From the course of development of the commercial banks, there are a lot of commercial banks in the business of banking is more a risk management focus and effort on the management of market risk and credit risk, thus ignoring or weakening of the commercial is called Bank one of the "three risk operational risk management. According to the requirements of the New Basel Capital Accord" and the advanced experience of the recent years, management of commercial banks, focusing on the analysis of the operational risk faced by the commercial banks, and operational risk control and management ideas to explore, so as to achieve from the point of view of the combination of theory and practice to explain the significance of operational risk management in commercial bank management paper to learn from international experience and state-of-the-art combined with China's actual situation, for our country to strengthen commercial banks operational risk management made specific recommendations. This paper mainly discusses the correct understanding of the key operational risk management, the establishment of a sound process framework and system is the protection of the operational risk management, and ultimately to achieve effective management and control of operational risk, operational risk to commercial banks reduce losses to a minimum.
Keywords: commercial banks, operational risk, the new Basel Capital Accord, operational risk management framework.
With the gradual deepening of China's reform of the financial system and the steady progress of the joint-stock reform of commercial banks, financial markets, increasing competition in financial products with each passing day, At the same time, the banks must be in control and manage traditional risks such as credit risk, market risk, country risk, have to face a new kind of risk - operational risk challenges.
Operational risk refers to the bank's internal procedures, personnel, systems are inadequate or not functioning properly as well as lead to direct or indirect loss of the possibility of risk because of the impact of external events. Example, the collapse of Barings Bank in 1995, Sumitomo Mitsui Banking Corporation in 1996 Kaiping case of huge losses, as well as the Bank of China in 2001, can be considered as caused by the operation risk event such risks, often a huge loss to the bank, serious when a direct result of the bank's bankruptcy and the collapse of even the entire financial industry or the national economy running a huge impact and thus increasingly attracted the attention of investors, the financial community, regulatory authorities. Naturally, prevention and control of operational risk has also become an important topic of bank managers.
This article first introduces the meaning and substance of the bank operational risk, and reveal the commercial banks in the operation of the risk management aspects of the status quo. Analysis of the main reasons causing operational risk, and then, on the basis of the previously discussed proposed to strengthen the banks' operational risk management methods and recommendations.
A risk of commercial banks operating in real terms, the connotation and management requirements
New Basel Capital Accord defines operational risk: operational risk due to the bank's internal procedures, personnel, systems are inadequate or not functioning properly because of the impact of external events lead to direct or indirect loss of the possibility of risk from operational risk not difficult to see the definition of operational risk, including internal processes, people, systems three main content, but also the understanding of the key links of the operational risk.
(A comprehensive understanding of the substance and meaning of the operational risk
Understanding of things is the premise and key of the transformation of things, the higher the degree of awareness of operational risk, in order to enhance the status and management of operational risk management standards, have a correct understanding of the operational risk, to be able to rise to the macro decision-making and the concrete implementation of the micro. Zhang Jiguang think: commercial banks operational risk management, operational risk awareness exist five major aspects of error or deviation "(Note 1 operational risk management theory, I think: to solve the operational risk management understanding, there is an error or deviation, the key to improving the level of operational risk management. Specifically, comprehensive knowledge and understanding of operational risk, the need to eliminate the following aspects of the misunderstanding.
1, the operation can not be equated with the risk of operational risk and operational risk of
According to the definition of the New Basel Capital Accord, operational risk can be divided into four categories: personnel factors caused operational risk process caused operational risk, operational risk and system factors operating risks caused by external events. Operational risk, including operational errors caused by human factors, offense (staff internal fraud / collusion in violation of labor law, the loss of key personnel, operational risk and process factors are divided into two kinds of process design is unreasonable and not strict process execution operational risk. system factors, including two cases of system failure and system vulnerabilities caused by external events of operational risk mainly refers to external fraud, unexpected events, and the operating environment for banks adverse change which belong to the Operational Risk includes only operational errors in the operational risk caused by human factors, process execution without strict operational risk caused by the illegal, ultra vires acts and process factors. Clearly, operational risk can not be equated to operational risk, although the operational risk maximum frequency of operational risk, accounting for the highest risk type. nearly 50 cases of operational risk case data collected from the author in recent years, domestic commercial banks, operational risk accounted for the proportion of the total 70%. narrowly defined operational risk operational risk practices, often makes operational risk management system built on the basis of this understanding can not cover all operational risk, making it difficult for banks to guard against the impact of those incidents, such as the first time Industrial and Commercial Bank of China Beijing Branch system paralyzed, the United States "911" terrorist attacks.
2, operating risk can not be equated to financial crime
Financial crime is only main types of operational risk, and does not cover all types of operational risk. According to our definition of financial crime, financial crime in financial activities, infringement of the financial management system, the order of the financial markets as well as other social and economic relations in accordance with the provisions of the Criminal Law of China, should be punished by the criminal law behavior. contrast to the Basel Committee on the definition of operational risk, financial crime apparently does not include those caused by operational risk due to the bank's own imperfect process and system vulnerabilities as well as external events and other factors most The simplest example is operational errors, such as bank employees mistakenly teller operations into deposits, or digital entry errors and so belongs to the category of operational risk, but it does not constitute a crime. operational risk equivalent to financial crime, often unconsciously commercial banks will narrow the scope of operational risk management, error management of operational risk equivalent to financial crime management, operational risk management responsibilities so that inappropriate given the internal audit or security department. precisely caused by the risk management of commercial banks operating in China for the slow progress reason.
Operational risk can be measured, and should allocate capital for operational risk
The surface operational risk does follow the law. Fact, this is only to examine the issue of people incorrect result. Individual year term, a number of operational risk events are regular, once these operational risk events put a long period of time and a large amount of data of the same type, we will find that these operational risks tend to occur in some stable probability this is what people quantify operational risk basis. Operational risk quantification model first proposed by Duncan Wilson. In December 1995, he <
Operational risk events are interrelated rather than isolated
On the face of it, the staff of the operational errors among bank staff fraud as well as the loss of key personnel there is little contact between the blackout, fraud, and SARS are totally unrelated. Thus, on a lot of people between the various operational risk event is isolated, there is no contact, so that operational risk is an unexpected event, "the conclusions. fact, this is to ignore the common essence of different surface phenomena behind, ignoring the many random variables to approximate a normal distribution statistical principles. operational errors staff, bank staff fraud and the loss of key personnel in the three types of risk events view their essence are the operational risk caused by the human factor, and long enough period of time and enough data can be approximated to depict the probability distribution of the relationship between the power failure, fraud and "SARS" and similar operational risk, which all belong to external factors, and many of these events will also approximately obey normal distribution only to see the links between the various operational risk events, in order to accurately describe the operational risk faced by the bank, and then capture the overall operational risk where this is the Basel Committee on the basis of the operational risk definition. kind of isolated, isolated eye view of the practice of operational risk can only be regarded as the various operational risk emergencies, will not be able to capture the overall operational risk faced by the bank, not to mention its scientific and effective management many domestic banks this problem, when the face of the impact of the SARS suffered system paralyzed, the bank did not from the point of view of the operational risk of system analysis and grasp, just as a sudden occasional events, to cope with the past. As a result, the bank would not have thought to prepare its contingency plans, and allocation of economic capital. again face similar event, the banks can only repeatedly damaged, even disastrous consequences.
Understanding of operational risk should also be noted that the operational risk management is not just the matter of auditing and audit department, and should be the business of all sectors of production management requirements, the managers very easy to market risk and credit risk management preferences should not be overlooked important status of the operational risk, operational risk should pay attention to the investment of resources, especially human (train professional operational risk management personnel, the building operational risk management team, financial (investment model for operational risk and system construction material resources (allocate more resources in fixed assets and the inputs of the environment and security, etc., to provide for the implementation of the operational risk management only have a clear understanding of operational risk, and enough attention to how to implement and the implementation of operational risk management rose to evaluation process and afterwards.
(B requirements proposed by the Basel Committee on operational risk management
Ba book mentioned: "The operational risk management needs to be emphasized risk management environment, the risk management process, the role of the regulators and the role of information disclosure (Note 2 >> << New Basel Capital Accord. Basel Committee on the basis of summing up the experience in the international financial community, the management of operational risk is summarized as the specific requirements of four parts:
1, the establishment of appropriate risk management environment
Basel Committee considers that the banks should first establish appropriate risk management environment, which requires that the Board of Directors should be aware of as a unique, you can control the types of risks ----- bank operational risk aspects, should be approved and regularly The review of the bank's operational risk strategy The strategy should be able to reflect the bank's risk tolerance and their understanding of the specific characteristics of this type of risk. Basel Committee also acknowledged that the banking organization's information flow in the establishment and maintenance of an effective operation The risk management framework can play an important role.
2, the risk management process: identify, measure, supervise and control
Basel Committee considers that the bank should be established to identify operational risk category, measure operational risk, means of supervision and operational risk and control operational risk mechanisms such as electronic management system to track the entire process of operational risk, effective management operational risk of the whole process. establish the necessary methods to measure operational risk, implementation of continuous supervision of operational risk exposure and significant loss of business application systems.
3, the role of the regulators
Regulators on the basis of the risk management process of establishing appropriate risk environment and the whole deal with the banks operational risk strategy, policies, procedures and practices directly or indirectly, regular independent evaluation so timely correct mistakes links and to ensure that banks have an effective reporting mechanism, so that they can keep abreast of the bank operational risk management implementation process is to act in accordance with the meter set guidelines and policies, so that regulators can also understand the progress of the implementation of the policy guidelines.
4, the role of information disclosure.
Accurate, timely, and complete disclosure of information is an important part of the operational risk management, plays an important role in the management and supervision of operational risk. Basel Committee requires banks to the public should be full disclosure of information, so that market participants can of the bank's exposure to operational risk and operational risk management to assess the quality of each risk appetite, evaluation and absorb operational risk the possibility of risk by the market mechanism.
Second, the status quo of the operational risk management of commercial banks
More than 300 years of the history of the development of the commercial banks. "Operational risk" a once attention to the type of risk but associated with the development of commercial banks, has increasingly shown its importance, commercial banks paid insufficient attention to the management of operational risk, and a clear understanding of a single means, methods, obsolete, lack of personnel, resulting in operational risk raging, commercial banks paid a heavy price.
(A commercial bank overlooked operational risk heavy price
Also proved by the fact that commercial banks in the spread of this sentence: "who ignore the operational risk, who will pay at a painful price."
That nearly a decade, the financial sector heavyweight frequent cases from the 1995 Barings, Leeson event to the branch director of the Bank of China in 2005 alpine bills fraud, just a decade, a series by the operating The cases caused by the risk of huge losses caused billions of dollars to commercial banks (see Schedule.
Statistics of operational risk of commercial banks to form a typical case of loss
The name of the bank involved in the case of time merits brief losses sum up lessons
Barings trader Leeson 1995 secretly opened "88888" accounts to conceal speculative Nikkei Index futures losses. $ 1.4 billion lax supervision disadvantage, there are rules to follow.
The Japan Bank 1995 traders engaged in wellhead Toshihide 30000 pen unauthorized off-balance sheet trading loss of U.S. federal debt transactions formation. $ 1.1 billion ultra vires violations, the lack of checks and balances, authorization excessive.
Yasuo Hamanaka, Sumitomo Mitsui Banking 1996 traders, engaged in speculative copper futures trading caused losses of $ 4 billion illegal operations, monitoring adverse. The neglect Management.
Transactions and management of Yu et al, 2001, the Bank of China branch in Kaiping, engaged in foreign exchange trading, off-balance sheet loans, theft capital LaSalle bank losses. $ 480 million ultra-right ultra vires law violations, fraud, possession of real monitoring malfunction.
River Pine Street branch in 2005, the Bank of China branch head of alpine collusion, secretly out false notes, unauthorized misappropriation of clients' deposits, bank formation loss. 1 billion yuan in collusion, violations of law, monitoring malfunction.
(Source: Adapted from China Business and Finance News
The black hole of operational risk to some commercial banks to pay a painful price. Shocking cases should allow regulators realized that prison
The weakness of the tube.
(Commercial banks, there are many wrong understanding of operational risk management
Operational risk is becoming more and more business to commercial banks bring unbearable pressure on the risk, the reason is mainly because of the operation
For the understanding of the risk has gone wrong. Summarized in the following aspects:
1 that the risk of operational risk, operational risk or operation.
If only from the literal understanding of operational risk, it is easy to understand for the operation risk, which actually is a big mistake to narrow the scope of operational risk included.
That operational risk equivalent to financial crime.
International commercial banking risk management practice that operational risk is from financial crime. Century-old Barings Bank collapse of precisely trader Leeson crime due to familiarity with financial crime far operational risk, it is easy to mistakenly believe that financial crime is the operational risk.Links to free papers Download Center http://eng.hi138.com
That operational risk can not be measured, can not be quantified.
A long time, it is a description of the operational risk is more limited to qualitative content, there is little quantitative content, which is determined by the characteristics of the operational risk.
4 that is isolated between the various operational risk events, there is no contact.
The face of it, the staff of the operational errors among bank staff fraud as well as the loss of key personnel is relatively independent events, do not have much contact with each other.
That operational risk management is the things of the internal audit audit department, has nothing to do with the other departments.
Many managers of commercial banks operating risk is equivalent to the operational risk or operation risk. Misunderstandings often lead to another misconception, that the operational risk management is the things of the audit department of the bank's internal audit with other departments nothing to do, and then the operational risk management responsibilities is inappropriate given the audit department of internal audit.
6 that the decision-making level is only concerned about credit risk and market risk, commercial banks can sit back and relax.
Many managers think: commercial banks, credit risk and market risk is the most important operational risk is just the general day-to-day business process errors, is not interested in the bank's capital constitute much of a threat.
7 that operational risk control means can be simplified, and do not need to waste more human, financial and material resources.
Most commercial banks operational risk control means and methods are also stuck in the simple, hand, after the check mode. Saw no need to pay more for the human, financial and material cost of operating risk.
The operational risk of commercial banks exposed many misconceptions often lead to failure of the operational risk management the main reason. Targeted promptly correct the error operational risk awareness will help to improve operational risk management capabilities this sense, the wrong understanding of the commercial banks for operational risk should be amended.
Third, to strengthen risk management of commercial banks operating methods and recommendations
Currently, the risk management aspects of the internal operations of the international scope of the relatively high level of commercial banks usually have established a strong operational risk management processes and frameworks, and operational risk management of other risk methodology and framework used organic together to form operational risk management system, and reduce operational risk through effective management of revenue volatility, some of these agencies also improved the level of external ratings. promulgation and implementation of the New Basel Capital Accord, promote operational risk management further to more commercial banks extended. Chen Siqing once said: "commercial banks operating risk management is the entire risk management system in the important composition part, the same need to be considered in the scope of operational risk management culture, methods, measurement, supervision". (Note 3
First, is necessary to improve the system of the operational risk management of commercial banks, commercial banks should be gradually set up a decision-making, execution layer until
Supervision layer, from domestic to overseas, from the head office to a branch of the globalization of the operational risk management system, developed by the Risk Management Committee of operational risk management policies, the risk of the decision-making operational risk capital allocation, approve the write-off of operational risk loss reserve execution layer in accordance with the count given the specific implementation of the operational risk strategy and implementation of operational risk management content. Ultimately, regulators responsible for tracking the evaluation of operational risk operational risk management process. decision-making, implementation and supervision of the layers in place, the Division its functions, in order to effectively manage and control operational risk.
Second, the commercial banks to define the scope of operational risk management according to the requirements of the New Basel Capital Accord, the scope of operational risk including internal processes, people, systems, and commercial banks to develop operating procedures for the internal procedures for staff to develop employees Code of Conduct for the system to develop rules and regulations, to draw up a contingency plan to reduce the entire commercial banking operations and reduce losses due to operational risk incidents brought, with clear operational risk scoping, after the evaluation of operational risk and supervision of operational risk policy the implementation can be targeted.
Third, we need to nurture a culture of risk management of commercial banks operating commercial bank operational risk management is not a momentary needs the sake of fashion, but accompanied by the development of the commercial banks immortal theme like that enterprises need to create a corporate culture, operational risk management culture to be firmly established. everyone is aware of the operation risk, all sectors of the commercial banks to the emphasis on operational risk.
Fourth, the commercial banks to develop operational risk management methods and how to identify and quantify operational risk, but also the need for the scientific method and measurement instruments. International advanced software, the model has begun the application of commercial banks, commercial banks operating risk management tools and methods are constantly improve and progress.
Fifth, tracking the process of operational risk management of commercial banks. Operational risk management, including risk identification, risk assessment, risk decision-making, risk prevention, risk management, risk monitoring and risk assessment of a number of steps, with links areas, hidden, sudden complicated process, only full The process of tracking operational risk to be able to sum up the lessons learned to continuously improve operational risk prevention capability.
Experience based on the international financial community, the commercial banks in the introduction of operational risk management, the establishment of the operational risk management framework and sound operational risk management system, you need to focus attention to the following aspects:
(A), and improve operational risk management framework model
Establish basic operational procedures at the same time, from easy to measure the field to proceed from the specific implementation process, the experience of the international financial community, the first to establish a relative strategy, but a complete operational risk management system, sustained-release monitoring, reporting, and other aspects of establishing coverage on the basis of operational risk management strategies and policies of the entire institution, from relatively simple areas, gradually improve and expand its coverage areas of operational risk in actual operation.
Financial institutions working on the management of operational risk, focusing to establish consistent with the credit risk and market risk, operational risk management framework to determine the different positions in the operational risk management responsibilities, such as business management, including in particular the retail operator of the business sector, the desk staff, audit staff, risk management departments, etc. On this basis, the Risk Management Committee and other senior institutions should determine intended to adopt a risk management approach and strategy, according to which the business sector should be collected about the operation risk various data, seek professional advice and support to the market, and gradually establish the preliminary operational risk management system, strictly speaking, should be consistent with the basic principles and methods of risk management in the entire range of financial institutions, which means that the newly established operational risk management framework must be integrated into the credit risk and market risk management is consistent with the framework, operational risk, the use of the methods and principles should also be coordinated with the methods and principles of the use of the entire commercial banking risk management.
, The risk management department is not the only risk management department, business department, legal department, audit department bear the responsibility for operational risk management If market risk and credit risk management has become increasingly stressed centralized operating risk management must be emphasized decentralization. Strictly speaking, the business sector should assume a responsibility in operational risk management, which is determined by the characteristics of the operational risk, of course, should be on operational risk management principles provided by the risk management department.
(B establish operational risk report and evaluation mechanism
1, the reporting system for operational risk. Operational risk reporting system should be independent of the business sector, sensitive and should be able to reflect the changes in the risks of the operation, the main data automatically generated consistent throughout the organization using the acquisition method.
2, in the system of operational risk incentive and evaluation mechanisms. Specific management personnel involved in the running of the operational risk system, there is the possibility of its the opportunistic use this system, therefore, establish and improve the incentive mechanism and performance appraisal system in operational risk management is equally important. The same time, even if an agency established a fairly automated operational risk reporting system, but if senior management can not be dynamically involved in the overall management process, can not report the results of the performance appraisal of the employees and departments organic combination of the operation of this system will be greatly reduced.
3, reporting and assessment of the operational risk are inseparable from the operational risk measurement methods and techniques, careful selection of appropriate operational risk measurement methods and techniques is very important. General bank can use in a wide variety of computing capital allowances single indicator method test (ie a certain risk factor × gross income to provide reference data management to financial institutions, the conditional banks can also consider specific measures for the use of standardized methods. standardized methods, the banking business will be classified and each The class business gross income to calculate the configuration of the total operational risk capital requirements. timely follow-up operational risk capital of the relevant provision of the regulators and the industry the latest developments of the configuration requirements for risk management ability of the bank, it should be noted, proceed to the accumulation of various types of operational risk loss data, and on this basis to consider using a more precise method.
(Involved in the operational risk managers should perform their duties
1, the board of directors and senior management of the operational risk management should assume greater responsibility, including the establishment of a clear management structure, a clear division of responsibilities, and to ensure that the operational risk management framework to cover all relevant areas, should also establish clear all business units and support departments on operational risk management and reporting procedures. should be integrated in the operational risk management framework.
Seeking qualified, adequate operational risk management from the personnel structure, operational risk management in some international financial institutions managers of different departments, legal or audit personnel, business plans, information security personnel and other practical experience than credit risk and market risk, operational risk management staff is relatively small, and most of the need for financial institutions, combined with the actual situation training, as well as to the external recruitment.
(Select the main types of operational risk management
At present, the global management of operational risk mainly taken three methods: the headquarters centralized management type, headquarters centralized management and decentralized support, audit department occupies a leading role in type. Choose any one type, mainly depends on the respective corporate culture and the Board of Directors risk preferences, their own risk management capabilities and risk management levels. targeted selection of the type of operational risk management is conducive to the establishment and implementation of the operational risk management framework.
How operational risk management, will map out how the management level to start so the emphasis on the management of operational risk we should first sober awareness and understanding of operational risk. Secondly, from a strategic height of the development of the operational risk management strategy. third, to have a complete set of management tools, mainly refers to the operational risk management of the electronic application system., but also have specific operational risk management, including: operational risk measurement tools and management models. fifth have high-quality operational risk management and the team specific implementation of the sixth, also need to establish a mechanism of supervision and after evaluation.
In short, only the establishment of a sound operational risk management processes, frameworks and systems to be able to make the operational risk to the effective management and control, in order to minimize loss due to operational risk operational risk management requirements of the commercial banks is not temporary required, but accompanied by the development of a long-term task of the commercial banks, China's commercial banks in order to maintain the existing competitive advantage, and even achieved a certain status in the international financial markets, we must continue to improve their operational risk management.
(Note 1 Zhang Jiguang five errors: International Finance << commercial banks operational risk awareness >> 5 November 2004