Operational risk refers to information system orinternal controls Risk of accidental loss caused by defects.Causes of operational risk include:Human error、computer system Faults, improper working procedures and internal control, etc.[1]
Basel Committee on Banking SupervisionThe formal definition of operational risk is: operational risk refers to the risk of direct or indirect losses caused by imperfect or problematic internal operational processes, personnel, systems or external events.[2]This definition includesLegal risk, but does not include strategic risks andReputational risk。
definition
Announce
edit
Operational risk
The British Banker Association (BBA, 1997) first gave the definition of operational riskHuman error, incompleteprogram control, fraud and criminal activities, which are caused by technical defects andSystem crashCaused by.After extensive discussion and debate, in May 1998,IBM(UK)Establishment initiated by the companyThe first industry advanced thought management forum - Operational Risk Forum, in which operational risk is defined as: operational risk is the possibility of suffering potential losses, which is due to improper customer and designControl systemVarious risks caused by control system failure and uncontrollable events.Losses may come from internal or external events, macro trends and failure of the companydecision-making bodyandinternal controls System, information system, administrative organizationCode of EthicsOr other major control means and standards.It does not include other existing risk categories such asmarket risk 、credit risksandDecision risk。Through this meeting, the above conclusive definition began to be accepted by most banks.Basel CommitteeThe definition of operational risk is also based on this.
According to《New Basel Capital Accord》, operational risk can be divided intopersonnel, systems, processes and external events, which can be divided into seven forms: internal fraud, external fraud, employee recruitment practices andWorkplaceSecurity, customers, products and business practices,Physical assetsDamage, business interruption and system failure, delivery andProcess management。
Operational riskInternational BankThe industry attaches great importance to it.This is mainly because banking institutions are becoming larger and larger, and their products are becoming more diversified and complex,banking businessHigh dependence on IT technology represented by computers, financial industry andfinancial marketOfglobalizationAs a result of this trend, some mistakes in "operation" may bring great or even extremely serious consequences.Over the past decade or two, there have been many painful lessons in this regard.Barings Bank The collapse of the company is a frightening example.
Risk Overview
Announce
edit
In many financial institutions, the losses caused by operational risk have been significantly greater than market risk and credit risk.Therefore, internationalFinancial circlesAnd regulatory organizations have begun to explore and build operational risk management technologies, methods and organizational frameworks, and have made significant progress.However, from the domesticbankingSeen from the situation, the understanding and management of operational risk still remain at a relatively superficial level. The focus of the regulatory authorities has always been positioned in the field of credit risk, and the regulatory resources are excessively inclined to banksNon performing assetsSo that the bank's operational risk has continued in recent yearsUpward trend。
Therefore, attention to operational risk has become an unavoidable topic for commercial banks in ChinabankingThe top priority of risk management is the unclear ownership of bank staff's operational rights, which is the root cause of operational risks. The integrated IT platform clearly defines the operational rightsState-owned commercial bank The top priority of.
2. Promote the management structure andBusiness Process ReengineeringAnd fundamentally solve the problem of operational risk control.
3. Reform the assessment and evaluation methods.Correctly guide branches to improve on the basis of structural adjustment and risk preventionOperating benefitsTo prevent focusing on scale over benefit.It is necessary to reasonably determine the task indicatorsInternal control managementIncorporate it into the assessment system and practically strengthen and improve the bankPrudent operationAnd management to strictly prevent operational risks.It cannot be formulated, which may lead to deviation from the establishedBusiness objectivesOr illegal operationexcitation mechanism。
While adhering to the effective internal control system in the past, commercial banks should grasp the situation, stick to the business, and constantly study new operational riskscontrol pointImprove the internal control system, timely and effectively assess and control possible operational risks, and eliminate various potential safety hazards in the bud.
At present, we should focus on the following seven aspects to improve the internal control system: first, establish a corresponding authorization system, and implement unified legal person management and legal person authorization;Second, establish necessarySeparation of duties, and the system of horizontal and vertical mutual supervision and restriction;Third, it is clearKey positionsSpecial postIncompatibilityPosition and control requirements;Fourth, continuous recording andSupervision and inspection;Fifth, for productsorganization structure, processcomputer systemThe design process ofcontrol program;Sixth, establishInformation security management system, for hardware, operating system, andapplication program, data andOperating environment, as well as design, procurement, safety and use implementation control;Seventh, establish and maintainEmergency planAnd procedures to ensure business continuity.
First, it is necessary to sign responsibility contracts for operational risk prevention at all levels, so thatrisk-preventionResponsibility objectivesWith employeespersonal interestsIt is directly linked to form a pattern of major prevention work in which the heads of the banks at all levels take overall responsibility, the leaders in charge take direct responsibility, the relevant departments perform their respective duties and responsibilities, and front-line employees actively participate.Secondly, we should really implementAccountability。It is necessary to clarify the rights and responsibilities of managers at all levels and each operator in preventing operational risks, and publicize their responsibilities.In the future, in case of major bank cases, someone should be held accountable in a timely manner, and the person responsible for the incident should also be investigated in depth.Serious cases, important cases or ineffective measures shall be investigated strictlyExecutiveAnd the person directly responsible, and the inspection department, audit department and personnel shall be held responsible for concealing the problems found in the inspection, reporting false information or ineffective inspection, supervision and rectification.
1. Constantly explore and gradually improve operational risksmetering method。Although there is no perfect method for measuring operational riskComprehensive risk managementIt is inevitable to accurately measure operational risks and accrue reservesDevelopment trend。
2. Strengthen the application of information technology.In the process of data centralizationBusiness systemoperating platform Construction, find out the loopholes in the design comprehensively, and improve the system software.
3. Establish sound operationRisk identification and assessmentSystem.It is necessary to draw on international advanced experience and use modern scientific and technological means to gradually establish a monitoring, evaluation and early warning system covering operational risks of all business categories, and identify and assess all current and future potential operational risks and their nature.
4. Establishment and improvementInternal information exchangeSystem.For the frequently occurring management personnel, take the lead in implementing violations, force subordinates to operate in violation of regulations, and form cases andCapital riskBank should establish and improve employeesReporting systemRely on and mobilize front-line employees, encourage the prosecution of violations, and resolutely curb all kinds of cases, especially major casesmajor crimesHigh momentum.
First, we should firmly establish a people-orientedManagement ideologyAnd fully mobilize and rely on the staff to do a good job in operational risk management.
Second, strengthen ideological and political education.We should carry out in-depth investigation and resolution of contradictions, disputes and unstable factors, and resolve contradictions, disputes and unstable factors within the unit and in the bud in many ways and at multiple levels.
Third, strengthenrisk awareness Education.We should unremittingly carry out safety angle education, typical case education, rules and regulations education, and improve the staff of the whole bankSafety awarenessAnd complianceLaw-abiding concept。
Fourth, we should timely and thoroughly understand the working and living conditions of personnel at important posts, grasp the dynamic changes in thinking and behaviorAnomie of behaviorThe employees of,Serious circumstancesWe should deal with it seriously.
2、 Main reasons
1、Corporate governance structureunsound.everythingownerInadequate supervision of agents.Second, internalCheck and balance mechanismimperfect.The balance mechanism between the board of directors, the board of supervisors and the management has not been really established.Third, there is the phenomenon of "insider" control.Due to the vacancy of state-owned commercial bank owners, it is easy for bank executives to take advantage ofGovernment property rightsThe weak control of the "insider" control in fact is formed to carry out illegal and disciplinary activities.Fourthinternal controls The capability decays step by step.The "five level" linear management structure of state-owned commercial banks, due to the long internal management chain,Information exchangeAsymmetrical. According to the principle of "transformer", the head office's control over the branches has declined layer by layer, and there are many management loopholes.
2、Internal control systemThe construction is not complete.First, it is not systematicinternal control system , inadequate control coexists with decentralized control, and business development and internal control system construction are lackingSynchronicityIn particular, the development of new business lacks the necessary system guarantee, and the risk is relatively high.Second, the internal control systementiretyNot enough.Inadequate control over affiliated branches and lack of effective supervision over decision-making management.For businessPersonnel supervisionMuch more, but less supervision and restriction on managers at all levels.Third, the authority of the internal control system is not strong.Low efficiency of audit resource allocation, auditAudit functionThe internal audit department did not fully play its roleError checkingFunctions of leakage prevention and operational risk control.
3. The risk management method is backward, and the application of information technology is seriously lagging behind.
4. EmployeesTeam managementNot up to standard.In their daily work, bank managers attach more importance to business development than team building;Paying more attention to the use of employees than the management of employees, not enough understanding of employees' ideological trends, and the imperfect reporting mechanism make it impossible to detect and stop the operational risks that could have been prevented in advance.
5. Assessment and incentive policies that conflict with risk control are easy to induce operational risk.
Related schematic diagram
6. Social transformation and banking reform are prone to operational risks.currentpublic securityThe situation is still grim, and crimes such as robbery, fraud and theft against banks occur from time to time.From the inside of the bank,state-owned bank The ongoing share reform, accompanied by the withdrawal and merger of institutions, has also brought a large number of redundant personnel digestion problems, and led to the sharpening of various contradictions.
Type characteristics
Announce
edit
1、 Type:
Internal fraud
Fraud, misappropriation of assets, violation of laws and the company'sRules and regulationsact.
External fraud
Fraud, misappropriation of assets and violation of laws by a third party.
For example, software or hardware errors, communication problems, and equipment aging.
Related to execution, delivery and transaction process
For example, transaction failure, cooperation failure with partners, transactiondata inputWrong and incompletelegal documentUnauthorized access to customer accounts, and seller disputes.
(1) In operational riskrisk factor A large proportion comes from the bank's business operations, which are endogenous risks within the bank's controllable range.Single operationThere is no clear and definable quantitative relationship between risk factors and operational losses.
(2) FromCoverageLook, operaterisk management Almost covered the banksOperation managementDifferent risks in all aspects.Including daily life with high frequency but relatively low lossoperation flow Minor mistakes in handling also include those that occur with low frequency, but once they occur, they will cause great losses, or even endanger the survival of the banknatural disaster, large-scale fraud, etc.Therefore, it is almost impossible to try to cover all areas of operational risk in one way.
(3) For credit risk and market risk, there is a one-to-one mapping relationship between risk and reward, but this relationship is not necessarily applicable to operational risk.
(4) Large business scaleTrading volumeBusiness areas with large and rapid structural changes are most likely to be impacted by operational risk.
(5) Operational risk is a very broad category, and operational risk management involves almost all departments within the bank.Therefore, operational risk management is not only the risk management department andInternal Audit DepartmentThings.
our countrycommercial bankMain characteristics of operational risk
Some people in China have carried outEmpirical analysis。According to the research results, the main characteristics of operational risk of commercial banks in China can be summarized as follows:
(1) Loss events mainly focus onCommercial BankingandRetail Banking, which can be mainly attributed to internal fraud and external fraud. The largest proportion of loss events is internal fraud in commercial banking business.
(4) From the number of loss events and the regional distribution of loss amount, operational risk does not necessarily occur in economically developed branches, but it will certainly occur in weak managementRisk Management An area of low consciousness.
Operational Risk: Basel II Capital Requirements, Models and Analysis Guidelinescontent validityAlthough operational risk has always been regarded as a part of "other" risks - outside the field of credit risk and market risk - it has quickly occupied the forefront of the financial field.In fact, withNew Basel Capital AccordAs a result of the gradual implementation of, many financial experts, as well as other people preparing to enter the field, must now be familiar with many matters related to operational risk modeling and management.
The Operational Risk - A Guide to Capital Requirements, Models and Analysis of Basel II, written by an experienced team composed of Anna Chernoby, Svetloza Witff and Frank Faberz, will introduce you to the core concepts related to the Basel II.This comprehensive guide is famous for its profound insight, professional advice and innovative research. It not only presents readers with a lot of information about operational risks, but also provides many cases to deepen their understanding of the issues discussed.
The following topics are included:
Major challenges in the field of operational risk modeling
Various methods for building operational risk models
The Three Pillar Structure of the New Basel Capital Accord
About the author
Announce
edit
Anna Chernoby
Doctor, USANew Yorksyracuse university Associate Professor of Finance, Martin Whitman School of Management.Its research focus is operational risk management.
Doctor, professor of economics and business engineering of Karlsruhe University in Germany, and professor of the University of California, Santa Barbaraemeritus professorAnd FinAnalytica'sChief scientist。
Frank Fabozzi
Doctor·Certified Financial Analyst,Yale UniversityProfessor of the School of Management who teaches financial practice and editor in chief of the Journal of Portfolio Management.
Bibliography
Announce
edit
Chapter 1 Operational risk is not just "other" risk
Chapter 2 Operational risk: definition, classification and its position in other risks