OPERATIONAL RISK MANAGEMENT (ORM)
Risk is inherent in any walk of life in general and in financial sectors in particular. Till recently, due to regulated environment, banks could not afford to take risks. But of late, banks are exposed to same competition and hence are compelled to encounter various types of financial and non-financial risks. Risks and uncertainties form an integral part of banking which by nature entails taking risks. There are three main categories of risks; Credit Risk, Market Risk & Operational Risk. OPERATIONAL RISK
Always banks live with the risks arising out of human error, financial fraud and natural disasters. The happenings such as WTC tragedy, Barings debacle etc. has highlighted the potential losses on account of operational risk. Exponential growth in the use of technology and increase in global financial inter-linkages are the two primary changes that contributed to such risks. Operational risk, though defined as any risk that is not categorized as market or credit risk, is the risk of loss arising from inadequate or failed internal processes, people and systems or from external events.
In order to mitigate this, internal control and internal audit systems are used as the primary means. Risk education for familiarizing the complex operations at all levels of staff can also reduce operational risk. Insurance cover is one of the important mitigators of operational risk.
Operational risk events are associated with weak links in internal control procedures. The key to management of operational risk lies in the bank’s ability to assess its process for vulnerability and establish controls as well as safeguards while providing for unanticipated worst-case scenarios.
Operational risk involves breakdown in internal controls and corporate governance leading to error, fraud, performance failure, compromise on the interest of the bank resulting in financial loss. Putting in place proper corporate governance practices by itself would serve as an effective risk management tool. Bank should strive to promote a shared understanding of operational risk within the organization, especially since operational risk is often interwined with market or credit risk and it is difficult to isolate.
Definition of operational risk has evolved rapidly over the past few years. At first, it was commonly defined as every type of unquantifiable risk faced by a bank. However, further analysis has refined the definition considerably. Operational risk has been defined by the Basel Committee on Banking Supervision1 as the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. This definition includes legal risk, but excludes strategic and reputational risk. This definition is based on the underlying causes of operational risk. It seeks to identify why a loss happened and at the broadest level includes the breakdown by four causes: people, processes, systems and external factors. Likely forms of manifestation of operational risk
A clear appreciation and understanding by banks of what is meant by operational risk is critical to the effective management and control of this risk category. It is also important to consider the full range of material operational risks facing the bank and capture all significant causes of severe operational losses.
Operational risk is pervasive, complex and dynamic. Unlike market and credit risk, which tend to be in specific areas of business, operational risk is inherent in all business processes. Operational risk may manifest in a variety of ways in the banking industry.
The Basel Committee has identified the following types of operational risk events as having the potential to result in substantial losses: * Internal fraud - For example, intentional misreporting of positions, employee theft, and insider trading on an employee’s own account. * External...