision-making:
• Understanding the operational risk context of decisions
• Differentiating which risks you are prepared to accept at what level through considering your risk appetite
• Distinguishing and differentiating your operational risks and how they are controlled
• Evaluating and assessing problems in the past
• Knowing where you are now
• Knowing where you might be in the future
• Allocating capital on an operational risk basis
• Getting the right information on past events, the present state of state of the operational risk environment and
its possible future state.
Operational Risk Management as a Marketing Tool:
- A good example of this a Volvo which has turned safety into marketing and sales opportunity.
- Similarly, in the financial services sector, many firms go beyond the regulatory requirements for the reporting of
operational risk within their reports and accounts.
- Management can take two approaches as far as risk is concerned:
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller LADHU. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $2.70. You're not tied to anything after your purchase.
