The document discusses traditional and modern approaches to operational risk management (ORM). Under the traditional approach, risk is defined as the probability of a loss occurring, while the modern approach defines risk as a measure of exposure to loss at a level of uncertainty. The modern ORM framework uses a multidimensional approach that incorporates cost-benefit analysis to optimize risk-reward, risk controls, and risk transfer. It also uses a taxonomy to classify operational failures according to contributory factors, events, and consequences.
3. WHAT IS RISK
“Risk is a measure of adverse deviation
from the expectation, expressed at a
level of uncertainty (probability).”
4. BASEL II(OPERATIONAL RISK)
"The risk of loss resulting from inadequate or
failed internal processes, people and systems or
from external events."
SCOPE EXCLUSION
f. Strategic Risk - the risk of a loss arising
from a poor strategic business decision.
h. Reputational Risk (damage to an organization
through loss of its reputation or standing) can
arise as a consequence (or impact) of
operational failures
5. BASEL II EVENT TYPE
CATEGORIES
i. Internal Fraud
ii. External Fraud
iii. Employment Practices and Workplace
Safety
iv. Damage to Physical Assets
v. Business Disruption & Systems
Failures
vi. Execution, Delivery, & Process
Management
6. • FRONT OFFICE-Executing trades with
various counterparties
• MIDDLE OFFICE-Investigation of any
discrepancy in trade details Reconciliation and
updating of trading positions
• BACK OFFICE-The operations area has a
major responsibility to control operations risk.
back office should quickly detect errors and
bring to the attention of dealers and
management capturing trade details in the
settlement system validating trade details
issuing settlement instructions
7. OPERATIONAL RISK
(CHARACTERIZED)
unconscious execution errors and
processing are normal operational failures
Operational risk, by contrast, is driven
primarily by “non-normal” operational
failures, particularly conscious violations
of professional or moral standards and
excessive risk taking. Examples include
sales practice violations and unauthorized
trading activities
8. OPERATIONAL RISK (20 YEARS)
Catastrophic financial institution loss
iii. Barings Bank
iv. Long Term Capital Management
v. Allied Irish Bank-All First
vi. Société Générale
vii. Bear Stearns
viii. Lehman Brothers
ix. American Insurance Group (AIG)
9. TRADITIONAL ORM
(PROBLEM-Example)
Walking along the train tracks
Death by train crash. You assess the
risk: Likelihood= 90%; impact = $10
million (a person’s value to society). So
you estimate the risk at $9 million
10. THE MODERN ORM (PROBLEM-
Example)
suppose it costs $5 million
to build a fence around the train tracks,
and you expect that will bring down the
death rate to two per year (benefit = $80
Million. Using the modern ORM approach,
Comprehensive cost-benefit analysis
Reveals that the optimal solution is to
build a fence around the tracks and
tolerate an average loss of two deaths
per year.
11. MODERN APPROACH TO ORM
Its not just Measurement
robust and systematic process for
incorporating risk reward and risk-control
information into business decisions.
Specifically, it is a process for making
business decisions where the level of risk
to be assumed net of controls is aligned
with the risk and loss tolerance standards
of the stakeholders
12. MODERN ORM FRAMEWORK
(RISK ASSESSMENT)
i. Portfolio of risks using an
“organizational unit-risk class” matrix.
ii. Determining which businesses to
invest in based on their risk-reward
relationship
iii. Which risk mitigation strategies to
employ by optimizing the risk-reward
and risk control relationship across
the full spectrum of exposures
13. TRADITIONAL VS MODERN
OPERATIONAL RISK
Traditional Modern
interpretation, maximum interpretation, high
risk exists where the risk is characterized
probability of loss is by low probability (or
100% — i.e., the loss is low frequency) and
certain high severity
14. TRADITIONAL VS MODERN
OPERATIONAL RISK
Different Schools Of Thought
b. Traditional ORM
“Risk is the possibility that an event will
occur and adversely impact the
achievement of the entity’s mission or
business objectives.”
Traditional Approach
Measuring the probability of a loss
(Risk = Probability X (Loss) Impact)
15. TRADITIONAL VS MODERN
OPERATIONAL RISK
a. Modern ORM
Risk is a measure of exposure to loss at a
level of uncertainty.
Probability x impact is referred to as
the expected loss
16. TRADITIONAL VS MODERN
OPERATIONAL RISK (GOALS)
• TRADITIONAL ORM-Day-to-day
management of current threats arising
from imminent operational failures:
loss prevention through tactical
intervention
One possible outcome (drawback)
• MODERN ORM-Optimization of risk-
reward, risk-control and risk-transfer
in the context of cost-benefit analysis
Multidimensional framework
17. MODERN ORM (TAXONOMY)
Classification scheme (structured process)
every operational failure has three
dimensions: contributory factors, events
and consequences
19. Traditional ORM, the terms likelihood and
frequency are often used synonymously,
but under Modern ORM these terms have
very different meanings. Likelihood means
probability and is generally used in the
context of a single incident or scenario
(e.g., the likelihood of getting into a car
accident today is 5%). Likelihood is
measured on a scale of 0 to 1 (or 0 to
100%)
20. Frequency describes the number of events
(e.g., 10 losses per year). Frequency is
measured on a scale of 0 to infinity. Mean
frequency is the average number of
events that have taken place or are
expected to take place during a specified
period of time.