After studying this chapter, you should be able to:
1 Outline the process of operational risk management starting with identifying and benchmarking risk
2 Identify and analyse risk factors and loss events and differentiate between external and internal risk factors
3 Describe the process to identify loss events, starting with brainstorming, moving to defining events, and finally screening events
4 Understand and describe the process of risk and control self-assessment (RCSA) and key risk indicators (KRI) and internal loss data (ILD)
5 Understand the three-pillar structure of the Basel II Capital Accord as well as Principles 6, 7, 8, and 9 and how they impact operational risk management
As we have seen, failures to appropriately manage operational risk have catastrophic consequences. The case studies outlined in Chapter 3 are rare and, at times, extreme events but they underline the importance of strong operational risk management. The dramatic nature of these events may hide or minimise the potential impact of smaller loss events that may happen every day at financial institutions. Depending on their frequency and severity, smaller loss events could bleed a bank slowly but seriously, a death of a thousand paper cuts. Avoiding these smaller but more frequent events is also a key task of operational risk managers and the goal of any operational risk management strategy.
This chapter starts out by examining the process of ...