Banks and insurers actively seek some risks in order to create value; there are other risks which they don't want, but unfortunately they come with the business. Operational and reputational risks fall into the latter category.

Operational risks are the cause of some of the most high-profile failures and “near misses” in financial services: internal fraud and rogue trading ultimately caused the failure of Barings Bank and severely impacted the reputation of UBS and Societé Générale; operational errors in option valuation contributed to the demise of NatWest and consumer protection concerns materially impacted the Dutch LH insurance market; internal trading practices had a significant impact on the fortunes of Putnam Investments…the list could go on and on.

It takes more than capital to mitigate operational risks: as the examples illustrate, the impact on the net asset value or solvency, which capital can protect, can be small while the impact on the firm's reputation and franchise value, which capital cannot protect, can be large. This is an important point: in contrast to credit, insurance and market risks, a more conservative capital level is not the best strategy to deal with operational risks.

This chapter begins by defining operational and reputational risks and then outlines a framework for managing them.