Frukostseminarium om operativa risker 2013-10-28

Föreskrifter om operativa risker

Margareta Lindahl

Hos Transcendent Group möter du erfarna konsulter inom governance, risk and compliance. Våra tjänster skapar trygghet och möjligheter för myndigheter, företag och andra organisationer inom en rad olika branscher.

Transcendent Group utsågs både 2012 och 2013 till en av Sveriges bästa arbetsplatser.

Om företaget

© T

rans

cend

ent G

roup

Sve

rige

AB

201

3

LBF 6:2: ”Ett kreditinstitut skall identifiera, mäta, styra, internt rapportera och ha kontroll över […] de risker som det är eller kan komma att bli exponerat för.”

© T

rans

cend

ent G

roup

Sve

rige

AB

201

3

Internal Audit (BIS)

Regelverkens interaktion

GL 44 (EBA)

FFFS om SRK FFFS om operativa risker

CRR

CRD IV

FFFS om infosäk.

Sound practices of operational risk (BIS)

1/4 2014

30/4 2012

1/1 2014

~5 %

~5 %

~40 % ~5 % ~45 %

© T

rans

cend

ent G

roup

Sve

rige

AB

201

3

1/7 2014

1/4 2014 1/4 2014

Regelverkens interaktion

Här hade vi alla hoppats på att en officiell remiss skulle funnits…

© T

rans

cend

ent G

roup

Sve

rige

AB

201

3

”Bank är människor och IT”

© T

rans

cend

ent G

roup

Sve

rige

AB

201

3

Otvivelaktigt (1/2)

• riskaptit och riskstrategi • indikatorer KRI • incidenter • processtyrning • IT-system • kontinuitetsrisker

© T

rans

cend

ent G

roup

Sve

rige

AB

201

3

Otvivelaktigt (2/2)

• personalen • godkännandeprocess

(NPAP) • legala risker inklusive

compliance • rapporteringsvägar • rapporter till styrelsen

© T

rans

cend

ent G

roup

Sve

rige

AB

201

3

www.transcendentgroup.com

© T

rans

cend

ent G

roup

Sve

rige

AB

201

3

© Swedbank Author/Administrator Group Operational Risk

Document name Operational Risks - From What to How

Date 2013-10-28

Operational Risk – From What to How Transcendent Group, 28 October 2013



Date 2013-10-28

11

Three main areas

Governance, Risk management and Control • GL44 • SFSA Directives and

guidelines

Capital and Liquidity • Basel 3 • CRR o CRD 4 • SOU 2013 :65

Crisis Management • CMD (EC proposal) • RRP



Date 2013-10-28

12

Good risk culture?

Risk appetite

Tolerance limits

Escalation limits

KRI

Identify Analyze Mitigate communicate Evaluate



Date 2013-10-28

13

From What to How - Our priorities

Alignment, coordination & monitoring

Decreased subjectivity

Simplified and integrated framework

Sustainable risk culture



Date 2013-10-28

14

Decreased subjectivity

• LDA model

• KRIs

• Quantified impact

evaluation criteria



Date 2013-10-28

Loss Distribution Model

SEK 800m SEK ~4000m



Date 2013-10-28

16

KRIs (example)

IT stability / # of incidents / resolution time

ATM / CDM availability

# Loss / by gross income vs. peers

Customer satisfaction / reputation

Trojans / external crime

HR (staff turnover, health, license etc)

Valuation / collateral / reconciliation

Credit quality and limit breaches

Group Swedish Regions Baltic Banking LCI



Date 2013-10-28

17

Alignment, coordination and monitoring

• Joint system support

• Aligned reporting

process

• Risk based planning



Date 2013-10-28

Risk based planning

Joint Risk Management and Risk Control activity plan

Current risk exposures

Risk management in

Changes

Recurring activities

Risk Management &

Risk Control

Compliance

Audit

Reconciled with other control functions



Date 2013-10-28

19

Simplified and integrated framework

• Make things easy

• Integrate with business

processes

• From stand alone to organic



Date 2013-10-28

20

Sustainable risk culture

• Roles and mandates

• Risk Academy

• Capital allocation

• Variable Pay

www.transcendentgroup.com

Frukostseminarium om operativa risker 2013-10-28

Economy & Finance

Frukostseminarium om operativa risker 2013-10-28