Operational Risk Management - Evaluating Cost and Operation Efficiency at Bank Branches - Thesis Proposal Example

Operational Risk Management (ORM) evaluating cost and operation efficiency at bank branches Thesis Proposal 4/10 Operational risk is a distinct class of risk different from credit and market risk and is a significant contributor to financial services risk profile. Various approaches have been used in measuring bank’s operational risk exposure. These approaches and their adaptation by banks have evolved overtime commanding a much needed attention. Ensuring operational risks are well managed will have tremendous impact on operational efficiency. Introduction For most financial institutions, the business of risk management and reallocation remains a nuisance; complicated risk management systems are being deployed in various bank branches to carry out these tasks. The basic components of a risk management system includes identifying and defining the risks the firm is exposed to, assessing their magnitude, mitigating them using a variety of procedures, and setting aside capital for potential losses. Economic modeling is used well in achieving these. The development of empirical models of financial precariousness lead to increased modeling of market risk COMMA which is the risk arising from fluctuations of financial asset pricing. Concerning credit risk, models have recently been developed for large scale credit risk management purposes. Categorizing and modeling of risk has some complications and sometimes they do not cover all aspects of the business, for instance, in modeling risk associated with transactions, we will usually not put into consideration electrical failure, employee fraud, natural disasters and risks of such nature. Operational risk modeling creates arrays for such unforeseen events. The current status of operational risk management by financial institutions nurtures a lot of arguments and uncertainties, explorations on the subject tenders the complexities associated with it. More concrete solutions to risk management have been formulated through the contribution of the (BCBS) Basel Committee on Banking Supervision. A new Basel Capital Accord, known normally as the Basel II Accord was proposed in 2001 by the Bank of International Settlement defining some key requirements of a well defined model for operational risk management from an operational excellence perspective and part of an integrated performance platform; COMMA going beyond Basel II and using ORM as a transformational dais. Operational risk was understood to be, all types of unquantifiable risk encountered in banking transactions, on a broader and more dynamic stage COMMA however, as reported by BCBS (September 2001), operational risk can be defined as the risk of monetary losses resulting from inadequate or failed internal processes, people, and systems or from external events. External events circulate on natural disasters, that damages a firms physical assets or electrical or telecommunications failures that disrupt business;COMMA WHICH ARE relatively easier to define than losses from internal problems. To create a better understanding of the precepts, it is important to revisit the underlying principles that delineates ORM. Operational Risk Capital Framework The IS THIS A PROPER NAME OF A GROUP? Committee is proposing to encompass explicitly risks other than credit and market in the New Basel Capital Accord. This proposal reflects the Committees interest in making the New Basel Capital Accord more risk sensitive and the realization that risks other than credit and market can be substantial. Further, developing banking practices such as securitization, outsourcing, specialized processing operations and reliance on rapidly evolving technology and complex financial products and strategies suggest that these other risks are increasingly important factors to be reflected in credible capital assessments by both supervisors and banks. Under the 1988 Accord, the Committee recognizes that the capital buffer related to credit risk implicitly covers other I KNOW THIS WORD IS IMPORTANT, BUT IT COMES UP AN AWFUL LOT, IS THERE ANOTHER WORD OR WAY TO WORD THIS TO AVOID THE REPETITION? risks. The broad brush approach in the 1988 Accord delivered an overall cushion of capital for both the measured risks (credit and market) and other (unmeasured) banking risks. FRAGMENT To the extent that the new requirements for measured risks are a closer approximation to the actual level of those risks (as a result of the proposed changes to the credit risk calculation) less of a buffer will exist for other risks. It should also be noted that banks themselves typically hold capital well in excess of the current regulatory minimum and that some are already allocating economic capital for other risks. The Committee believes that a capital charge for other risks should include a range of approaches to accommodate the variations in industry risk measurement and management practices. Through extensive industry discussions, the Committee has learned that measurement techniques for operational risk, a subset of other risks, remain in an early development stage at most institutions, but are advancing. As additional aspects of other risks remain very difficult to measure, the Committee is focusing the capital charge on operational risk and offering a range of approaches for assessing capital against this risk. The Committees goal is to develop methodologies that increasingly reflect an individual banks particular risk profile. The simplest approach, the Basic Indicator Approach, links the capital charge for operational risk to a single risk indicator (e.g. gross income) for the whole bank. The Standardized Approach is a more complex variant of the Basic Indicator Approach that uses a combination of financial indicators and institutional business lines to determine the capital charge. Both approaches are pre-determined by regulators. The Internal Measurement Approach strives to incorporate, within a supervisory-specified framework, an individual banks internal loss data into the calculation of its required capital. Like the Standardized Approach, the Internal Measurement Approach demands a decomposition of the banks activities into specified business lines. However, the Internal Measurement Approach allows the capital charge to be driven by THE banks own operational loss experiences, within a supervisory assessment framework. In the future, a Loss Distribution Approach, in which the bank specifies its own loss distributions, business lines and risk types, may be available. An institutions ability to meet specific criteria would determine the framework used for its regulatory operational risk capital calculation. The Committee intends to calibrate the spectrum of approaches so that WHY THIS NUMBER HERE? 2 the capital charge for a typical bank would be less at each progressive step on the spectrum. This is consistent with the Committees belief that increasing levels of sophistication of risk management and precision of measurement methodology should generally be rewarded with a reduction in the regulatory operational risk capital requirement. Direct vs. Indirect Losses As stated in its definition of operational risk, the Committee intends for the capital framework to shield institutions from both direct and certain indirect losses. At this stage, the Committee is unable to prescribe finally the scope of the charge in this respect. However, it is intended that the costs to fix an operational risk problem, payments to third parties and write downs generally would be included in calculating the loss incurred from the operational risk event. Furthermore, there may be other types of losses or events which should be reflected in the charge, such as near misses, latent losses or contingent losses. Further analysis is needed on whether and how to address these events/losses. The costs of improvement in controls, preventative action and quality assurance, and investment in new systems would not be included. In practice, such distinctions are difficult as there is often a high degree of ambiguity inherent in the process of categorizing losses and costs, which may result in omission or double counting problems. The Committee is cognizant of the difficulties in determining the scope of the charge and is seeking comment on how to better specify the loss types for inclusion in a more refined definition of operational risk. Further, it is likely that detailed guidance on loss categorization and allocation of losses by risk type will need to be WHY THE NUMBERS? 1 This definition includes legal risk 2 During 2000, the Risk Management Group of the Basel Committee conducted surveys to review industry practice and data on operational risk. Expected vs. Unexpected Losses (EL/UL) In line with other banking risks, conceptually a capital charge for operational risk should cover unexpected losses due to operational risk. Provisions should cover expected losses. However, accounting rules in many countries do not appear to allow a robust, comprehensive and clear approach to setting provisions, especially for operational risk. Rather, these rules appear to allow for provisions only for future obligations related to events that have already occurred. In particular, accounting standards generally require measurable estimation tests be met and losses be probable before provisions or contingencies are actually booked. In general, provisions set up under such accounting standards bear only a very small relation to the concept of expected operational losses. Regulators are interested in a more forward-looking concept of provisions. There are cases where contingent reserves may be provided that relate to operational risk matters. An example OF SUCH A CASE is costs related to lawsuits arising from a control breakdown. Also, there are certain types of high frequency/low severity losses, such as those related to credit card fraud, that appear to be deducted from income as they occur. However, provisions are generally not set up in advance for these. Current practice for pricing for operational risk varies widely, and explicit pricing is not common. Regardless of actual practice, it is conceptually unclear that pricing alone is sufficient to deal with operational losses in the absence of effective reserving policies. The situation may be somewhat different for banking activities that have a HIGH LIKELIHOOD highly likely incidence of expected, regular operational risk losses that are deducted from reported income in the year. Fraud losses in credit card books are an example. In these limited cases, it might be appropriate to calibrate the capital charge to unexpected losses, or unexpected losses plus some cushion of imprecision. This approach assumes that the banks income stream for the year will be sufficient to cover expected losses and that the bank can be relied upon to regularly deduct losses. Against this background, the Committee proposes to calibrate the capital charge for operational risk based on expected and unexpected losses, but to allow some recognition for provisioning and loss deduction. A portion of end-of-period balances for a specific list of identified types of provisions or contingencies could be deducted from the minimum capital requirement (or recognized as part of an available capital cushion to meet requirements) provided the bank discloses them as such. Since capital is a forward-looking concept, the Committee believes that only part of a provision/contingency should be recognized as reducing the capital requirement. The capital charge for a limited list of banking activities where the annual deduction of actual operational losses is prevalent (e.g. credit card fraud) could be based on unexpected losses only, plus a cushion for imprecision. The feasibility and desirability of recognizing provisions and loss deduction depend on there being a reasonable degree of clarity and comparability of approaches to defining acceptable provisions and contingencies among countries. The industry is invited to comment on how such a regime might be implemented. The continuum concept The framework outlined above presents three methods for calculating operational risk capital charges in a continuum of increasing sophistication and risk sensitivity. The Committee intends to develop detailed criteria as guidance to banks and supervisors on whether banks qualify to use a particular approach. An initial set of criteria IS are outlined in section VII below. The Committee believes that where a bank has satisfied the criteria it should be allowed to use that approach, regardless of whether it has USED been using a simpler approach previously. Also, in order to encourage innovation, the Committee anticipates that a bank could have some business lines in the Standardized Approach, and others in the Internal Measurement Approach. This will help reinforce the evolutionary nature of the new framework by allowing banks to move along the continuum on a piecemeal basis. Banks could not choose to move back to simpler approaches once they have been accepted for more advanced approaches and should, on a consolidated basis, capture the relevant risks for each business line. Ongoing industry liaison In view of substantive industry efforts to develop and implement systems for assessing, measuring and controlling operational risk, the Committee strongly encourages continuing dialogue and development of work among its Risk Management Group and individual firms, industry groups, and others on all aspects of incorporating operational risk into the capital framework. Continued contact with the industry is needed to clarify further a number of issues, including those related to definitions of loss events and data collection standards. In this regard, the Committee notes that by the time the New Basel Capital Accord is implemented COMMA banks will have had a meaningful opportunity to enhance internal control procedures and develop systems to support an internal measurement approach for operational risk. With respect to data, AN on-going industry liaison has shown a number of important needs that should be addressed over the coming months. The Committee urges the industry to work on the development of codified and centralized operational risk databases, using consistent definitions of loss types, risk categories and business lines. A number of separate processes are currently IDIOM MAY NOT BE UNDERSTOOD in train, and the Committee believes that both the supervisory and banking community would be well served by industry supported databases for pooling certain industry internal loss data. This is important not only for operational risk management purposes, but also for the development of the Internal Measurement Approach (outlined below). A further related data issue is ensuring that "clean" operational risk data is collected and reported. In the absence of this, calibration will be difficult and capital will fail to be risk sensitive. The Committee recognizes the degree of co-operation that has already existed on this topic, and welcomes the work that the EBF, IIF, ISDA, ITWGOR4 and others have performed in conjunction with the Risk Management Group. The Committee believes that further collaboration will be essential in developing a risk sensitive framework for operational risk, and for calibrating the proposed approaches (both in themselves and as part of a risk sensitive continuum). The Committee looks forward to further work with the industry to finalize a rigorous and comprehensive framework for operational risk Basic Indicator Approach FONT CHANGE HERE The most basic approach allocates operational risk capital using a single indicator as a proxy for an institutions overall operational risk exposure. Gross income5ARE THESE NUMBERS FOR FOOTNOTES? is proposed as the indicator, with each bank holding capital for operational risk equal to the amount of a fixed percentage, α, multiplied by its individual amount of gross income. The Basic Indicator Approach is easy to implement and universally applicable across banks to arrive at a charge for operational risk. Its simplicity, however, comes at the price of only limited responsiveness to firm-specific needs and characteristics. While the Basic Indicator Approach might be suitable for smaller banks with a simple range of business activities, the Committee expects internationally active banks and banks with significant operational risk to use a more sophisticated approach within the overall framework. The calibration of this approach is on a similar basis to that outlined in Annex 3 for the Standardized Approach. The current provisional estimate is that α be set at around 30% of gross income. This figure needs to be treated with caution as it is calibrated on a limited amount of data. Also, it is based on the same proportion of capital (20%) for operational risk as the Standardized Approach and may need to be reviewed in the light of wider calibration. For instance, in order to provide an incentive to move towards more sophisticated approaches, it may be desirable to set α at a higher level, although alternative means of generating such an incentive are also available, for instance under Pillar 2 or by making the Standardized Approach the entry point for internationally active banks. It is also worth noting that a sample of internationally active banks has formed the basis of this calibration. As it is anticipated that the Basic Indicator Approach will mainly be used by smaller, domestic banks, a wider sample base may be more appropriate. IS THIS AN INTRODUCTION TO A SUBSECTION? V. Standardized Approach Description of Approach 24. The Standardized Approach represents a further refinement along the evolutionary spectrum of approaches for operational risk capital. This approach differs from the Basic Indicator Approach in that a banks activities are divided into a number of standardized business units and business lines. Thus, the Standardized Approach is better able to reflect the differing risk profiles across banks as reflected by their broad business activities. However, like the Basic Indicator Approach, the capital charge would continue to be standardized by the supervisor. 25. The proposed business units and business lines of the Standardized Approach mirror those developed by an industry initiative to collect internal loss data in a consistent manner. Working with the industry, regulators will specify in greater detail which business lines and activities correspond to the categories of this framework, enabling each bank to map its structure into the regulatory framework. Annex 2 presents such a mapping. This mapping exercise is yet to be finalized and further work, in consultation with the industry, will 5 UNFINISHED IDEA The proposed definition is as follows: Gross Income = Net Interest Income + Net Non-Interest Income (comprising (I) fees and commissions receivable less fees and commissions payable, (ii) the net result on financial operations and (iii) other gross income. This excludes extraordinary or irregular items.) It is intended that this measure should reflect income before deduction of operational losses. The Committee will conduct further work to refine this definition. Standardised Approach Description The Standardized Approach represents a further refinement along the evolutionary spectrum of approaches for operational risk capital. This approach differs from the Basic Indicator Approach in that a banks activities are divided into a number of standardized business units and business lines. Thus, the Standardized Approach is better able to reflect the differing risk profiles across banks as reflected by their broad business activities. However, like the Basic Indicator Approach, the capital charge would continue to be standardized by the supervisor. 25. The proposed business units and business lines of the Standardized Approach mirror those developed by an industry initiative to collect internal loss data in a consistent manner. Working with the industry, regulators will specify in greater detail which business lines and activities correspond to the categories of this framework, enabling each bank to map its structure into the regulatory framework. Annex 2 presents such a mapping. Capital budgeting for operational risk FONT CHANGE Banks hold capital to absorb possible losses from their risk exposures, and the process of capital budgeting for these exposures, including operational risk, is a key component of bank risk management. In parallel with industry developments, BCBS proposed in 2001 that an explicit capital charge for operational risk be incorporated into the new Basel Capital Accord. At first this capital charge would apply to internationally active banks. The Committee initially proposed that the operational risk charge constitute 20% of a banks overall regulatory capital requirement, but after a period of review, the Committee lowered the percentage to 12%. The final version of the Basel Accord is tentatively scheduled for a year-end 2002 release. To encourage banks to improve their operational risk management systems, the new Basel Accord also will set criteria for implementing more advanced approaches to operational risk. Such approaches are based on THE banks internal calculations of the probabilities of operational risk events occurring and the average losses from those events. The use of these approaches will generally result in a reduction of the operational risk capital requirement, as is currently done for market risk capital requirements and is proposed for credit risk capital requirements. These criteria and the new capital regulations will require bank supervisors to conduct evaluations of operational risk management systems on a regular basis. As noted by BCBS, these supervisory evaluations would be complemented greatly by public disclosure sufficient to allow independent assessments by market participants. Conclusion Operational risk is intrinsic to financial institutions and thus should be an important component of their firm-wide risk management systems. However, operational risk is harder to quantify and model than market and credit risks. Over the past few years, improvements in management information systems and computing technology have opened the way for improved operational risk measurement and management. Over the coming few years, financial institutions and their regulators will continue to develop their approaches for operational risk management and capital budgeting. Referencing Abkowitz, M. D. (2008) Operational risk management: A case study approach to effective planning and response. John Wiley and Sons Read More