Operational Risk Management in Small Banks
|
|
- Lionel Bryant
- 5 years ago
- Views:
Transcription
1 Operational Risk Management in Small Banks
2 Operational Risk Definition Operational risk is defined as the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. The definition includes legal risk* but excludes strategic and reputational risk. Basel II n.644 *legal risk includes, but is not limited to, exposure to fines, penalties, or punitive damages resulting from supervisory actions, as well as private settlements.
3 Compliance, Strategic & Reputational Risk Compliance Risk - The current and prospective risk to earnings or capital arising from violations of, or noncompliance with laws, rules, regulations, internal policies and procedures, or ethical standards. Strategic Risk - The current and prospective impact on earnings or capital arising from adverse business decisions, improper implementation of decisions, or lack of responsiveness to industry changes. Reputational Risk - The current and prospective impact on earnings and capital arising from negative public opinion. Need for formal definitions for the Bank including how these risks are being measured and managed
4 Drivers of Operational Risks Risks could arise from failures in: Process People Systems Operational failure occurs every time one or more of these resources is inadequate to the task being performed: Insufficient quality or quantity (capacity or capability) Unavailable at a critical stage (availability & criticality) Breakdown altogether Or as a result of External Events Any of these failures could lead to customer dissatisfaction and/or losses to the bank.
5 Loss event type classification Type Internal Fraud External Fraud Employmen t practices and Workplace Safety Definition Intentional fraud, misappropriation of property, involving at least one internal party Intentional fraud, misappropriation of property, by 3rd party Acts inconsistent with employment, health & safety laws, discrimination Activity Examples Transactions not reported (intentionally) Intentional mismarking of Theft/ position robbery/ forgery Fraud/ forgery Hacking systems/ Employee Theft of relation issues information Safety issues Discrimination
6 Loss event type classification Type Clients, Products & Business Practices Definition Unintentional or negligent failure to meet professional obligations to specific clients or from the design of a product / service Activity Examples Suitability (KYC issues) Aggressive sales Misuse of confidential information Improper market practices Product flaws/ model errors Failure to investigate client per guidelines Exceeding client exposure limits Disputes over performance of advisory activities Damage to Physical Assets Loss or damage to physical assets from natural disaster or other events Natural disaster losses Human losses from terrorism, vandalism
7 Loss event type classification Type Business disruption and system failures Execution, Delivery & Process management Definition Disruption of business or system failures Failed transaction processing/ process management, or failure of relations with trade counterparties Activity Examples Hardware/ software failure Telecommunicaitons Utility outage Incorrect capture e.g. of data entry, missed deadlines Delivery failure Inaccurate reporting Missing client permissions / legal documents Incorrect client records Misperformance of 3 rd party suppliers/ counterparties
8 Are adequate controls in place? Control activity that reduces incidence of risk, reduces the possibility that something will go wrong, thus helping us achieve process objectives
9 Recommended Controls Type Internal Fraud External Fraud Employment practices and Workplace Safety Clients, Products & Business Practices Controls Segregation of duties Internal Controls Double Checking Firewalls Encryption Double Checking Training Enforcement Provision of protective clothing Adherence to safety Standards Compliance department Prevention of money Laundering Procedures system Internal Audit Risk Management
10 Recommended Controls Type Damage to Physical Assets Business disruption and system failures Execution, Delivery & Process management Controls Insurance Sound Building Management Safety Measures Uninterruptible power supply Preventive maintenance Standby systems/ back ups Physical security Alternative Business Sites Training Internal audits Double checking Procedures standards Risk management
11 Basle Committee Sound Principles Establishment & review of Op Risk Framework & Strategy (BoD & Senior mgt) Implementing strategy & developing Policies (Senior mgt) Communication to oversee and manage the framework Processes and systems to identify, assess, monitor operational risk exposures & loss events Policies controls & procedures re control & mitigation of risks Allocates responsibilities related to operational risk and its management to the various organisational Supervisors should ensure effective systems are in place to identify, measure, monitor and control operational risks & evaluate reporting mechanisms functions and external bodies. Public disclosure to inform market participants of op. risk exposure and the quality of its operational risk management.
12 Strategy & Risk Appetite An Operational Risk Mgt Framework for the Bank was drawn up and approved in 2008 and is being implemented by ORU. An OR Strategy should set out risk exposure profile, include a statement of risk appetite, and state the overall approach to identification, measurement, reporting & transfer of Op Risk (in accordance with Best Practice) A general Operational Risk Management Policy is needed to fit within an overarching risk management policy. These objectives should serve to support the risk management
13 Risk Culture Organisational culture, values and valued behaviour will underpin our risk culture. Values should encourage comprehensive risk reporting (current, new or emerging) encourage challenging debate about risk at all levels. What reflects a good risk culture? people have an awareness of risk in what they do supportive, rather than looking for someone to blame. people understand their responsibilities, and level and limits of accountability People are open to learning and to challenge, aware of changing internal and external environment and seeking continuous improvement in all aspects of risk management Through our initiatives, by the end of this year we should aim to have increased
14 Governance (1) Good governance Good risk governance should result in risk being accepted and managed within known and agreed risk appetites It should provide a structure of risk responsibility throughout the BOV Group to ensure everyone is aware of their own risk responsibilities and accountabilities and those of others with whom they work. By the end of this year, risk management should be seen as key component in strategic decision making (e.g. when evaluating new products, new distribution channels, changes to systems & resources) and also at process and activity levels
15 Governance (2) Three lines of Defence
16 Governance (3) Role of ORU The risk management & analysis function does not directly manage risk. It is the business line executives and managers who are responsible to manage the risks they accept. ORU provides oversight of each business line s risk activities and facilitates risk management throughout the bank by: Providing framework, tools & methodology to allow key decision makers to identify, assess and manage risks Monitoring key exposures against agreed risk appetites Establishing appropriate scenario planning for operational risks likely to affect our business Providing cost-benefit analysis on risk control optimisation and other risk mitigation
17 Governance (4) Role of Business Units Operational Risk Co-ordinator Role to act as risk champions responsible for business-level risk mgt Managing OR exposures on a daily basis Communicate business unit level OR information to ORU Reporting to business unit management ORU will provide adequate training for these OR Co-ordinators to ensure that skills are in place and appropriate levels of independence so that reporting of losses or control failures will not be compromised.
18 Operational Risk Management Framework Operational risk management is about managing the exposure to expected operational loss events as well as reasonably probable unexpected losses. Risk Identification Loss Database Key Risk Indicators Scenario Analysis Business Continuity Planning Information Security & Information Quality
19 Risk Mapping Methodology Identify complete process & business units involved Map current (AS IS) process Identify Issues/risks Understand Process Objectives Evaluate Risks (scoring) Set objectives for TO BE Options identification Final TO BE recommendations Approval & implementation of recommendations Review of Risk Assessment to understand benefits derived Current Process Maps AS IS (Level 1-3 ) Risk Matrix Risk Assessment Risk Map Set of recommendations for a changed process to be presented at Executive Committee Project Team set up to implement approved changes Review & update Process Maps, Risk Assessment, & Risk Map Driven by PMF Ext. Consultants & PMF Core Team includes Op. Risk representatives SMEs Driven by Op. Risk incl. SMEs Risk Map Panel Driven by PMF Ext. Consultants & PMF Core Team includes Op. Risk representatives SMEs Driven by PMF Ext. Consultants & SMEs Driven by Op. Risk & Mgt Services incl. SMEs Risk Map Panel
20 Standard Notation used in Process Mapping
21 Level 3 Process Map Sample START Customer is greeted by CSO and is informed/identifies his need to apply for a card Customer holds the necessary documentation? NO Customer is informed of the required documentation END YES R.O. and customer identify suitable Card type Is card type a credit card? NO (Debit Card Application) R.O. asks for and checks other details on any other facilities YES Clicks on ISAI to access CPS screen to check Borrowers Index R.O. and customer agree on card type 1 Customer asked to submit application at his Monitoring unit YES Customer holds loans at another Monitoring unit NO PROCESS: ISSUING Process Stream 1: END PAGE 1 Revised: 21 May 2007
22 Central Operations Cards Embossing IT Cards Mgt. Cards Issuing Personal / Bus. Lending Branch Manager Branch RO / CO Consumer
23 Identifying Risks What is the possibility that something can go wrong? Does your process sometimes fail to deliver its objectives? Where are the gaps between where we are now and where we want to be? What is not working well? Can you think of past incidents that may have led to losses, inefficiencies or customers being dissatisfied with this part of the process?
24 Risk Assessment - Sample Risk Ref Map Ref Process Stream 13 - Risk Description Owner Cause? Severity Score Probability Score Rank Voting Score Action Required? Comments & Recommendations Currently 20% of daily trades are not settled due to insufficient funds Settlement of these trades will then be delayed for an average 2 days (exposure to bank). This normally takes place when customer has both sale & purchase and purchase settlement trn Limited reporting capabilities of MultFonds system (VFS). Data has to be captured by EFA Luxembourg & Uploaded to Datamart by IT Optns as part of a daily process next morning. Keying in of trade details & verification of amounts on contract notes currently carried out by same officer Systems Issues: Manual processes using XL spreadsheets: prone to human errors, no audit trails, possibility of inadequate backups If ticket.xls is not properly updated,more cumbersome reconciliations process at Settlements WM Optns. Keying in of local trades under nominee is duplicated on Prospero following keying in on LN. If only one system is in use, keying in would only take place once. Too many different settlement options re Redeemed funds (6 different methods) Sales VFS Finance WM Operation s Human error at branches or WM FO System inadequate Very Frequent High Very Frequent High Inadequate process controls Very Frequent High IT Systems Regular High WM Human error/ system Operation inadequate s 9.82 Very Frequent Medium WM Operation s, IT Systems VFS Operation s, VFS /VFM GM?? Lack of integration of systems 6.87 Very Frequent Medium Process inefficient 4.91 Very Frequent Medium Funds to be blocked in clients' account by executing branch whenever purchase trade is requested. Look at possibility of rejecting consideration to rejected items account at branch. Additional verification by 2nd officer will be implemented immediately
25 Risk Assessment process Scoring each issue/risk in terms of the Severity of Impact Each severity score will be weighted: Financial & Performance 58% Reputational 30% Human Aspect 12% Determine probability that the issue/risk will occur
26 Risk Assessment Questionnaire Impact on Bank's Performance This area tries to assess whether a material monetary loss would occur because of this issue/risk in this particular process. The risk of such a loss would increase in proportion to the volume of transactions and complexity of the operation If this issue materialises, what would be the monetary loss to the Bank? No material loss or < x Between x-< x Between x-< x Over x 2 Volume/ Complexity of transactions? Relatively low volumes on a daily basis <x Normal volumes on a daily basis >x<x High volumes on a daily basis >x<x Very high volumes on a daily basis >x Impact on Bank's Reputation This area will take into account the possible impact that the issue could have on the bank's reputation with both regulators and the market Impact on the bank's reputation with customers, the markets, Regulators? xx xx xx xx Human Aspect This area evaluates whether the process in question is more prone to human risks or if it incentives offences/ omissions Does the process require specialist knowledge for which we are dependent on only one or two persons? xx xx xx xx Estimation of Likelihood Estimation of likelihood of occurrence. 5 The issue or risk is expected to happen: Very Frequent: once a week (or more often) Regular: monthly Likely: quarterly Occasional: yearly Unlikely: every 5 yrs Remote: every 30 yrs
27 Risk Matrix Severity of impact 0-10 >10-30 >30-50 >50-75 > Very frequent May happen once a week or more Probability Regular Likely Occasiona l Happens approx. once a month Happens approx. once a quarter Happens approx. once a year Unlikely Happens once between 1&5 years Remote May happen in 15 years 1
28 Loss Database To move from Basic Indicator Approach to Standardised approach, the Bank must satisfy a number of criteria including the ability to keep track of relevant operational risk data on losses or near misses, report on operational risks to relevant functions and have procedures to take appropriate action. (BR/04/2007) An internal loss database must capture all material activities and exposures from all appropriate sub-systems. Typical fields include: Loss event category Amount and recoveries basis of severity Date basis of frequency Business activity, business unit Cause narrative Effect/ impact
29 Example of Loss Database Report Losses by Business Line (No. & '000s) C orporate Finance Trading & Sales R etail Banking C om m ercial Banking Paym ent & Settlem ent Agency Services Asset M anagem ent R etail Brokerage N o Business Line Info Total Internal Fraud E xternal Fraud C um ulative O ct Jun 2010 E m p. P ractices & W orkplace S afety C lients, P roducts & B usiness P ractices D am age to P hysical A ssets B usiness D isruption & S ystem Failures E xec., D elivery & P roc. M gt Total , ,051
30 Comparison to Losses in other Banks Distribution by Business Line by No. of Loss Events ORX by amount of Losses ORX Loss BOV Database Corporate Finance Trading & Sales Retail Banking Commercial Banking Payment & Settlement Agency Services Asset Management Retail Brokerage No Business Line Info Distribution by Event Type by No. of Loss Events ORX by amount of Losses ORX Loss BOV Database Internal Fraud External Fraud Emp. Practices & Workplace Safety Clients, Products & Business Practices Damage to Physical Assets Business Disruption & System Failures Exec., Delivery & Proc. Mgt *Comparison to Loss Events reported in ORX Loss Database in the first half, 2009
31 Key Risk Indicators KRIs: measurable metrics that track exposure or loss or problem areas. Such indicators become key when they track especially important exposures. They must act like early warning systems. The challenge of identifying the right KRIs is to identify measures: that will help us address those issues that have highest impact
32 Operational Risk Monthly Dashboard
33 Scenario Analysis Process of obtaining information on the low-frequency-high-severity losses through expert opinions of business managers and stress testing. They are seen as an efficient way of bringing issues to the surface and promoting risk management. Scenarios may be used in risk mitigation decision and/or cost/benefit analysis and to: Create risk awareness Bring together different functions to discuss a topic Considering emerging risks before there is loss data Linking into insurance purchasing decisions We have undertaken scenario analysis for ICAAP (Internal Capital Adequacy Assessment Programme) reporting and also to increase awareness of Operational Risk at Board level Pandemic Flu outbreak and large scale absenteeism 3 rd party fraud in credit cards 3 rd party fraud in credit granting process IT risks related to service delivery, solution delivery, IT benefit realisation, security of information & IT assets Risk related to unavailability of critical system Prospero 3 rd party fraud in Payments area We need to be in a position to carry out periodic scenario analysis with regular reviews to determine whether they are still relevant Assess whether defined scenarios best reflect major drivers of OR e.g. ORX survey includes most common topics Processing errors (12%); Mis-selling & business practices (9%); External fraud (9%); Need to work out process to validate scenarios
34 Risk Mitigation Responsibility for initiating mitigation action should lie with business where impact of risk is across the bank such responsibility will lie with ORU Risk mitigation is normally recommended during To Be stage of PMF or as part of ad hoc risk assessment by PMF or Op risk in liaison with SMEs. Continuous improvement will be embedded as part of the PMF and ORMF with regular planned reviews of process maps and Risk assessments. This should be possible with implementation and roll-out of PROP. In this coming year, as risk assessments are reviewed, or following RCSA need to understand whether controls in place are effective to mitigate risks and if not, define appropriate risk mitigation - accept, transfer, avoid, reduce (including costbenefit analysis) Once policies are in place and appetite has been defined it may be easier to understand which exposures are above risk appetite. Once these
35 Coverage of Operational Risk Losses Recovery Procedures Op Risk Capital Charge Insurance 27m Type of Policy Excess Limit Industrial All Risks 11,650 23,300 Marine Open Cover 4.5K- 11.5K 4.7m 582K-240K 23.3m Bankers Comp. Crime & Professional lndemnity 233K- 582K 4.7m
36 Enterprise-wide Business Continuity Plan What is it? It is the making of Proactive and Reactive plans to help the Bank to survive crisis or major disruptions to return to business as usual as quickly as possible.
37 What should we plan against? Plan to recover from possible threats Inaccessibility to premises Failure in computer systems Sudden shortage of staff Suspension of service chain by key supplier Threats exist to all businesses. Once they happen loss is inevitable. BUT..we can contain Loss Therefore we set off to make a plan to manage disruptions to recover as quickly as the customer, regulator or the market expect. - Enterprise-wide Business Continuity Plan
38 IT Disaster Recovery Work-around solutions Enterprise-wide Plan Prioritization of tasks Facilities & physical resources ENTERPRISE-WIDE BCP Human Resources contingencies Setting-Up of Alternative Sites
39 Business Impact Analysis April st Phase of the BIA Assessment of the criticality of activities and impact to the Bank. August 2010 November nd Phase of BIA exercise: Gathering of information through a questionnaire and one-to-one meetings with Units (40); 95% complete. Information gathered includes tolerable downtime period of tasks, IT applications and recovery point objective (RPO), HR resources availability and skills, Interdependencies and alternative sites. Analysis of data and findings and identification of gaps Results to be evaluated in terms of potential risks and likelihood of happening. Seek approval of timeframe recovery priorities generated from the analysis at Executive level Prioritisation of tasks and services as a result of the potential impact to the Bank Draw up and present report to IMT and Risk Committee to address gaps
40 Enterprise Wide BCP documentation December 2010 January 2011 Documentation of a plan Seek approval of plan from Units appointed by IMT to manage their particular area of interest Seek approval from Senior Management February 2011 Study of workaround solutions short term and long term plans Communication of plan Gradual strategy implementation Eventually Testing and
41 Reporting Current reporting of KRIs to EC (monthly) & quarterly report to RMC Inadequate/no feedback back to business with no further recommendations for remedial action Implementation of PROP should facilitate multidirectional reporting (including business lines & process owners) and provides the possibility to tailor reporting to
42 PROP Process, Risk, Operational Performance and Project Management Toolkit PMF rolling out process transformation across major business lines incorporating Operational risk management, metrics, performance management & customer service delivery Realisation that Customer experience, operational risk & process management are intertwined activities Change programme is underpinned by integrated program & project management disciplines which are in turn linked to tangible benefits that need to measure success of implementation As responsibilities to manage operational processes, risks and projects shifts to the business/process owner they need to be given the tools to manage their business operations with this new vision. Whilst accountability is decentralised to business lines, there will be central monitoring of risk, program management and process system will help these units perform bank-wide data analysis and cross functional integration. Integration of risk, process, project & performance data will also allow executive management to prioritise projects, align bank s strategy, ensure resources are effectively allocated, and ensure envisaged benefits from chosen projects are implemented and measured accordingly.
43 PROP Process, Risk, Operational Performance and Project Management Toolkit
44 PROP Milestones Issue RFP 13 October 2010 Submission of Proposal (by vendor) 5 November 2010 Proposal Evaluation (by BOV) 31 January 2011 Proof of concept (by BOV & vendor) May 2011 Finalise Agreement (by BOV & vendor) 15 March 2011 Proof of Concept During Proof of concept bidders will install proposed solution on-premise (1 each at Strategy, Risk, Mgt Services & ITSD) A number of requirements / features have been requested as outlined in RFP Short user training will take place to kick-off evaluation Support from bidders is required during
45 Op Risk Mgt - What value will be derived? Key aspect of effective corporate governance Reduce exposure to and avoidance of operational risk losses through risk mitigation Improve operating efficiency Reduce earnings volatility Rationalise the allocation of capital between business uses Regulatory compliance ERM component Management of new product approval process Change in culture and enhancement
Supervisor of Banks: Proper Conduct of Banking Business (12/12) Operational Risk Management Page Operational Risk Management
Operational Risk Management Page 350-1 Operational Risk Management Introduction 1. Operational risk is inherent in all banking products, activities, processes and systems. The effective management of operational
More informationRisky Business. Jaidev Iyer Operational Risk Expert, CEO J-Risk Advisors
Risky Business Jaidev Iyer Operational Risk Expert, CEO J-Risk Advisors Speaker Information Jaidev Iyer Enterprise & Operational Risk Expert J-Risk Advisors Jaidev Iyer is a veteran of Citigroup, where
More informationTHE BERMUDA MONETARY AUTHORITY BANKS AND DEPOSIT COMPANIES ACT 1999: The Management of Operational Risk
THE BERMUDA MONETARY AUTHORITY BANKS AND DEPOSIT COMPANIES ACT 1999: The Management of Operational Risk May 2007 Introduction 1 This paper sets out the policy of the Bermuda Monetary Authority ( the Authority
More informationRisk Management at Central Bank of Nepal
Risk Management at Central Bank of Nepal A. Introduction to Supervisory Risk Management Framework in Banks Nepal Rastra Bank(NRB) Act, 2058, section 35 (a) requires the NRB management is to design and
More informationAgenda. Agenda (cont.) Risk Management Association. Loss Data in an Organization s DNA
Risk Management Association Internal Loss Events: Embedding Internal Loss Data in an Organization s DNA Agenda Overview and Context Background on Loss Data Defining the Objectives Objectives of Collecting
More informationOperational risk and corporate governance
Operational risk and corporate governance John Thirlwell Director, Operational Risk Research Forum Said Business School, University of Oxford, 22 July 2004 The development of operational risk in banks
More informationOperational Risk Management
Operational Risk Management An Iceberg but Icebergs can melt DMF Stakeholders Forum Berlin, May 2013 Mike Williams mike.williams@mj-w.net Operational risk is: The risk of loss (financial or nonfinancial)
More informationOperational Risk Management. By: A V Vedpuriswar
Operational Risk Management By: A V Vedpuriswar September 17, 2017 Introduction Globalization and deregulation of financial markets, combined with increased sophistication in financial technology, have
More informationPerpetual s Risk Management Framework
Perpetual s Risk Management Framework Perpetual s Risk Management Framework Context Perpetual Limited (Perpetual) is a diversified financial services firm, listed on the Australian Securities Exchange.
More informationGuidance Note Capital Requirements Directive Operational Risk
Capital Requirements Directive Issued : 19 December 2007 Revised: 13 March 2013 V4 Please be advised that this Guidance Note is dated and does not take into account any changes arising from the Capital
More informationIT Risk in Credit Unions - Thematic Review Findings
IT Risk in Credit Unions - Thematic Review Findings January 2018 Central Bank of Ireland Findings from IT Thematic Review in Credit Unions Page 2 Table of Contents 1. Executive Summary... 3 1.1 Purpose...
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK 1. INTRODUCTION (Company) acknowledges that risk is inherent in its business. The Company s risk management framework is an important tool to guide the organisation towards achieving
More informationProcedure: Risk management
Procedure: Risk management Purpose To outline the procedures involved for identification, assessment and management of risks. Procedure Introduction 1. This procedure outlines the University s Risk Awareness
More informationBest Practices in ENTERPRISE RISK MANAGEMENT. [ Managing Risks Holistically ]
Best Practices in ENTERPRISE RISK MANAGEMENT [ Managing Risks Holistically ] INTRODUCTIONS MODERATOR: Bob Lipps, JD, CPA PANELISTS: Ron Wilcox Abel Pomar Karen Gordon, Esq. THE EVOLUTION OF RISK Traditional
More informationDRAFT GUIDANCE NOTE ON MANAGEMENT OF OPERATIONAL RISK
DRAFT GUIDANCE NOTE ON MANAGEMENT OF OPERATIONAL RISK RESERVE BANK OF INDIA DEPARTMENT OF BANKING OPERATIONS AND DEVELOPMENT CENTRAL OFFICE MUMBAI INDEX DRAFT GUIDANCE NOTE ON OPERATIONAL RISK MANAGEMENT
More informationPolicy Number: 040 Risk Management August 2018
Policy Number: 040 Risk Management August 2018 Policy Details 1. Owner Manager, Business Services 2. Compliance is required by Staff, contractors and volunteers 3. Approved by The Commissioner 4. Date
More informationOPERATIONAL RISK. 1. Form BA Operational risk
675 OPERATIONAL RISK Page no. 1. Form BA 400 - Operational risk... 676 2. Regulation 33 - Directives and interpretations for completion of sixmonthly return concerning operational risk (Form BA 400)...
More informationENTERPRISE RISK MANAGEMENT (ERM) The Conceptual Framework
ENTERPRISE RISK MANAGEMENT (ERM) The Conceptual Framework ENTERPRISE RISK MANAGEMENT (ERM) ERM Definition The Conceptual Frameworks: CAS and COSO Risk Categories Implementing ERM Why ERM? ERM Maturity
More information1. INTRODUCTION 1 2. OVERVIEW OF THE BUSINESS 1 4. CAPITAL ADEQUACY & OWN FUNDS 6 5. CAPITAL REQUIREMENTS 7 6. REMUNERATION POLICY 10
etoro (UK) Limited Pillar 3 Risk Management Disclosure Report 2016 Contents 1. INTRODUCTION 1 2. OVERVIEW OF THE BUSINESS 1 3. RISK MANAGEMENT OBJECTIVES & POLICIES 1 4. CAPITAL ADEQUACY & OWN FUNDS 6
More informationOPERATIONAL RISK. 1. Form BA Operational risk
565 OPERATIONAL RISK Page no. 1. Form BA 400 - Operational risk... 566 2. Regulation 33 - Directives and interpretations for completion of sixmonthly return concerning operational risk (Form BA 400)...
More informationPRISM Supervisory Commentary 2018
PRISM Supervisory Commentary 2018 March 2018 Page 2 PRISM Supervisory Commentary 2018 Central Bank of Ireland Table of Contents 1. Foreword... 3 2. Executive Summary... 4 3. Background... 8 4. Overview
More informationWest Coast District Municipality. Risk Management Policy
West Coast District Municipality Risk Management Policy TABLE OF CONTENTS Page No. RISK MANAGEMENT POLICY 5 1. OVERVIEW 6 1.1. Policy Objective 6 1.2. Policy Statement 6 1.3. Risk Management Approach 6
More informationBusiness Continuity Management and ERM
Business Continuity Management and ERM Partnership for Emergency Planning Kansas City Marshall Toburen GRC Strategist ERM, ORM, 3PM RSA A division of EMC 2 June 18, 2014 1 Agenda Intro State of ERM Today
More informationRisk Management at the Deutsche Bundesbank March 2011
Risk Management at the Deutsche Bundesbank March 2011 (C) Deutsche Bundesbank - Division Organisation 1 Agenda Definition of risk management [3] Factors of influence to review the RM set up [4] The Framework
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK 1 RISK MANAGEMENT FRAMEWORK... 1 INTRODUCTION... 3 AN EFFECTIVE ENTERPRISE RISK MANAGEMENT SYSTEM... 4 Guiding Principles... 4 RISK GOVERNANCE... 5 Mandate and Commitment... 5
More informationRisk Management Policy and Framework
Risk Management Policy and Framework Risk Management Policy Statement ALS recognises that the effective management of risks is a fundamental component of good corporate governance and is vital for the
More informationAgenda. Key Risk Indicators: Practical Issues. Facilitator: Ken Weinstein
Key Risk Indicators: Practical Issues Risk Management Association Part One 1 Facilitator: Ken Weinstein SVP & Senior Risk Officer at Newtown Savings Bank ($950 million in assets) Member of RMA s Operational
More informationGuidance Note System of Governance - Insurance Transition to Governance Requirements established under the Solvency II Directive
Guidance Note Transition to Governance Requirements established under the Solvency II Directive Issued : 31 December 2013 Table of Contents 1.Introduction... 4 2. Detailed Guidelines... 4 General governance
More information[ANNEX H-1. Investment firms with limited licence
[ANNEX H-1 Investment firms with limited licence Investment firms with limited licence are those that are not authorised to provide the following investment services covered under section A of Annex I
More informationRisk Management Strategy January NHS Education for Scotland RISK MANAGEMENT STRATEGY
NHS Education for Scotland RISK MANAGEMENT STRATEGY January 2016 1 Contents 1. NES STATEMENT ON RISK MANAGEMENT 2 RISK MANAGEMENT STRATEGY 3 RISK MANAGEMENT STRUCTURES 4 RISK MANAGEMENT PROCESSES 5 RISK
More informationREPORT MARKET DISCIPLINE REPORT FINANCIAL YEAR Made in accordance with the Cyprus. Securities and Exchange Commission. Directive DI
REPORT Write DISCLOSURE you date here & MARKET DISCIPLINE ADDRESS JFD Brokers Ltd. Kakos Premier Tower Kyrillou Loukareos 70 4156 Limassol, Cyprus TELEPHONE & FAX +357 25878530 +357 25763540 WEB support@jfdbrokers.com
More informationM_o_R (2011) Foundation EN exam prep questions
M_o_R (2011) Foundation EN exam prep questions 1. It is a responsibility of Senior Team: a) Ensures that appropriate governance and internal controls are in place b) Monitors and acts on escalated risks
More informationAn introduction to Operational Risk
An introduction to Operational Risk John Thirlwell Finance Dublin, 29 March 2006 Setting the scene What is operational risk? Why are we here? The operational risk management framework Basel and the Capital
More informationCORPORATE RISK MANAGEMENT POLICY
11/8/2017 INFORMAÇÃO INTERNA ÍNDICE 1 PURPOSE... 3 2 SCOPE... 3 3 REFERENCES... 3 4 CONCEPTS... 4 5 GUIDELINES... 6 6 RESPONSABILITIES... 8 7 CONTROL INFORMATION... 14 2 INFORMAÇÃO INTERNA 1 PURPOSE The
More informationKey Risk Indicators (KRI) Survey September 2011
Key Risk Indicators (KRI) Survey September 2011 KRI Survey September 2011 This RMA Survey was intended to capture the current status of key risk indicators (KRIs) across a range of institutions and also
More informationPrudential Standard GOI 3 Risk Management and Internal Controls for Insurers
Prudential Standard GOI 3 Risk Management and Internal Controls for Insurers Objectives and Key Requirements of this Prudential Standard Effective risk management is fundamental to the prudent management
More informationRisk Management Policy and Procedures.
Risk Management Policy and Procedures. Rev Date Purpose of Issue/Description of Change Date 1. June 2006 Initial Issue 2. November 2009 Revised and updated 6 th November 2009 3. September 2010 Revised
More informationCredit risk, arising from losses due to obligor, counterparty or issuer failing to perform its contractual obligations to the Group;
Risk management is an integral part of the Group s business. An effective risk management system is critical for the Group to achieve continued profitability and sustainable growth in shareholder s value,
More information4.0 The authority may allow credit institutions to use a combination of approaches in accordance with Section I.5 of this Appendix.
SECTION I.1 - OPERATIONAL RISK Minimum Own Funds Requirements for Operational Risk 1.0 Credit institutions shall hold own funds against operational risk in accordance with the methodologies set out in
More informationRisk Management. Webinar - July 2017
Risk Management Webinar - July 2017 Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small Adapted and Facilitated by: Professor Enslin J. van Rooyen Risk Management - June 2017 2 Defining Risk
More informationBournemouth Primary MAT Risk Management Policy
Bournemouth Primary MAT Risk Management Policy 1. Introduction The Bournemouth Primary Multi-Academy Trust (the Trust) operates a risk management system in order to identify and manage key exposures and
More informationRisk Management User Guide. Prepared By: Neville Turbit Version Feb /01/2009 Risk Management User Guide Page 1 of 36
Risk Management User Guide Prepared By: Neville Turbit Version 1.0 1 Feb 09 22/01/2009 Risk Management User Guide Page 1 of 36 Table of Contents Document Origin...2 Change History...2 Risk Guidelines...
More informationSection Defining Risk Management. 11. Principles of Risk Management
Section 2 10. Defining Risk Management Enterprise risk management is the process, affected by an entity's board of directors, management and other personnel, applied in strategy setting and across the
More informationDisclosure and Market Discipline Report V.2. Table of Contents
DISCLOSURE AND MARKET DISCIPLINE REPORT 2014 Table of Contents I. Scope of the Report... 3 II. Risk Management Objectives and Policies:... 4 II.1 Risk Management policy:... 4 II.2 Structure of Risk Management
More informationRisk Management. Seminar June Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small
Risk Management Seminar June 2017 Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small Defining Risk Risk reflects the chance that the actual event may be different than the planned / expected
More informationDIRECTIVE NO.DO1-2005/CDD
RESERVE BANK OF MALAWI DIRECTIVE NO.DO1-2005/CDD CUSTOMER DUE DILIGENCE FOR BANKS AND FINANCIAL INSTITUTIONS Arrangement of Sections 1. Short Title 2. Authorization 3. Application 4. Interpretations 1.
More informationRisk Management Policy and Strategy
Risk Management Policy and Strategy Version: 2.1 Bodies consulted: Approved by: Directors and Managers responsible for risk Board of Directors Date Approved: 28 March 2017 Lead Manager: Lead Director:
More informationConsultation Paper No. 7 of 2015 Appendix 4. Abu Dhabi Global Market Rulebook Market Infrastructure Rulebook (MIR)
Abu Dhabi Global Market Rulebook Market Infrastructure Rulebook (MIR) Contents 1 INTRODUCTION... 1 2 RULES APPLICABLE TO ALL RECOGNISED BODIES... 2 2.1 Introduction... 2 2.2 Suitability... 2 2.3 Governance...
More informationManaging operational risk. Understanding the sources and minimising the impacts
Managing operational risk Understanding the sources and minimising the impacts Operational risk Operational risk impacts all of your organisation all of the time and is unavoidable. It does not depend
More informationCAPITAL REQUIREMENTS DIRECTIVE
ROYAL LONDON ASSET MANAGEMENT LIMITED CAPITAL REQUIREMENTS DIRECTIVE PILLAR 3 DISCLOSURES PERIOD ENDING 31ST DECEMBER 2016 TABLE OF CONTENTS 1 Introduction 2 Background 2 2 RLAM Business Summary 3 3 Governance
More informationEnterprise Risk Management Policy Adopted by the AMP Limited Board on 2 February 2017
Enterprise Management Policy Adopted by the AMP Limited Board on 2 February 2017 AMP s promise is to help people own tomorrow. To achieve this promise, risks must be managed effectively within the Board
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK 1. INTRODUCTION (Company) acknowledges that risk is inherent in its business. The Company faces a broad range of risks as a listed entertainment organisation. The Company s risk
More informationRISK MANAGEMENT FRAMEWORK
Risk Management Framework RISK MANAGEMENT FRAMEWORK Purpose This Risk Management Framework introduces St. Michael s College s approach to risk management. It includes a definition of risk, a summary of
More informationDisclosure Prudential Disclosure Report. 12/31/2017 Derayah Financial
Derayah - Pillar III Disclosure -2017 Prudential Disclosure Report 12/31/2017 Derayah Financial Table of Contents 1. OVERVIEW... 2 2. CAPITAL STRUCTURE... 2 2.1. Disclosure on Capital Base... 3 3. CAPITAL
More informationDisclosure Prudential Disclosure Report. 12/31/2016 Derayah Financial
Derayah - Pillar III Disclosure -2016 Prudential Disclosure Report 12/31/2016 Derayah Financial Table of Contents 1. OVERVIEW... 2 2. CAPITAL STRUCTURE... 2 2.1. Disclosure on Capital Base... 3 3. CAPITAL
More informationPILLAR 3 DISCLOSURES MERCER UK AUGUST 2016
PILLAR 3 DISCLOSURES MERCER UK AUGUST 2016 CONTENTS 1. Background... 1 1.1 Basis of Disclosures... 2 1.2 Frequency of Publication... 2 1.3 Verification... 2 1.4 Media & Location of Publication... 2 2.
More informationModelling Operational Risk
Modelling Operational Risk Lucie Mazurová 9.12.2016 1 / 38 Contents 1 Operational Risk Definition 2 Operational Risk in Banks 3 Operational Risk Management 4 Capital Requirement for Operational Risk Basic
More informationBanque de Patrimoines Privés. Pillar 3 Disclosure Report 2016
Banque de Patrimoines Privés Pillar 3 Disclosure Report 2016 Table of Contents INDEX OF ABBREVIATIONS... 4 1. OVERVIEW... 5 1.1. Purpose... 5 1.2. Regulatory framework... 5 1.2.1. Pillar 1... 5 1.2.2.
More informationCyber Risk Proposal Form
Cyber Risk Proposal Form Company or trading name Address Postcode Country Telephone Email Website Date business established Number of employees Do you have a Chief Privacy Officer (or Chief Information
More informationRisk An overview and MIS An audit Perspective
Risk An overview and MIS An audit Perspective P.Krishnamurthy 5-11-2012 A global perspective In recent years the audit committee has become one of the main pillars of the corporate governance system. The
More informationRISK MANAGEMENT FRAMEWORK OVERVIEW
Perpetual Limited RISK MANAGEMENT FRAMEWORK OVERVIEW September 2017 Classification: Public Page 1 of 6 COMMITMENT TO RISK MANAGEMENT As a publicly listed company and provider of financial products and
More informationCARIBBEAN DEVELOPMENT BANK STRATEGIC FRAMEWORK FOR INTEGRITY, COMPLIANCE AND ACCOUNTABILITY PILLARS I AND II INTEGRITY AND ETHICS POLICY
CARIBBEAN DEVELOPMENT BANK STRATEGIC FRAMEWORK FOR INTEGRITY, COMPLIANCE AND ACCOUNTABILITY PILLARS I AND II INTEGRITY AND ETHICS POLICY To provide for measures to promote Institutional Integrity and Ethics
More informationPillar 3 Disclosures for the year ending 31 December 2015
29, Avenue de la Porte-Neuve Pillar 3 Disclosures for the year ending 31 December 2015 Pillar 3 Disclosures for the year ending 31 December 2015 Table of content 1. Overview 4 1.1. Background 4 1.2. Scope
More informationINTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS
Guidance Paper No. 2.2.6 INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS GUIDANCE PAPER ON ENTERPRISE RISK MANAGEMENT FOR CAPITAL ADEQUACY AND SOLVENCY PURPOSES OCTOBER 2007 This document was prepared
More informationMerrill Lynch Kingdom of Saudi Arabia Company. Pillar 3 Disclosure. As at 31 December 2017
Merrill Lynch Kingdom of Saudi Arabia Company Pillar 3 Disclosure As at 31 December 2017 Contents 1. Introduction 5 2. Capital Resources and Minimum Capital Requirements 8 3. Liquidity Position 12 4. Risk
More informationKey risks and mitigations
Key risks and mitigations This section explains how we control and manage the risks in our business. It outlines key risks, how we mitigate them and our assessment of their potential impact on our business
More informationCapital Requirements Directive Pillar 3 Disclosures For the year ended 31 August 2017
Capital Requirements Directive Pillar 3 Disclosures For the year ended 31 August 2017 Contents INTRODUCTION... 2 RISK MANAGEMENT POLICIES AND OBJECTIVES... 3 BOARD & SUB-COMMITTEES... 3 THREE LINES OF
More informationENTERPRISE RISK MANAGEMENT POLICY FRAMEWORK
ANNEXURE A ENTERPRISE RISK MANAGEMENT POLICY FRAMEWORK CONTENTS 1. Enterprise Risk Management Policy Commitment 3 2. Introduction 4 3. Reporting requirements 5 3.1 Internal reporting processes for risk
More informationReport on Internal Control
Annex to letter from the General Secretary of the Autorité de contrôle prudentiel to the Director General of the French Association of Credit Institutions and Investment Firms Report on Internal Control
More informationIndex. Managing Risks in Commercial and Retail Banking By Amalendu Ghosh Copyright 2012 John Wiley & Sons Singapore Pte. Ltd.
Index A absence of control criteria, as cause of operational risk, 395 accountability, 493 495 additional exposure, incremental loss from, 115 advances and loans, ratio of core deposits to, 308 309 advances,
More informationP2.T7. Operational & Integrated Risk Management
P2.T7. Operational & Integrated Risk Management Bionic Turtle FRM Practice Questions Marcelo G. Cruz, Gareth W. Peters, and Pavel V. Shevchenko, Fundamental Aspects of Operational Risk and Insurance Analytics:
More informationRISK COMMITTEE TERMS OF REFERENCE. The Board has resolved to establish a Committee of the Board to be known as the Risk Committee.
RISK COMMITTEE TERMS OF REFERENCE Constitution The Board has resolved to establish a Committee of the Board to be known as the Risk Committee. Objective To identify and monitor risks to the Society s strategy,
More informationPILLAR 3 DISCLOSURE POLICY
PILLAR 3 DISCLOSURE POLICY Part 1. Overview of the Disclosure requirements 1.1 Introduction The European Union Capital Requirements Directive (EU CRD) was introduced in January 2007 to ensure consistent
More informationScenario analysis. 10 th OpRisk Asia July 30, 2015 Singapore. Guntupalli Bharan Kumar
Scenario analysis 10 th OpRisk Asia July 30, 2015 Singapore Guntupalli Bharan Kumar Disclaimer Any views or opinions expressed are solely the presenter s and do not represent those of my current or past
More informationJFSC Risk Overview: Our approach to risk-based supervision
JFSC Risk Overview: Our approach to risk-based supervision Contents An Overview of our approach to riskbased supervision An Overview of our approach to risk-based supervision Risks to what? Why publish
More informationCapital & Risk Management Pillar 3 Disclosures
Capital & Risk Management Pillar 3 Disclosures 31st December 2017 Company Registration no. 06736473 Contents Introduction...3 Activities and Scope...3 Regulatory framework for disclosures...4 Basis and
More informationAdvanced Operational Risk Modelling
Advanced Operational Risk Modelling Building a model to deliver value to the business and meet regulatory requirements Risk. Reinsurance. Human Resources. The implementation of a robust and stable operational
More informationRisk management culture focused on integrity and good conduct
Key risks and mitigations Risk management culture focused on integrity and good conduct The Group is exposed to a variety of risks as a result of its business activities. Effective risk management is a
More informationREGULATION. on Internal Governance Arrangements, the Management body and the Internal Capital Adequacy Assessment Process for Banks and Savings banks
Pursuant to point 1 of Article 58 and points 1, 2 and 3 of Article 135 of the Banking Act (Official Gazette of the Republic of Slovenia, No. 25/15; hereinafter: the ZBan-2) and the second paragraph of
More informationP2.T7. Operational & Integrated Risk Management
P2.T7. Operational & Integrated Risk Management Cruz, Peters, and Shevchenko, Fundamental Aspects of Operational Risk and Insurance Analytics: A Handbook of Operational Risk Bionic Turtle FRM Study Notes
More informationRisk Management Framework
Risk Management Framework Anglican Church, Diocese of Perth November 2015 Final ( Table of Contents Introduction... 1 Risk Management Policy... 2 Purpose... 2 Policy... 2 Definitions (from AS/NZS ISO 31000:2009)...
More informationRevenue Scotland Counter-Fraud Policy
Revenue Scotland Counter-Fraud Policy 0 Table of Contents Contents 1. Introduction and Scope... 2 2. Related Policies and Procedures... 2 3. Overview of Policy... 3 4. Responsibilities... 3 5. Exceptions...
More informationDECISION ON RISK MANAGEMENT BY BANKS
RS Official Gazette, Nos 45/2011, 94/2011, 119/2012, 123/2012, 23/2013 other decision 1, 43/2013, 92/2013, 33/2015, 61/2015, 61/2016, 103/2016 and 119/2017 Pursuant to Article 28, paragraph 7, Article
More informationRisk Management Policy
Risk Management Policy Version: 3 Board Endorsement: 11 January 2014 Last Review Date: 3 January 2014 Next Review Date: July 2014 Risk Management Policy 1 Table of Contents 1 Introduction... 3 2 Overview...
More informationRisk Management Strategy
Risk Management Strategy 2016 2019 Version: 6 Policy Lead/Author & Deputy Director of Quality position: Ward / Department: Nursing Directorate Replacing Document: Version 5 Approving Committee Quality
More informationRisk Management Framework
Risk Management Framework Risk Management Framework 1. The University views Risk Management as integral to the successful execution of its Strategy. In order to achieve the aims set out in our strategy,
More informationENTERPRISE RISK MANAGEMENT IN HEALTH CARE. April 27, 2017
ENTERPRISE RISK MANAGEMENT IN HEALTH CARE April 27, 2017 Presenters Adam Marshall Director, Risk Advisory Services Jessika Garis Manager, Risk Advisory Services RSM US LLP Adam.Marshall@rsmus.com +1 410
More informationRISK MANAGEMENT RISK MANAGEMENT GOVERNANCE
39 RISK MANAGEMENT The Bank has been guided by its risk management principles in managing its business risk, which outline a basis for an integrated risk management effort and good corporate governance.
More informationBERMUDA INSURANCE (GROUP SUPERVISION) RULES 2011 BR 76 / 2011
QUO FA T A F U E R N T BERMUDA INSURANCE (GROUP SUPERVISION) RULES 2011 BR 76 / 2011 TABLE OF CONTENTS 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Citation and commencement PART 1 GROUP RESPONSIBILITIES
More informationRISK MANAGEMENT REPORT (for the Financial Year Ended 31 March 2014)
RISK MANAGEMENT REPORT (for the Financial Year Ended 31 March 2014) Management Philosophy In essence, the Group s risk management philosophy is to uphold a strong risk management culture that will enable
More informationFERMA European Risk Manager Survey 2018
FERMA European Risk Manager Survey 2018 9 th Edition Table of contents Part I: The European Risk Manager Profile Part II: The risk conductor Part III: A challenging environment Part IV: Insurance management
More informationCertified Enterprise Risk Professional (CERP) Test Content Outline
Certified Enterprise Risk Professional (CERP) Test Content Outline SECTION 1: RISK GOVERNANCE Domain 1: Board and Senior Management Oversight (8%) Task 1: Provide relevant, timely, and accurate information
More informationREPUTATION RISK ON THE RISE
Financial Services POINT OF VIEW REPUTATION RISK ON THE RISE AUTHORS Tom Ivell, Partner Hanjo Seibert, Principal Joshua Marks, Engagement Manager REPUTATION RISK ON THE RISE Reputation risk is generally
More informationDECISION ON RISK MANAGEMENT BY BANKS
RS Official Gazette, Nos 45/2011, 94/2011, 119/2012, 123/2012, 23/2013 other decision I, 43/2013, 92/2013, 33/2015, 61/2015, 61/2016 and 103/2016 Pursuant to Article 28, paragraph 7, Article 30, paragraph
More informationRisk Management at ANZ
Risk Management at ANZ Vision and Strategy ANZ has established a comprehensive risk and compliance management framework. The Board is principally responsible for establishing risk tolerance, approving
More informationBERMUDA MONETARY AUTHORITY GUIDELINES ON STRESS TESTING FOR THE BERMUDA BANKING SECTOR
GUIDELINES ON STRESS TESTING FOR THE BERMUDA BANKING SECTOR TABLE OF CONTENTS 1. EXECUTIVE SUMMARY...2 2. GUIDANCE ON STRESS TESTING AND SCENARIO ANALYSIS...3 3. RISK APPETITE...6 4. MANAGEMENT ACTION...6
More informationThe Changing face of ERM: The Insurance Company s Perspective
The Changing face of ERM: The Insurance Company s Perspective Karen Tan, Chief Risk Officer, Reinsurance Asia, Swiss Re FNLIA Discussion Series, December 1, 2015 History of Risk Management as a professional
More informationNagement. Revenue Scotland. Risk Management Framework. Revised [ ]February Table of Contents Nagement... 0
Nagement Revenue Scotland Risk Management Framework Revised [ ]February 2016 Table of Contents Nagement... 0 1. Introduction... 2 1.2 Overview of risk management... 2 2. Policy Statement... 3 3. Risk Management
More informationPillar 3 Disclosures. 31 December 2013
Pillar 3 Disclosures 31 December 2013 Contents 1. Overview... 3 1.1 Background... 3 1.2 Scope of application... 3 1.3 Basis and frequency of disclosures... 3 1.4 External audit... 3 2. Risk Management
More informationPillar 3 Disclosures. Invesco UK Limited
s Document Version: Version 1 Version Date: 30 July 2014 Table of Contents 1 Background 3 1.1 Basis of Disclosure 3 1.2 Frequency of Disclosure 4 1.3 Media and Location of Publication 4 2 Risk Management
More information