Operational risk

(Also known as operational risk) The term operational risk are understood all operational risks - outside the typical business risks - in a company capable of causing damage. Of particular interest, however, this term is in banking, where he has gained in importance since January 2007 due to the capital adequacy rules of Basel II.

Under Basel II, in addition to the credit risk and market risk, operational risk has to be backed by capital for the first time.

Definitions in banking

Earlier definitions described by the exclusion principle, which are not operational risks. It is already known risks are summed and referred the remaining difference as operational risk.

The overall risk is divided into:

• Market risk
• Credit risk
• Liquidity risk
• Legal Risk
• Operational Risk

The residual corresponds to the operational risk. This definition is now obsolete, since the residual risk may also include other components (in particular the overall strategic business risk, reputational risk, settlement risk).

Basel II has resulted in a different (positive) definition. The Basel Committee on Banking Supervision defines operational risk as " the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. This definition includes legal risk, but excludes strategic and reputational risk "(§ 269 Section 1 of the Solvency Regulation ).

Losses of the category "People" are damages that are caused intentionally by employees of a credit institution (which includes all fraud and embezzlement cases). Losses which are not intentionally inflicted by employees, the category " internal procedure" (also " processes " called ) is assigned. Examples are transaction errors and errors caused by misunderstandings. By " external events " the infrastructure failure, natural disasters and fraud or other, intentional damage by external entities (eg robbery ) are summarized.

It is important to know the risk carrier over the damaging event. Operational risk means a precisely definable negative deviation of the actually realized operating income compared to the expected results of operations.

Example

One of the most spectacular cases of operational risk is the case, Nick Leeson, who worked as a trader for Barings Bank in 1993. One of the main reasons for the extremely high loss of 1.2 billion euros was the fact that Nick Leeson was responsible both for the trading of securities transactions as well as for the back office, therefore he checked his own trade and thus created a classic conflict of interest. His initial big successes did ignore the bank's management about this distinctive organization error. As Leeson overrode internal dealer limits, was classified his actions from the perspective of operational risk as infidelity.

Demarcation to credit risk

The distinction from other types of risk can be very challenging. The most common overlap affects operational risk within the credit risk. This means that a loan default is not caused by the actual credit risk, but rather by an operational risk. This may be due to internal or external causes.

Examples:

• Employee error: for example in the documentation, excesses of, lending to non-existent customers for their own benefit;
• System error: Unripe or incomplete tools for monitoring risks or management of securities;
• Internal processes: lack of interfaces in the lending process;
• External causes: submission of forged credit documents ( payslips / balances) (loan fraud)

In practice this can ultimately operational risk with credit reference from the classic credit risk differentiate by whether you can return the loan default to a deterioration in credit quality (credit risk ) or not ( operational risk).

Methods of operational risk management

The Basel Committee on Banking Supervision are the more general requirement before:

• " Banking supervisors must be satisfied that banks have in place internal controls that are adequate for the nature and scope of their business. These should include clear arrangements for delegating authority and responsibility, separation of functions related to the assumption of obligations for the bank, paying away its funds, and accounting for its assets and liabilities, the reconciliation of these processes, the safeguarding of assets and appropriate independent internal and external audit and compliance functions to test these rules .... "
• More specifically, this specification is taken in the sentence: " The supervisory authorities should ensure that senior management for effective internal control and audit process provides. In addition, policy principles for the handling or mitigation of operational risk should be established. Banking supervisors should ensure that banks have adequate and well-tested plans for the resumption of the operation of all major computer systems, with alternatives at a different location to guard against failures. "

Insurance products

Risk management can be resorted to institutional products to hedge against operational risks. They provide protection against:

• Fidelity / Bankers Blanket Bond ( operating fiduciary insurance)
• Electronic Computer Crime
• Professional Indemnity ( professional liability insurance )
• Employment Practices Liability
• Unauthorized Trading

Insurance

According to § 25a, Section 1 of the German Banking Act, banks must have a proper business organization, " which ensures the adherence to the observed by the institution legal requirements and business needs. " An almost identical provision for insurance in § 64a para 1 VAG included. Legislative purpose of both provisions is legal compliance in these economically important sectors.

Measurement Approaches for Operational Risk ( Basel II )

Ultimately, the Operational risk reflects the Basel II reflected in the calculation of minimum capital requirements in a number of setting out as precisely as possible the relationship between profit and risk. To determine this number, there are different measurement approaches, which are largely defined by Basel II. The different measurement approaches for operational risk to rise in their progressiveness and complexity in nominal order to: Basic Indicator Approach, Standardised Approach and Advanced Measurement Approach ( Advanced Measurement Approach { AMA }: Internal Assessment Approach, loss distribution approach, scorecard approach). While for the basic indicator approach a number for the Group as a whole is determined, can be in the standard approach nevertheless distinguishable by different business units and correspondingly adjusted risk weights. For both approaches, calculation formulas are given in the Basel Capital Accord already. The AMA, however, makes the banks a lot of leeway to determine their operational risks using their own methods of measurement. Furthermore, it is possible to combine the standard approach with the AMA. For both the standard approach and for the AMA, there is one requirement catalog whose requirements must be implemented at least in order to use the respective measurement approach may due to the flexibility of both measurement approaches.

The general rule is that in the more ambitious approaches may soar the complexity and risk sensitivity and the quantitative and qualitative requirements are higher. On the other hand, these approaches reduce the amount of compulsory capital with constant exposure to operational risks.

A major problem in the practical implementation of ambitious approaches, the data base dar. In almost any bank for a sufficiently long data history is available that would allow it to carry out alone so that a measurement of operational risk. Basel II therefore calls explicitly for banks to access external data. Such external databases can on one hand be purchased from commercial vendors that collect data from professional press reports, etc.. Second, institutions have merged into data groups, in which they exchange loss data with each other.