"Operational Risk Analysis in Bank'S": Major Research Project On
"Operational Risk Analysis in Bank'S": Major Research Project On
"Operational Risk Analysis in Bank'S": Major Research Project On
On
Submitted by:
Hemant Singh Sisodiya
MBA (FT)
CONTENTS
Chapter :- 1
Introduction
- Conceptual framework
- Types of risk
- An overview of Operational Risk
Chapter :- 2
- Literature Review
Rational Of study
Chapter :- 3
- Objectives
- Research Methodology
Chapter :- 4
- Data Presentation & Interpretation
Chapter :- 5
- Findings
- Suggestions
- Limitations
Chapter :- 6
- Referance
Student declaration
DECLARATION CERTIFICATE
(Dr.Swarnjeet Arora )
INTRODUCTION
Conceptual framework
The financial sector especially the banking industry in most emerging economies
including India is passing through a process of change .As the financial activity has
become a major economic activity in most economies, any disruption or imbalance in its
infrastructure will have significant impact on the entire economy. By developing a sound
financial system the banking industry can bring stability within financial markets.
Deregulation in the financial sector had widened the product range in the
developed market. Some of the new products introduced are LBOs, credit cards, housing
finance, derivatives and various off balance sheet items. Thus new vistas have created
multiple sources for banks to generate higher profits than the traditional financial
intermediation. Simultaneously they have opened new areas of risks also. During the past
decade, the Indian banking industry continued to respond to the emerging challenges of
competition, risks and uncertainties. Risks originate in the forms of customer default,
funding a gap or adverse movements of markets. Measuring and quantifying risks in
neither easy nor intuitive. Our regulators have made some sincere attempts to bring
prudential and supervisory norms conforming to international bank practices with an
intention to strengthen the stability of the banking system.
Growing number of high-profile operational loss events worldwide have led banks
and supervisors to increasingly view operational risk management as an integral part of
the risk management activity. Management of specific operational risks is not a new
practice; it has always been important for banks to try to prevent fraud, maintain the
integrity of internal controls, reduce errors in transaction processing, and so on. However,
what is relatively new is the view of operational risk management as a comprehensive
practice comparable to the management of credit and market risk. 'Management' of
operational risk is taken to mean the 'identification, assessment, and / or measurement,
monitoring and control /mitigation' of this risk.
Banks in India work in a controlled regime similar to several other countries. The
focus of the research is to test the operational risk of sample banks operating in India and
identify the extent to which banks are capable of bearing operational risks. The capital
adequacy criteria to account for the operational risk using the Basic Indicator Approach
points out that several banks do not meet the regulatory requirements. Risk management
strategies of banks to reflect the price behaviour have been examined and banks that have
adequate exposure to risk cover have been contrasted with banks having inadequate risk
exposure cover. Growing number of high-profile operational loss events worldwide have
led banks and supervisors to increasingly view operational risk management as an
integral part of risk management activity.
Growing number of high-profile operational loss events worldwide have led banks
and supervisors to increasingly view operational risk management as an integral part of
the risk management activity. Management of specific operational risks is not a new
practice; it has always been important for banks to try to prevent fraud, maintain the
integrity of internal controls, reduce errors in transaction processing,
and so on. However, what is relatively new is the view of operational risk management as
a comprehensive practice comparable to the management of credit and market risk.
Regular reporting of critical risk issues facing the banks and its control/mitigations to
senior management and Board.
Top-level reviews of the bank's progress towards the stated objectives.
Checking for compliance with management controls.
Provisions for review, treatment and resolution of non-compliance issues.
A system of documented approvals and authorizations to ensure accountability at an
appropriate level of management.
Define the risk tolerance level for the bank, break it down to appropriate sublimit and
prescribe reporting levels and breach of limits.
Indicate the process to be adopted for immediate corrective action.
Always banks live with the risks arising out of human error, financial fraud and
natural disasters. The recent happenings such as WTC tragedy, Barings debacle etc. has
highlighted the potential losses on account of operational risk. Exponential growth in the use
of technology and increase in global financial inter-linkages are the two primary changes that
contributed to such risks. Operational risk, though defined as any risk that is not categorized
as market or creditrisk, is the risk of loss arising from inadequate or failed internal processes,
people and systems or from external events. In order to mitigate this, internal control and
internal audit systems are used as the primary means.
Growing number of high-profile operational loss events worldwide have led banks
and supervisors to increasingly view operational risk management as an integral part of the
risk management activity. Management of specific operational risks is not a new practice; it
has always been important for banks to try to prevent fraud, maintain the integrity of internal
controls, reduce errors in transaction processing, and so on. However, what is relatively new
is the view of operational risk management as a comprehensive practice comparable to the
management of credit and market risk. 'Management' of operational risk is taken to mean the
'identification, assessment, and / or measurement, monitoring and control /mitigation' of this
risk.
Risk education for familiarizing the complex operations at all levels of staff can also
reduce operational risk. Insurance cover is one of the important mitigates of operational risk.
Operational risk events are associated with weak links in internal control procedures. The
key to management of operational risk lies in the banks ability to assess its process for
vulnerability and establish controls as well as safeguards while providing for unanticipated
worst-case scenarios.
Operational risk involves breakdown in internal controls and corporate governance
leading to error, fraud, performance failure, compromise on the interest of the bank resulting
in financial loss. Putting in place proper corporate governance practices by itself would serve
as an effective risk management tool. Bank should strive to promote a shared understanding
of operational risk within the organization, especially since operational risk is often
intertwined with market or credit risk and it is difficult to isolate.
Over a period of time, management of credit and market risks has evolved a more
sophisticated fashion than operational risk, as the former can be more easily measured,
monitored and analyzed. And yet the root causes of all the financial scams and losses are the
result of operational risk caused by breakdowns in internal control mechanism and staff
lapses. So far, scientific measurement of operational risk has not been evolved. Hence 20%
charge on the Capital Funds is earmarked for operational risk and based on subsequent
data/feedback, it was reduced to 12%. While measurement of operational risk and computing
capital charges as envisaged in the Basel proposals are to be the ultimate goals, what is to be
done at present is start implementing the Basel proposal in a phased manner and carefully
plan in that direction. The incentive for banks to move the measurement chain is not just to
reduce regulatory capital but more importantly to provide assurance to the top management
that the bank holds the required capital.
Operational risk is defined as the risk of loss resulting from inadequate or
failed internal processes, people and systems, external events or reputational risk. The most
important types of operational risk involve breakdowns in internal controls and corporate
governance. 21st century business runs under clouds of technology, these clouds can rain
for survival and growth of business if managed properly or there can be catastrophe, which
destroy business, if risks management fails. Apart from many things, Corporate Governance
provides the high-level framework for IT governance. Corporate Governance lays down
framework for creating long-term trust between company and its stakeholders.This trust is
created by rationalizing and monitoring risks of a company, limiting liability of top management
by carefully articulating decision making process, ensuring integrity of financial reports, and
finally providing a degree of confidence necessary for proper functioning of an organization.
The exact approach for operational risk management chosen by banks will depend on a
range of factors. Despite these differences, clear strategies and oversight by the Board of
Directors and senior management, a strong operational risk management culture, effective
internal control and reporting, contingency planning are crucial elements for an effective
operational risk management framework. Initiatives required to be taken by banks in this regard
will include thefollowing:
The Board of Directors is primarily responsible for ensuring effective management of the
operational risks in banks. The bank's Board of Directors has the ultimate responsibility for
ensuring that the senior management establishes and maintains an adequate and effective system
of internal controls.
Operational risk management should be identified and introduced as an independent risk
management function across the entire bank/ banking group.
The senior management should have clear responsibilities for implementing operational risk
management as approved by the Board of Directors.
The board of directors and senior management are responsible for creating an awareness of
Operational Risks and establishing a culture within the bank that emphasizes and demonstrates to
all the levels of personnel the importance of Operational Risk.
The direction for effective operational risk management should be embedded in the policies
and procedures that clearly describe the key elements for identifying, assessing, monitoring and
controlling / mitigating operational risk.
The internal audit function assists the senior management and the Board by independently
reviewing application and effectiveness of operational risk management procedures and practices
approved by the Board/ senior management.
The New Capital Adequacy Framework has put forward various options for calculating
operational risk capital charge in a "continuum" of increasing sophistication and risk sensitivity
and increasing complexity. Despite the fact that banks may adopt any one of these options for
computing capital charge, it is intended that they will benchmark their operational risk
management systems with the guidance provided in this Note and aim to move towards more
sophisticated approaches.
The Basel framework (2004) proposes a range of approaches for setting aside
regulatory capital for operational risk under Pillar 1: The Basic Indicator Approach (BIA),
The Standardised Approach (TSA) and the Advanced Measurement Approach (AMA). All
the three approaches differ in their complexity and the banks are encouraged to move along
the spectrum of approaches as they obtain more sophistication in their risk management
practices. The Basic Indicator Approach is the simplest approach for estimating regulatory
capital, wherein banks are required to set apart an amount equal to the average over the
previous three years of 15% of positive annual gross income. The Standardised Approach is a
slightly modified version of the Basic Indicator Approach. In The Standardised Approach,
banks activities are divided into eight business lines: Corporate finance, Trading & Sales,
Retail Banking, Commercial Banking, Payment & Settlement, Agency Services, Asset
Management and Retail Brokerage. While gross income continues to be the main indicator of
operational risk as under the Basic Indicator Approach, the specific amount to be set apart as
a percentage of the gross income varies between business lines, ranging from 12 to 18% , as
compared to the 15% overall under the Basic Indicator Approach. This approach is more
refined than the Basic Indicator Approach as it takes into the account the fact that some
business lines are riskier than others and therefore a higher proportion of capital has to be set
apart for those business lines. The Advanced Measurement Approach (AMA) is based on the
banks internal models to quantify operational risk. The framework gives flexibility to the
banks in the characteristics of the choice of internal models, though it requires banks to
demonstrate that the operational risk measures meet a soundness standard comparable to a
one-year holding period and a 99.9% confidence level, which means that a banks capital
charge should be equal to at least 99.9% quantile of their annual aggregate loss distribution.
Banks are required to factor in four key elements in designing their Advanced Measurement
Approach framework: internal loss data, external loss data, scenario analysis and bank
specific business environmental and internal control factors. The Accord also specifies the
standard matrix of business lines and risk types to facilitate validation across the Advanced
Measurement Approaches. The methodologies under the advanced approach are evolving
and there are a range of methods in practice in banks internationally (BCBS 2006).
LITERATURE REVIEW
Literature Review
Bagchi (2003) examined the credit risk management in banks. He examined risk
identification, risk measurement, risk monitoring, risk control and risk audit as basic
considerations for credit risk management. The author concluded that proper credit risk
architecture, policies and framework of credit risk management, credit rating system,
monitoring and control contributes in success of credit risk management system.
Froot and Stein (1998) found that credit risk management through active loan purchase and
sales activity affects banks investments in risky loans. Banks that purchase and sell loans
hold more risky loans (Credit Risk and Loss loans and commercial real estate loans) as a
percentage of the balance sheet than other banks. Again, these results are especially striking
because banks that manage their credit risk (by buying and selling loans) hold more risky
loans than banks that merely sell loans (but dont buy them) or banks that merely buy
loans(but dont sell them).
Rajagopal (1996) made an attempt to overview the banks risk management and suggests a
model for pricing the products based on credit risk assessment of the borrowers. He
concluded that good risk management is good banking, which ultimately leads to profitable
survival of the institution. A proper approach to risk identification, measurement and control
will safeguard the interests of banking institution in long run
Ferguson (2001) analyzed the models and judgments related to credit risk management.The
author concluded that proper risk modelling provides a formal systematic and disciplined
way for firms to measure changes in the riskiness of their portfolio and help them in
designingproper strategic framework for managing changes in their risk
Powell (2002) has presented a review of the new proposals from the Basel Committee of
Banking Supervision to reform the 1988 Capital Accord from the standpoint of emerging
countries and identified that the 1988 Accord was a tremendous success and is probably the
most successful of all 'financial standards'. Tiwari (2004) has examined the impact of several
obstacles that exist in the path of a healthy banking system and includes narrow and broad
banking; various associated risks and bank failures and has identified CAR as a means to a
healthy banking system and explores other tools adopted by Reserve Bank Of India (RBI)
and other regulators in maintaining stability and efficiency of the banking system in India
Objective &Methodology
Objective of study
1. To explore operational risk management practices followed by the Indian public
sector and Private sector banks.
2. To compare whether Public & Private sector banks analyze operational risk
management Practices in Bank.
3. To open up new vistas of research & develop a base for application of the findings in
terms of implication of study.
RESEARCH METHODOLOGY
The Study
The present study is exploratory and examines the Operational Risk management System in
public and Private sector banks.
The Sample
The present research is to be conducted on a sample of 140 employees of public and private
sector banks of Chhatarpur / Indore region (Madhya Pradesh).The respondents will be selected
on a convenient sampling basis.
The Tools
(A)USED FOR DATA COLLECTION
The primary data would be collected through survey method with the help of self-developed
structured, non-disguised questionnaire based on 5 point Likert scale on which the respondents
would be asked to indicate the degree of agreement. The secondary data would be collected
through various research magazines, journals and newspapers.
MEANS
UNDERSTANDING THE OPERATION RISK
SBI & ASSOCIATE:
4.3755
4.2204
4.2979
4.3
4.1142
3.7542
3.84
3.8628
4.28
4.1371
4.2571
4.1257
4.1523
4.2285
4.2523
4.2836
4.2158
4.1936
4.2634
4.2507
T-Test
Group Statistics
VAR00002
VAR00001
Std.
Deviation
Mean
Std. Error
Mean
70
1.3379E2
8.39236
1.00308
70
1.3411E2
6.43032
.76857
Sig.
df
VAR000 Equal
01
varianc
es
8.604 .004 -.260 138
assume
d
Equal
varianc
es not
assume
d
-.260
129.2
51
tailed) Difference
ce
Lower Upper
.795
.795
Reliability of the measures was assessed with the use of Cronbachs alpha on all
the 32 items. Cronbachs alpha is designed as a measure of internal consistency,
that is do all the items within the instrument measure the same thing. It allows us to
measure the reliability of different variables. As a general rule, a coefficient greater
than or equal to 0.7 is considered acceptable and a good indication of construct
reliability (Nunnally, 1978). The Cronbachs alpha for the questionnaire is (0.75).
Hence, it is reliable and can be used for analysis.
Reliability Statistics
Cronbach's Alpha
N of Items
.753
32
Kolmogorov-Smirnov Z
Asymp. Sig. (2-tailed)
Mean
Std. Deviation
Absolute
Positive
Negative
140
133.9500
7.45087
.070
.062
-.070
.832
.493
Hypothesis
H01: There is no significant difference between Public sector Banks and Private
sector Banks in context of Operational Risk Management framework.
Table depicts that the p value is .004 therefore, null hypothesis H01 is rejected at
1% level of significance. It means that there is significant difference in operational
risk management framework of public and private sector banks in India.
FINDINGS
The operational risk management framework provides the strategicdirection and ensures
that an effective operational risk m anagement and measurement process is adopted
throughout the institution. Each institution's operational risk profile is unique and requires a
tailored risk management approach appropriate for the scale and materiality of the risk present,
and the size of the institution. There is no single framework that would suit every
institution; different approaches will be needed for different institutions. In fact, many
operational risk management techniques continue to evolve rapidly to keep pace with new
technologies, business models and applications. Operation risk is more a risk management than
measurement issue. The key elements in the Operational Risk Management process include
Appropriate policies and procedures;
Efforts to identify and measure operational risk
Effective monitoring and reporting
A sound system of internal controls; and
Appropriate testing and verification of the Operational Risk Framework.
SUGGESTION
Operational Risk Management policies, processes, and procedures should be documented and
communicated to appropriate staff i.e., the personnel at all levels in units that incur material
operational risks. The policies and procedures should outline all aspects of the institution's
Operational Risk Management framework, including: The roles and responsibilities of the independent bank-wide Operational Risk Management
function and line of business management.
A definition for operational risk, including the loss event types that will be monitored.
The capture and use of internal and external operational risk loss data including data potential
events (including the use of Scenario analysis).
The development and incorporation of business environment and internal control factor
assessments into the operational risk framework.
A description of the internally derived analytical framework that quantifies the operational risk
exposure of the institution.
A discussion of qualitative factors and risk mitigants and how they are incorporated into the
operational risk framework.
A discussion of the testing and verification processes and procedures.
A discussion of other factors that affect the measurement of operational risk.
Provisions for the review and approval of significant policy and procedural exceptions.
Regular reporting of critical risk issues facing the banks and its control/mitigations to senior
management and Board.
Top-level reviews of the bank's progress towards the stated objectives.
Checking for compliance with management controls.
Provisions for review, treatment and resolution of non-compliance issues.
A system of documented approvals and authorisations to ensure accountability at an appropriate
level of management.
Define the risk tolerance level for the bank, break it down to appropriate sublimits and
prescribe reporting levels and breach of limits.
Indicate the process to be adopted for immediate corrective action.
Limitations
The research study is however,is imposed with some limitations inherent to it . They are:-
1. The conclusions arrived at are just a simple of the universe and as such cannot be relied
heavily on. Its very small part of the small universe ,which might have a very different
view point on the same object.
2. The response of the respondents are not free from limitations. These are few who do not
wish to give an honest reply on the question directed to them and as such give false
replies which males the result faulty
.
3. Few respondents go further to the extent of not answering the question
4. The research study is quickie report on the issue as it as a time boundation and can not be
done leisurely. There for not very reliable
5. The geographical area coverd is only Chhatarpur & Indore and hence the view point of
the bankers of the other part could not be coverd.
6. Cost factor has also impaired the reliability of the project report
Chapter 6
REFERENCES
Managemantt
of
Banking
And
Financial
Questionnaire
Dear Respondent
General Information
Name of the Bank:-.
Name of the employee (optional):-....
Designation:-
S.A
S.A.