Operational risk organization

Date:

2020-06-19 14:00:25

Views:

605

Rating:

1Like 0Dislike

Share:

Table of contents:

Entrepreneurial activities are full of risks. They meet here and there. One of the most likely operational risk. What is it? How is operational risk management? What influences its value?

General information

Let's start with the terminology. Operational risk – risk of loss due to mistakes/inappropriate actions on the part of employees, failures in the systems or external events. These include reputational, strategic and legal losses. That is operational risk associated with implementation of executable business functions of the enterprise. It is used to denote risk of additional costs due to the incompatibility of the nature and extent of credit structure, the violations of the current legislation, procedures of interaction with banking institutions. For example, it is possible to include the violation of a Bank employee, unintentional or deliberate wrongdoing on his part, a failure of the functional/automated systems due to external impact.

Depending on the origin identify internal and external risks. They, in turn, are divided into classes. Internal risks include all associated personnel, processes and systems. Let's look at some examples. The actions of staff could cause damage? A threat. Business processes are the disadvantages? A threat. Fails work information systems? A threat. External risks – disaster recovery, security (physical, data), the rupture of relations with customers and counterparties, as well as by regulatory bodies. Let us for these cases, consider the examples. Fires and terrorist acts can happen? A threat. Poor or false information, goods, services, technology can disrupt the interaction with clients and contractors? A threat. Forgery, theft, attacks, break-ins, etc. will undermine the position of the organization? A threat. Changes in legislation and regulatory framework will necessitate extra activities? The threat.

An Essence and types

operational risk management

If you want something to avoid, it is necessary to know in person. The world evolves, becomes more difficult. This increases the danger from operational risks. As a support for further information taken Basel II. According to him, to operating risks include anything that can lead to material damage due to incorrect (or if the necessary) personnel actions, external influences, incorrect processes and the like. They are not painted, also there is tips for organizations to effectively deal with them. The main purpose of Basel II – a calculation of the amount of coverage for them. In addition, it provides a powerful control system, whose task – to contribute to the reduction of the probability of occurrence of operational risks. In this document it is envisaged that management and the Board of Directors shall assume the function for them. And that they have a reporting about operational risk and current damage. From this point of view there are two types: those that directly or indirectly depend on the person, and force majeure. The latter include earthquakes, hurricanes, mudslides, landslides and so on. The first is much more diverse. So, there are four main groups:

Recommended

Staff evaluation: system and methods

Staff evaluation: system and methods

Personnel Assessment allows you to identify how competent the employees involved in the enterprise, and it is the performance of their work – the most significant factor affecting the efficiency of the company. To clarify the impact of performa...

How to start your own business: important aspects.

How to start your own business: important aspects.

Many people, tired of working for someone else, are increasingly thinking about how to start your own business. Someone wants to open a salon, someone store, and someone enough and vegetable stalls. Before you throw in the pool with his head, it is i...

business activities. its essence and basic functions

Business activities. its essence and basic functions

The Entrepreneurial activity of the citizen – is undertaken at your own risk and independent activity, which aims to systematically profit through the sale of works, goods, services, use of the property. The citizen engaged in such activities, ...

  1. Intentional acts. These include fraud and other intentional acts that result in damage.
  2. Unintentional actions. It is the choice of technology that is not fully developed, unintentional erroneous actions of employees, inadequate control execution of their duties.
  3. Technical risks that are directly or indirectly associated with human activities. It is a failure in the network, external communications, breakage of machine tools, and the like.
  4. Software risks that are directly or indirectly associated with human activities. It's a failure in the telecommunications and/or computer equipment.

The Specifics of practical implementation

types of operational risks

As you can attest to knowing people, operational risk management in reality has many differences from the theoretical recommendations. In particular, a rather rare situation when the leadership takes care of the problem issues that caused problems in the information system. Practiced the transfer of such work to specialists with lower qualifications. This approach often leads to even greater losses. It is important though, because operational risk is among the three most important and essential. Also, in practice, often there are subtypes:

  1. The Risk of leakage or destruction of information that is necessary for the formation of organizational processes. Means the intentional or accidental deletion of files in an automated information system. These actions can lead to serious failure and the inability of commercial structures to fulfill its obligations to clients obligations.
  2. The Risk of using biased or falsified (fake) data. As an example, not a real payment. Although there are morecomplex variants. For example, the use of already transmitted payment, when substituted for one of the participants.
  3. The Risk of problems with the supply objective and relevant information to customers. Typically, this involves computer systems.
  4. The Risk transfer unprofitable for the organization of information. As example rumors, slander, compromising management, leakage of valuable documents (with subsequent release to the media) and the like.

Causes and how to deal with them

operational risk organization

It has turned out that the operational risk of the organization not simply appear. Every problem has its own root. The main causes include the following:

  1. Lack of qualification and lack of serious approach to education and training. The human factor can strongly influence the organization and is often the source of problems. So, many companies can not afford to properly use the available features of information systems. This is exacerbated by the limited knowledge of ordinary users.
  2. Are Not given adequate attention to information security and ignored the real threats that emanate from this sector. Disregard on the part of governing bodies, insufficient funding, lack of activities increase the level of reliability of systems and things only aggravate the situation.
  3. Low quality, but also the insufficient development of the procedures to pre-emption of risks. Also, few people care about the existence of adequate policies and job descriptions in the field of security. In crisis situations, confusion and lack of knowledge employees can contribute to the problem.
  4. The Inefficient system of protection of information assets. The attacker only needs to find one weak spot, and this should already be enough to cause serious damage. Best of all, if provided for layered protection.
  5. A Large number of weaknesses in automated systems and various software products if it is not tested FOR. For the attacker this is a real gift.

Correction

What to do? Many types of operational risks and threaten to be realized, something to keep in mind the old adage that the fish rots from the head. Therefore, you need to start with leadership. You can implement the following items:

  1. Top management (Board of Directors) occupies a key role in the formation of the system of management, control, and protection.
  2. You Need to create, implement and adequately enforce smooth functioning of the system wherever they are needed and have meaning to be developed.
  3. Should work on the risk management system. After it is created, you need to analyze for vulnerabilities. You should also think about the control over the Executive organs.
  4. Top management (Board of Directors) sets limits for risk appetite.
  5. The Executive body should develop a clear, efficient, and reliable Toolkit with transparent, consistent and meaningful areas of responsibility. On it and will be responsible for implementing the basic principles, processes and systems involved in risk adjustment.
  6. The Executive authority must identify and assess current problems and to articulate their nature and factors. In addition, he ensures the implementation of developed innovations. Also on the Executive authority to impose monitoring and controls reporting of individual units.
  7. You Need to ensure the availability of reliable and complete system control, and transmission/risk reduction.
  8. Should develop a plan that will ensure recovery and ongoing activities of the organization in the presence of obvious problems.

Is that all?

methods of assessment of operational risk

Of Course not. It is solely generalizing words, which address fundamental aspects. While working with the specific situation they will need to adjust to existing conditions. Let's consider a small example. The Bank has a well-written management procedures in case of realization of the threat of credit risk. To potential borrowers exhibited the criteria and provided the collateral for the loans. To assess the proposed collateral involved external specialist. And here the security was rated more price than it is really worth on the market. That is to say, the situation is developing in favor of the borrower. While inside the Bank, the adequacy assessment has not been rechecked. After some time, a situation where the borrower is unable to repay a loan. The Bank expects that he will be able to repay the debt by selling the collateral. But in practice it turns out that the market price will be able to cover only half credit. The cause of this problem – violation of procedures. After all, according to existing requirements, financial institutions must verify the price of collateral. So increased operational risk, followed by credit. And you can still remember and how private banks issue non-performing loans, in violation of all conceivable procedures. Such institutions quickly put into place to eliminate. Onthe size of operational risk impact in this case, the connivance of the employees. Alas, to completely avoid such situations is extremely problematic. You can only minimize it, typing training, an effective system of control and strict discipline.

Real life examples

financial risks operational risk

In life can happen, and the writers not come up. There have been situations where the operational risk level was off the charts, but this situation a long time could not identify. Let's look at some of the most impressive examples. Was himself a man like Jerome Kerviel. About was a trader at an investment Bank Société Générale. In 2007 he opened the position at the close of the European stock exchanges to flycasters. It seems to be a common story. But the amount of items amounted to about 50 billion Euro! This one and a half times higher than the capitalization of the Bank! As Jerome could do this? The fact that it worked before in the office and knew the work of the monitoring mechanism. It was only discovered at the end of January 2008. It was decided to close them quickly. But the enormous size of the positions provoked the sell-off in stock markets. Because of this, the Bank lost $ 7.2 billion (or 4.9 billion euros). Or another example. Was a man like John Rusnak. He worked in the American branch of the largest Bank in Ireland, the name of which – Allied Irish Bank. He was hired in 1993. In 1996 John began to carry out risky operations against the Japanese yen. But they were unsuccessful, went loss. But John managed to conceal from the partners the growing losses. For example, in 1997, he lost to 29.1 million dollars. In 2001, the amount was 300 million! To hide these losses, he forged statements. For their operation, this trader even managed to receive a bonus in the amount of 433 thousand dollars. It all came out in 2001. At the time of opening, the total volume of losses was $ 691 million. Smaller losses and risks from operating activities are much more likely than such a large. In the age of automation with the right approach they can be significantly minimized.

External risks and their solutions

calculation of operational risk

They occur during the organization's relationship with the surrounding world. It can be robbery, theft, trespassing by third parties to the information system, the failure of infrastructure and natural disasters. Although, perhaps it should be attributed to the legislative environment. What methods of evaluation of operational risk must be used to get an idea about the situation? There are a number of recommendations on the General scheme of work. In addition, the calculation of the operational risk can be produced specifically created mathematical models. So what you need to do to create an effective management system that can deal with the problems?

Action Plan

You first need to take care of an adequate architecture. That is, if the problems in the system, then, alas, even the best expert will not be able to provide a satisfactory result. It should also be reasonable. For example, there are a number of small incidents that cost 10 thousand rubles per year. You can create a system that will 100% prevent them. But the cost – 100 thousand rubles. In this case, you should think about the feasibility. Of course, if we are talking about theft or something similar that will gradually grow in scale, you need to act now. After all, if pull, then the operational risks of an enterprise can grow so much that will destroy the company. But to support the system in General adequate condition will help three methods:

  1. Control self-assessment.
  2. Key risk indicators.
  3. Management of operational incidents.

Solve problems

risks of operating activities

The size of operational risk is influenced by many factors. The fewer the better. Optimally, if the problems are solved before will arise. Therefore, the assessment of operational risk plays a significant role. How to spend it? You first need to focus on control self-assessment. To paraphrase, this method can be called a candid conversation about the issues. Is implemented in the form of employee surveys. Then there are key risk indicators. These figures let you know of impending problems before they manifest themselves in full force. Of course, if they are adequately matched and collected their data. And closes the Trinity incident management. The objective of this procedure – to investigate, identify problems and deal with them. If this is not done, the company offers financial risk. Operational risk over time, as a rule, is only growing. You need to be aware.


Article in other languages:

AR: https://tostpost.com/ar/business/22790-operational-risk-organization.html

HI: https://tostpost.com/hi/business/24417-operational-risk-organization.html

PL: https://tostpost.com/pl/biznes/42515-operacyjne-ryzyko-organizacji.html

PT: https://tostpost.com/pt/neg-cios/42094-o-risco-operacional-da-organiza-o.html

UK: https://tostpost.com/uk/b-znes/41099-operac-yniy-rizik-organ-zac.html

ZH: https://tostpost.com/zh/business/46746-operational-risk-organization.html






Alin Trodden - author of the article, editor
"Hi, I'm Alin Trodden. I write texts, read books, and look for impressions. And I'm not bad at telling you about it. I am always happy to participate in interesting projects."

Comments (0)

This article has no comment, be the first!

Add comment

Related News

How to write a business letter: guidelines and recommendations

How to write a business letter: guidelines and recommendations

an essential attribute of any business is business correspondence. Employees of each enterprise communicate with colleagues and customers, with suppliers and customers. In General, in your daily routine of any office will certainl...

Freight is the transportation of goods or a payment for it?

Freight is the transportation of goods or a payment for it?

"Freight" – is the word which came to Russian language from German. Literally translates as "cargo". Originally had several meanings: carriage of goods by sea; payment for it and are transported objects. Nowadays, the defini...

Scraper conveyor: principle of operation, types, purpose and features

Scraper conveyor: principle of operation, types, purpose and features

Drag conveyors have gained a huge spread in the coal industry. They can move the load at a fixed discharge chute with scrapers, which are connected to a moving chain. These conveyors are used to transport pulverized, granular and ...

How to open a car wash in the city or town

How to open a car wash in the city or town

If you wish, there will be the result. This rule applies to any field of our life. Business begins with registration – the design of the individual enterprise, registration with the tax inspection and the choice of tax syste...

Repair of umbrellas at home

Repair of umbrellas at home

Weather in our country is changeable with sudden spring thunderstorms, a frequent summer showers and dreary autumn rains. So having an umbrella is a must. And, of course, it needs to be in good condition. So often the repair is ca...

Hydraulic shearing machine - an indispensable tool in the construction

Hydraulic shearing machine - an indispensable tool in the construction

Any construction and dismantling of infrastructure, industrial or residential buildings, waterworks can not do without the use of special equipment. And such equipment is, without a doubt, are hydraulic shears. They will become in...