Operational Risk Management Framework

All Functions Relate to Operational Risk

All functions have an operational risk component (between 30% and 100%) in their work:

  • Market Risk Management: e.g. unauthorised activities, control failures
  • Credit Risk Management: e.g. unauthorised activities, fraudulent lending
  • Insurance Risk Management: e.g. (exposure) control failure, pricing/modelling errors
  • Finance: e.g. incorrect valuation, reporting incomplete P&L, unreconciled accounting items.
  • Security: e.g. fraud, money laundering, business discontinuity, crisis management
  • Information Security: e.g. hacking, viruses, client data leaks, information discontinuity
  • Compliance: e.g. insider trading, breach of regulatory rules
  • Legal: e.g. client, business and product malpractice
  • Operations: e.g. settlement failures, payment to wrong counterparty
  • IT: e.g. uncontrolled system conversions, system down times
  • Human Resource Management: e.g. wrongful termination of contract
  • Communication: fax with classified information to wrong (pre-programmed) faxnr (i.e. press)
  • Marketing/Sales/etc: e.g. launching new products without ensuring appropriate infrastructure
  • Operational Risk focuses on supporting line management, and the business functions with the identification, measurement, monitoring and mitigation of operational risks.