Operational Risk: A Multi-Layered Problem Presented to the London Chapter of The Professional Risk Managers’ International Association and International Swaps and Derivatives Association London, England March 7, 2005 Presented by David M. Rowe, Ph.D. Executive Vice President for Risk Management SunGard
43
Embed
Operational Risk: A Multi-Layered Problem Presented to the London Chapter of The Professional Risk Managers’ International Association and International.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Operational Risk:
A Multi-Layered ProblemPresented to the
London Chapter of
The Professional Risk Managers’
International Association
and International Swaps and Derivatives Association
London, EnglandMarch 7, 2005
Presented by
David M. Rowe, Ph.D.Executive Vice President for Risk Management
SunGard
Basel Capital Accord – Brief History
0.0%
2.0%
4.0%
6.0%
8.0%
10.0%
12.0%
14.0%
1935 1945 1955 1965 1975 1985 1995
Tota
l E
qu
ity
Cap
ital
to
To
tal A
sset
sU.S. Bank Capital Ratios – 1935 - 1988
Depression thru WWII
Post-War Recovery thru early 1960s
Mid-60s thru Mid-70’s
Mid-70s thru Late-80’s
Basel Capital Accord – Brief History
Basel 1
Proposed: 1986Effective: 1988
CreditRisk
Overview of risk weights
The Basel I Approach
Claim
Sovereigns
Assessment
Corporates
Comm. Banks
OECD Non-OECD
0% 100%
20%
20%
100%
100%
OECD Non-OECD All
50%
Multi-National Development Banks
All
Secured ResidentialMortgages
Required data could largely be from financial reporting systems.
Basel Capital Accord – Brief History
0.0%
2.0%
4.0%
6.0%
8.0%
10.0%
12.0%
14.0%
1935 1945 1955 1965 1975 1985 1995
Tota
l E
qu
ity
Cap
ital
to
To
tal A
sset
sBank Capital Ratios – 1935 - 1988
Depression thru WWII
Post-War Recovery thru early 1960s
Mid-60s thru Mid-70’s
Mid-70s thru Late-80’s
Basel Capital Accord – Brief History
0.0%
2.0%
4.0%
6.0%
8.0%
10.0%
12.0%
14.0%
1935 1945 1955 1965 1975 1985 1995
Tota
l E
qu
ity
Cap
ital
to
To
tal A
sset
sBank Capital Ratios – 1935 - 1998
Depression thru WWII
Post-War Recovery thru early 1960s
Mid-60s thru Mid-70’s
Mid-70s thru Late-80’s
Late-80s forward
Basel Capital Accord – Brief History
Basel 1.5
Proposed: 1993Effective: 1998
CreditRisk
+
MarketRisk
Basel 1
Proposed: 1986Effective: 1988
CreditRisk
Basel Capital Accord – Brief History
April, 1993 – Initial “prescriptive” proposal.
April, 1995 – Proposed allowing use of internal market risk models for calculation of regulatory capital (subject to supervisory review and approval.)
Jan 1, 1998 - Market risk amendment took effect with internal VaR models as a major source of risk estimates.
Basel I
Market Risk Amendment
Basel Capital Accord – Brief History
Basel 1.5
Proposed: 1993Effective: 1998
CreditRisk
+
MarketRisk
Basel 1
Proposed: 1986Effective: 1988
CreditRisk
Basel 2
Proposed: 1999Effective: 2007
CreditRisk
(Enhanced)
+
MarketRisk
(No change)
+
Op Risk(New)
Key sources of required work for affected banks. Op Risk
(New)
Men of Influence
Jack WelchLong-time CEO of GE
W. Edwards Deming1902 - 1993
Operational Processes1.
Control & RiskSelf-Assessment
2.
Key Risk Indicators3.
Loss Data Collection
4.
Analytics5.
The Operational Risk Pyramid
Operational Processes1.
Control & RiskSelf-Assessment
2.
Key Risk Indicators3.
Loss Data Collection
4.
Analytics5.
Operational Processes
Money Transfer,ATMs, Deposit
Processing
Statement Preparation
Trade Processing
Market VaR Calculation
Credit Decisions
P&L Calculation
FrontePI
Collateral Manager Adaptiv Reech
Operational Processes1.
Control & RiskSelf-Assessment
2.
Key Risk Indicators3.
Loss Data Collection
4.
Analytics5.
Control & Risk Self-Assessment
The Deming Perspective
• Special Causes - these are often easily assignable: changes of operator, shift, or procedure, for example. They can often be identified, and sometimes solved by local operators.
• Common Causes - remain after special causes have been eliminated. They are due to the design, or the operation of the process or system. They may be identified by the operators, but only management authority can eliminate them.
Self-Assessment – One Model
Define Process Quality Objectives
(Elective or Mandated)
Define Threats to Achievement
Document Control Portfolio
Evaluate Risk Transfer/Insurance
Estimate Residual Risk of Loss
Acceptable? Optimal?Yes
No
Re-examine objectives and/or control design & risk transfer: develop action plan
Front Departments Front Management Group Management
1
2
3
4 5 6
Loss Database - Workflow Process
1 Line employee (problem owner) accesses via Intranet
1
2 Loss Events are written to the DB.
2
3 Immediate notice to dept. management; triggers action
3
4 Reconciliation with Accounting (Compliance Officer)
4
5 Op Risk Manager does analysis, categorization and events control5
6 Op Risk Reports are periodically distributed to management
6
Dept. Management
Operational Processes1.
Control & RiskSelf-Assessment
2.
Key Risk Indicators3.
4.
Analytics5.
Analytics
Loss Data Collection
Operational Processes1.
Control & RiskSelf-Assessment
2.
Key Risk Indicators3.
Loss Data Collection
4.
Analytics5.
Analytics
Expected loss
Unexpected loss
Stress loss
Loss Distribution Approach
EXTERNAL LOSSES
Operational Processes1.
Control & RiskSelf-Assessment
2.
Key Risk Indicators3.
Loss Data Collection
4.
Analytics5.
The Operational Risk Pyramid
Principle 10 - Banks should make…… sufficient public disclosure to allow market participants to assess ... (the banks’) operational risk exposure and the quality of … (the banks’) operational risk management ...
Basel Committee - Sound Practices
Principle 3 - Information flows
... reporting flows should enable senior management to monitor the effectiveness of the risk management system for operational risk …
Principle 6 - Banks should implement…
… a system to monitor, on an on-going basis, operational risk exposures and loss events by major business lines …
Level 2 - Control and Risk Self-Assessment
Level 3 - Key Risk Indicators Level 4 - Loss Data Collection
Three Approaches
One Aggregate Indicator(Aggr. Gross Revenue)
Basic Indicator Approach
RCOp 12%
Multiple Indicators(Gross Revenue by Bus. Unit)
Standardised Approach
RCOp < 12%
RCOp << 12% Banks‘ Internal Data and ModelsAdvanced
Measurement Approaches
Operational Risk Capital Requirement
Advanced Measurement Approaches
Internal MeasurementApproach
Scorecard Approach
• All AMA‘s include: • Controlled collection of loss data• Meeting of qualitative regulatory requirements• Regulatory review and approval of the capital model
• Quantitative requirements: multi-year loss data series.
• Qualitative requirements: periodic review of data quality and a disciplined approach to process quality control.
Expected loss
Unexpected loss
Stress loss
Loss Distribution Approach
Comply and minimize the regulatory burden/cost:
– Minimize and justify minimum economic/regulatory capital
– Don’t want to stand out vs. what everybody else is doing
– Avoiding regulatory criticism / regulatory pressure is key
These banks tend to use:
– LDA (single most important number in terms of bank cost)
– Internal LDB (you need to know where you’ve been)
– Scenarios (in order to complement analysis where the LDA stops)
What Motivation Is Driving ORM Development?
What Motivation Is Driving ORM Development?
Genuine commitment to change the op risk profile of the organization:
– avoid “Wall Street Journal events”
– belief that ORM will lead to substantial performance improvement
– strong internal conviction how things should be done
– Desire and will to make a fundamental cultural change
We are where we are - but what measures can warn of potential future events?
These banks tend to use:
– KRI (as an early warning system)
– Formal statistical process control methods
– Scenario analysis
– Stress-testing
– Attempt to correlate losses with early warning indicators.
What Motivation Is Driving ORM Development?
ScorecardApproach
LDA ScenarioAnalysis
LDCExt. losses
Control & Risk SA
KRI & Loss Correlation
Influence Behaviour
Assess Future Potential Risk
Comply &
Minimize Cost
Motivation
Data, systems, organizational requirements
Business Continuity / DR
Motivations and Strategies
Fu
nctio
nal L
ayers
Identification
Assessment
ReportsEvolution of ApproachesExecution
Recovery
Senior Mgt. Engagement
ORM Heatmap
Conclusions
• The operational risk capital charge began as a means of preventing lower aggregate capital requirements despite lower credit risk capital.
• Regulators quickly came to see it as a means of forcing improved process control on banks (most of which badly need it.)
• The OpRisk capital charge is likely to look rather like Pillar II with the teeth of Pillar I.
• That is, the actual charge is likely to reflect substantial supervisory discretion based on demonstrable improvements in process controls and disciplined execution.