Beruflich Dokumente
Kultur Dokumente
Thus the Basel II Accord has opted for a balance between flexibility
and consistency, rather than a one-size-fits-all approach.
Model capabilities
Any measurement system used under the Advanced
Measurement Approach must be capable of estimating
expected losses, and unexpected losses. It must also be
capable of identifying potential losses from catastrophic or
extreme events, known as tail events.
The regulatory operational risk capital is obtained by
combining the expected and unexpected losses, unless a
bank can demonstrate that expected losses have been
accounted for elsewhere.
Model capabilities
For example they could have been included within
product pricing. If a bank can demonstrate it has already
accounted for expected losses then they can be partially
or totally omitted.
Model capabilities
Once this has been completed the bank defines a set of operational
risk events and maps the internal data across each business
line/risk type combination.
Bank AA adopts the IMA for calculating its operational risk capital. It
uses the Basel II definitions for its business lines and risk-event
types. It maps its business activities into the business lines.
Business activities
Business lines
Corporate Finance Trading and Sales Retail Banking
Commercial Banking Payment and Settlement Agency Services
Asset Management Retail Brokerage
It then maps its internal data for each business line to the risk-
event types:
Business lines
Corporate Finance Trading and Sales Retail Banking
Commercial Banking Payment and Settlement Agency Services
Asset Management Retail Brokerage
Risk-event types
Internal Fraud External Fraud Employment practices
and workplace safety
Clients, products and Damage due to physical Business disruption and
business practices assets system failures
Execution, delivery and process management
EL = EI x PE x LGE
For its retail banking business line, Bank AA would have a total of
USD 4.19 million in expected losses.
The following example shows the IMA calculation with the exposure
indicator based on gross income.
Taking the earlier example of retail Bank AA, it has a gross income
of USD 65 million for its retail banking business line.
For its retail banking business line, Bank AA, would need
USD 7.29 million of operational risk capital.
The first step is for a bank to map the historical internal and
external data to each of its business lines and risk types. For each
business line/risk type the data is converted into loss-severity
(LSD) and frequency (FD) distributions.
The Risk Drivers and Controls Approach differs from the other
Advanced Measurement approaches in that it is not a single
technique, but rather a collection of different scorecard methods.
A scorecard
Controls Risk
1 very poor 1 very low
2 poor 2 low
3 average 3 average
4 good 4 high
5 very good 5 very high
Instead it uses the banks experience and changing risk factors and
controls to adjust the operational risk capital. The RDCA takes into
account the banks risk profile and its operational risk controls.
Thus the process a bank uses for collecting the internal data is
subject to relevancy, quality and content standards. These
standards are beyond the scope of the Certificate.
have the capability to map the data to the Basel II risk loss
categories (see Section 6.2.2)
have the capability to map the data to the banks current business
activities, risk management procedures and technology, and hence
to the Basel II business lines as defined under the Standardised
Approach
While threshold limits will clearly vary from bank to bank, they must
be consistent with those used by a banks peer group.
The Basel II Accord provides a definition for each of the event type
categories. Table 6.1 gives the Level 1 (Event type category) and
the Level 2 (Categories) defined in the Advanced Measurement
Approach:
These issues mean that a bank should use internal data with
caution and support it with the banks operational risk experience.
Are these losses due to credit risk (the failure of the customer to
pay back the loan) or are they operational risk losses (the failure of
the internal processes)?
Near misses
Lack of data
Not all banks will have comprehensive five-year (or even three-
year) records of all operational risk losses. The lack of appropriate
data can have severe effects on the statistically based Advanced
Measurement Approach methodologies.
Inflation
Quality of data
Extreme events
It is unlikely that a bank will hold sufficient (if any) internal loss data
to calculate these extreme events with any accuracy. Thus banks
will need to rely on external data and scenario analysis.
The FSA breaks down operational risk into the following categories:
Business Risk
Crime Risk
Disaster Risk
IT Risk
Legal Risk
Reputational Risk
Systems and Operational Risk.
Just because a bank has not suffered a loss due to a fire or flood
does not mean it will continue to avoid these losses in the future.
However, as the Basel II Accord has developed, and the need for
external data highlighted, the availability has improved. Two main
sources of external data for banks have been developed. They are
external public data and external pooled data.
The threshold level for pooled data tends to be set at a level agreed
by the particular consortium.
accuracy
inflation
quality
relevance
incomplete data sets.
Relevance
For example the threshold for loss events for the pooled data may
have been agreed at USD 25,000, but due to overhead constraints,
a member bank could set its internal threshold at USD 30,000.
Thus the collated number of events with losses under USD 30,000
will be less than the number that have actually occurred.
Therefore, any bank using this pooled data as an input into its
Advanced Measurement Approach model would be unaware of the
inaccuracy, skewing its risk measurement results.
The business factors and internal controls are input into the
Advanced Measurement Approach as indicators of the risk profile
of a bank and help determine the probability of an event occurring.
system downtime
staff turnover
payments made as compensation for errors
transaction volumes
process failure and error reporting
customer complaints
service level agreement (SLA) performance metrics
audit reports.
Once a bank runs a scenario it utilizes the results as input for its
risk capital models.
At the same time there is a building fire near the banks business
resumption site thus preventing staff from entering the temporary
trading building.