Operational Risk Management.ppt

8/14/2019 Operational Risk Management.ppt

http://slidepdf.com/reader/full/operational-risk-managementppt 1/43



1

Introduction

Globalization and deregulation of financial markets,combined

with increased sophistication in financial technology, have

made banking activities very complex.

Events such as the September 11 terrorist attacks, rogue

trading losses at Barings and the Y2K scare serve to highlight

the importance of operational risk management.

Operational risks faced by banks today include fraud, system

failures, terrorism and employee compensation claims.



2

Typical Bank Org Structure



3

Front Office

The more client-facing side of the business is known as thefront office.

These personnel typically include:

– sales people who act as the main contact point between the

bank and its clients.

– traders/market makers, who are responsible for executing

trades with various counterparties.



4

Middle Office



5

Middle Office functions

Initial trade verification

The input of trades into relevant trading systems

Investigation of any discrepancies in trade details

Daily P&L reporting

Reconciliation and updating of trading positions

Monitoring risk limits



6

Middle Office functions

The middle office function attempts to bridge the gap between

– the front office

– the back office

The middle office typically gets involved in

– risk management – control aspects of trading.

The middle office personnel are capable of independently

– valuing portfolios

– analyzing risk positions.



8

More about the Back Office

The term ‘operations’ or ‘back office’ describe those

operational areas within the bank that deal with the result oftrading by the front office.

Following the execution of a trade and recording of the tradewithin the system, trade details are typically fed through aninterface between the trading system and settlement system.

The starting point for the settlement of trades and allsubsequent activities is the capture of the trade details withinthe settlement system.

The moment the details of a trade are captured within thesettlement system, the trading position for both securities andcash, at a trading book level, must be updated.



10

Trade skeleton

The typical trade information fed by a trading system andcaptured by the settlement system could be described as the‘trade skeleton’.

These are the minimum details a trader or market maker must

provide as these items are variable and cannot be guessed bythe settlement department.



11

Recording details

Though the basic details of a trade may appear very clear-cut,the inaccurate recording of the details can lead to

unnecessary costs being incurred and risks being taken by

the STO.

In an attempt to prevent inaccurate information being sent tothe outside world, the process of validating trade information

is adopted by many banks.



12

Trade agreement/validation

Failure of the bank and its counterparty to agree about thedetails of the trade, can result in monetary losses if the

discrepancy remains unresolved at the value date.

Consequently, it has become standard practice in many

markets to strive for trade agreement as soon as possibleafter trade execution.

In many securities marketplaces, individual trade details must

be sent to the regulator by a specified deadline.



13

Settlement : Exchanging Securities and Cash

The exchange of securities and cash is known as settlement

with the securities industry.

The most efficient and risk-free method of settlement is

known as Delivery versus Payment (DvP).

DvP involves simultaneous exchange of securities and cash

between buyer and seller (through their custodians).

The seller is not required to deliver securities until the buyer

pays the cash.

The buyer is not required to pay cash until the seller deliversthe securities.



14

Free of Payment

The alternative to settling a DvP basis is to settle on a Free ofPayment (FoP) basis.

Parties will need to arrange delivery of securities or payment

of cash prior to taking possession of the other asset.

Due to the risks involved, most STOs avoid settling in this

manner, whenever possible.



15

Settlement Department

The STO must issue a settlement instruction to its custodian

in order for settlement to occur.

All pending incomes against securities must be carefully

monitored.

The first step in collection of the benefit is to become aware

that the issuer is making a specific income payment.

The bank must calculate whether it is in fact entitled to the

income.

If so, it must assess who will remit the income and monitor thereceivable amount until full payment is received.

Where it offers a safe custody service to clients, the STO is

expected to collect income on behalf of its clients.



16

Static data

Static data (sometimes referred to as ‘standing data’) describes data that changes occasionally, or not at all.

The two principal components are:

– Securities static data

– Counterparty static data.

The data must be carefully maintained.

If for instance, the coupon rate on a bond is not set up

correctly, incorrect trade cash values will result.



17

Static Data

Likewise, the setting up of an incorrect counterparty postaladdress could result in a client failing to receive a tradeconfirmation.

Books and records must be accurate, up-to-date, complete

and reflect reality.

Reconciliation is achieved through the comparison of specificpieces of information within the bank’s books and records,and between the bank’s books and records and the outsideworld.



18

Compliance

The compliance officers within a bank are responsible forensuring conformity to the various rules and regulations, as

laid down by the local regulatory authority.

This includes ensuring that:

– only qualified personnel execute trades on the bank’s behalf;

– reporting of trade and positional information to the regulatory authorities

is complete and effected within the stated deadlines;

– methods of investigating trade disputes between the STO and its

counterparties are carried out in a thorough and correct manner;

– measures are taken to prevent unlawful activities within the STO, such

as insider trading



19

Settlement failures

Insufficient securities

Insufficient cash

Unmatched settlement instructions



20

Definition

The Basel Committee defines operational risk as:

"The risk of loss resulting from inadequate or failed

internal processes, people and systems or from external

events."

This definition includes legal risk, but excludes strategic and

reputational risk.

Banks can adopt their own definitions of operational risk, if the

minimum elements in the Committee's definition are included.



21

Types of Operational Risk

Internal fraud

External fraud

Employment practices and workplace safety

Clients, products and business practices

Damage to physical assets

Business disruption and system failures

Execution, delivery and process management

http://ubs.intuition.com/lms/content/IntuitionContent/KnowHow16_5/lo_0296/lo_0296page9.html
















22

Internal Fraud

Intentional misreporting of positions

Unauthorized undertaking of transactions

Deliberate mismarking of positions

Insider trading (on an employee's own account)

Malicious destruction of assets

Theft/robbery/extortion/embezzlement

Bribes/kickbacks

Forgery

Willful tax evasion



23

External Fraud

Theft/robbery

Forgery

Computer hacking damage

Theft of information

Check kiting



24

Employment practices and workplace safety

Employee compensation claims

Wrongful termination

Violation of health and safety rules

Discrimination claims

Harassment

General liability



25

Clients, products and business practices

Breaches of fiduciary duties

Suitability/disclosure issues (KYC, and so on)

Account churning

Misuse of confidential client information

Antitrust

Money laundering

Product defects Exceeding client exposure limits



26

Damage to physical assets

Natural disasters (earthquakes, fires, floods, and so on)

Terrorism

Vandalism



27

Business disruption and system failures

Hardware and software failures

Telecommunication problems

Utility outages/disruptions



28

Execution, delivery and process management

Miscommunication

Data entry errors

Missed deadline or responsibility

Model/system misoperation

Accounting errors

Mandatory reporting failures

Missing or incomplete legal documentation

Unapproved access given to client accounts

Non-client counterparty disputes

Vendor disputes

Outsourcing



29

Qualitative assessment

Environment

Activities

Supervision

Disclosure



30

Risk Assessment

Checklists

Questionnaires

Workshops

Scorecards



31

Operational Risk Indicators

Operational risk indicators attempt to identify potential

losses before they happen.

Some indicators are applicable to specific organizational

units (for example, transaction volumes and processing

errors).

Others can be applied across the entire bank (for example,

employee turnover, new hires and number of sick days).

In practice, the most common risk indicators are lagging or

ex-post measures.

They provide information on events that have already taken

place (eg, failed trades, settlement errors, and so on).



32

From lagging into leading indicators

The challenge for risk managers is to transform lagging

indicators into leading or predictive indicators.

This can be done by changing the focus of the indicators that

are tracked or by adding new information to these indicators.

Thus the focus of the indicators could be changed to highlight

issues that are still outstanding or remain open after a

specified period of time (for example, 24 hours) has elapsed.

In reality, however, it is not easy to transform lagging

indicators into predictive indicators.



33

Statistical Approaches

Statistical approaches to operational risk measurement

generally involve the use of methodologies to quantifyoperational risk .

The approaches involve the collection of actual loss data and

the derivation of an empirical statistical distribution.

An unexpected loss amount, against which banks must hold acapital buffer, can then be calculated from the distribution.

In theory, the unexpected loss can be calculated to any

desired target confidence level.

In practice, many banks are working towards measuring

operational risk to a 99.9% confidence level.



34

Legal risk

The Basel Committee's definition of operational risk explicitly

includes legal risk.

Legal risk is the risk of disruption or adverse impact on the

operations or condition of a bank due to:

– unenforceable contracts

– lawsuits

– adverse judgments

– other legal proceedings

It can arise due to a variety of issues, from broad legal or

jurisdictional issues to something as simple as a missing

provision in an otherwise valid agreement.



35

Master Agreements

There are now master agreement forms for many financial

products.

These agreements:

– create a common legal framework that can be understood by all

market participants.

– cover most of the major legal points that should be agreed as part ofdocumenting the transactions.

Individual transactions are tied to master agreements with

confirmation documents containing specific terms of each

transaction.



36

The master agreements should ideally be negotiated prior to

any individual transaction being agreed.

But, in many cases, the master agreement is only negotiated

as a consequence of the first transaction.

Master agreements cover how the parties will conduct

themselves in case of the early termination of the contractualagreements due to credit default or other unforeseen events.

The agreements specify how the exposures for more than

one transaction under the master agreement will be netted

against each other.



Reputation risk



38

Reputation Risk

Negative public opinion regarding an institution's practices,

whether true or not, may result in a decline in its customerbase, expensive litigation and/or a fall in revenue.

Reputational risk may cause liquidity difficulties, fall in share

price and a significant reduction in market capitalization.

In 1994, Bankers Trust was accused of having misled

customers by selling them inappropriate derivatives positions.

Its reputation was so badly damaged that it was forced into

acquisition.



Strategic Risk



40

Strategic(Business) Risk

It incorporates the risk arising from an adverse shift in the

assumptions, goals and other features that underpin a strategy.

Business Risk is a function of:

– a bank's strategic goals

– the business strategies developed to achieve these goals

– the resources deployed in pursuit of these goals

– the quality of implementation of these resources

Business risk, however, is difficult to assess in practice.

It can be particularly difficult to separate from other forms ofrisk, such as market risk.



Model Risk



42

Model Risk

Model risk arises out of the failure of a model to sufficiently

match reality, or to otherwise deliver the required results.

It can arise from a number of issues, including:

– mathematical errors (for example, in determining the formulas for valuing

more complex financial instruments)

– the lack of transparent market prices for some of the more illiquid marketfactors

– invalid assumptions

– inappropriate parameter specification

– incorrect programming



Dealing with model risk

Companies must model the instruments and the portfolio carefully.

Very large and unexpected moves may occur in market factorssometimes in conjunction with each other.

Liquidity can suddenly vanish.

Being based on assumptions, models are always a simplifiedrepresentation of what happens under real-life conditions.

If these assumptions break down, then the model is worthless.

Therefore, modeling for disaster as well as for normal market

conditions is highly desirable.

This is why stress testing is important in addition to value at risk

calculations.

Operational Risk Management.ppt

Documents

Transcript of Operational Risk Management.ppt