operational risk on everyone s desk the radar system l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Operational Risk on Everyone’s Desk – The RADAR System PowerPoint Presentation
Download Presentation
Operational Risk on Everyone’s Desk – The RADAR System

Loading in 2 Seconds...

play fullscreen
1 / 51

Operational Risk on Everyone’s Desk – The RADAR System - PowerPoint PPT Presentation


  • 185 Views
  • Uploaded on

Operational Risk June 2002. Operational Risk on Everyone’s Desk – The RADAR System. External Requirement. Business Needs. Business Lines & Internal Stakeholders. Business OR. Group OR. Regulators & External Stakeholders. Risk Strategy. Business Direction.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Operational Risk on Everyone’s Desk – The RADAR System' - JasminFlorian


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
or clients services

External Requirement

Business Needs

Business Lines & Internal Stakeholders

Business OR

Group OR

Regulators & External Stakeholders

Risk Strategy

Business Direction

Risk Advisory/ Risk Appetite

Risk Disclosure

Market Discipline

Governance

Supervisory Review

Management & Daily Decisions

Progress Tracking & Escalation

Guideline/Policy

Data

Information Provision

Risk Analysis & Costing/Profiling

Economic Capital Methodology

Regulatory Capital Charge

OR Clients & Services

Page 1

control management process

Mgt Actions & Projects

OR Committees

Risk Advisory

Escalation & Tracking

Risk Identification

Scenarios

OR Profile

OR Costing

Process Mapping

Reporting & Analysis

Self- Assessment

Modelling

Data Collation

KRI Reporting

Loss Data Collation

Control & Management Process

Page 2

value added program

Resource Planning

Decision-Making Body

Project Initiation

Risk Costing / Risk Rating

Loss Management

  • New Initiatives
  • Risk Mitigation
  • Project status
  • Risk-Priorities
  • Audit Issues
  • Corrective Action
  • Accountability
  • Risk Awareness
  • Corporate Memory
  • Analysis/Reports
  • Risk Mapping
  • Automation
  • Outsourcing
  • E-Commerce
  • Risk Transfer
  • Constraints
  • New Products
  • Infra. Projects
  • Capital Budget
  • Aggregation
  • Quality Scores
  • Healthcheck
  • Grey Areas
  • Scenarios
  • Issue Mngmt
  • Early Warning
  • Trending
  • Escalation
  • Benchmarking
  • Best Practice
Value Added Program

OR Committees

Self-Assessment

Risk Advisory

KRI Reporting

Loss Data Collation

Proactive

Value-Added

Reactive

Passive

Potential Loss

Audit Follow-Up

Project Sign-Off

Status Report

Data Repository

Data Intensity

Page 3

system architecture

Business Data - RADAR

Economic Capital Budget

Reporting

Incident Capture

Key Risk Indicators

Self Assessment

RADAR Process Model

Incident Capture Features

- Loss categorisation

- Web-based workflow

- Decentralised control

- Tailored p+l calculations

- Email notifications/alerts

- Digital certification/sign-off

- GDS group-based security

- Data drilldown & extract

- Multi-entity/multi-lingual

- Fully Parameterisable

- User/system notes

- Online help

KRI & Reporting Features

- KRI measure/issue set up

- Product/process mapping

- Decentralised submission

- Multiple reporting streams

- Edit/report/read roleplay

- Multi-dimension data capture

- Item or bulk upload capability

- Data drilldown/breakdown

- Comparatives/benchmarks

- Issue tracking/management

- Scorecard report-writer

- Web report distribution

Self-Assessment Features

- Detailed question sets

- Loss frequency/severity

- Quality scoring/weighting

- Aggregated loss estimates

- Assessor/approver roles

- Data views and security

- Multi-entity/multi-lingual

- Standardised reporting

System Architecture

Page 4

process model

Losses

Operational Risk Data

Described by Activity Attributes

Category

Location

Org Unit

Key Risk Indicators

Process

Product

System

Self-Assessment

Simplified Activity Buckets

IR OTC & Credit Derivativatives

Cash Equities

Cash Bonds

Exch Traded Derivatives

Equity OTC Derivatives

Capital Mkts - Ldn

Order Receipt/Routing

BestConnect, DROM, Wonder

Manual

Gatornet

Manual

DealViewer

Pricing & Execution

Fidessa, Pirate, Colt, Spots, Reuters

Bloomberg, e-Bond

Trinitech, Liffe Connect, Eurex, ORC

CFD2, EqTrader

Kondor, Stars, Merlin

Deal Capture & Risk Mgt

BestConnect, Fidessa, Pirate, Colt, Imagine, Posts

Bloomberg, RIBS, Bondseye

Pirate, Trinitech, Imagine, GMI, Clearvision

Murex, Equods, Imagine

Kondor, Stars, Merlin

Settlement & Reporting

Posts, Gerts, Grave

RIBS, GRR, TRMS

Imagine, Gerts, Grave, POSTS, GMI, Clearvision

POSTS, Imagine, Gerts, Grave

AIMS, ANLOS, TRMS

Process Model

“We must have a consistent framework – the data model is the risk map”

Page 5

participation
Participation

“What is a loss ? There’s no debate once it is internally owned and authorised”

RADAR Workflow Principles

 Errors & Loss Data

  • Anyone in the bank can identify an incident
  • Investigation requires specialist control groups
  • 3 managers as a minimum sign off each incident
  • Email notification and senior management alerts
  • Validation & routing managed by control groups

Risk Indicators 

  • Central KRI specifications, also some user defined
  • Any department can establish its own reporting stream
  • Newspaper style workflow – reporters, editors, readers
  • Anyone can write an OR Report for their user rights

Page 6

categories
Categories

“What is a loss ? We need a lot of descriptive fields around the basic categories”

Errors and Loss Data

  • fully parameterisable, multi-entity, multi-lingual, local views & naming
  • direct/indirect loss effect types, multi-select, entered by investigator
  • causal ‘reason codes’, primary/secondary, entered by error owner
  • causal process point, expected/unexpected, entered by error owner
  • recoveries, contributing parties, entered by authoriser
  • Basel event categories, mapped by system, checked by validator
  • error accounts, cost centres, control process, checked by validator
  • online help and support facility

Risk Indicators

  • shared parameters/categories with loss platform
  • volume, exception, risk exception, error measures
  • multiple measure types – count, value, duration, score …
  • mandatory/optional data fields, high/med/low criticality
  • control processes, function reported by and reported for

RADAR Parameters

Page 7

functionality
Functionality

“No-one uses a system unless there’s something in it for them”

Errors and Loss Data – Multi-Currency P+L Calculations 

  • Cash Equity – buy/sell amount and price
  • Cash Bonds – as above plus interest accruals
  • Equity-Linked – as above plus conversion ratios
  • Futures and Options – as above plus commission
  • Interest Claims and Funding – rate/daycount/amount
  • Freeform p+l – multiple effect types, user notes, attach file

Risk Indicators – Data Management 

  • Product/Process/System Mapping – by KRI, org unit, location
  • Multidimensional data entry and bulk data upload
  • Data Locking and submission management
  • Issues and action management

RADAR User Tools

Page 8

reporting
Reporting

“It’s all about risk awareness .. if we can just put Operational Risk on everyone’s desk”

 Errors & Loss Data

  • Incident Search and data feed facility
  • League table reporting with incident drill down
  • Advanced power user reporting and data extract
  • Simple graphing and data analysis via data extract

 Risk Indicators

  • Report templates including ‘scorecard’ style
  • Measure/issue selection incl. prior period/benchmarks
  • Editable draft reports with OR commentary facility
  • HTML & PDF reports, data trending/graphing/drilldown
  • Integrated reporting of KRIs, loss data and self-assessment

RADAR Reporting

Page 9

loss categorisation
Loss Categorisation

Causal CategoriesSample Loss Effects Direct Cost Indirect Costs Lost Clients/Deals, Damaged Reputation, Cost to Rehire/Lock-in Corporate Memory Loss, Failed Initiatives, Staff Morale, Ongoing Ability to Rehire

One-off Developer/Support Costs Business Disruption, Damaged Reputation, Opportunity Cost of Management Time/Focus Asset/Facility Replacement Costs Project Write-downs, Write-offs Opportunity Cost of Management Time/Focus Trading Errors Funding Costs Regulatory Risk, Reputational Damage Penalties/Fines Cost to Cover Supply Failure Business Disruption, Regulatory/Reputation Risk Asset/Facility Replacement Costs Business Disruption, Damaged Reputation

Human Capital

IT Applications

Infrastructure

Management

Procedures & Controls

External Services

External Damage

Page 11

loss data workflow
Loss Data Workflow

Stage Name

Identify

reject

Automated e-mail

Investigate & Control

reject

Automated e-mail

Owner Acceptance

reject

Automated e-mail

Authorisation

Automated e-mail

reject

Validation

Loss Data Workflow

Stage Owner

Stage Description

  • Form Originator at Control Process Point
  • Enter basic incident details
  • Can be entered by any RADAR user
  • Details passed to central control group
  • Restricted Access: Control by independent function:
  • Fin Control
  • Risk Control
  • Ops Control
  • Investigation & validation of incident details
  • Independent calculation of profit/loss impact
  • Allocation of error to an Owner
  • Incident Owner: e.g. trader, salesman, officer
  • Review incident details
  • Explain causes of error
  • Accept & nominate authoriser
  • Level 1:Desk Head
  • Level 2: Head of Trading
  • Level 3: Head of Business
  • Review incident details & comment
  • Sign off on validity of incident
  • No of authorisers dependent on size
  • Restricted Access: Investigator or other members of Control Group
  • Validation of incident categorisation
  • Validate correct authorisation level

Page 12

main menu
Main Menu

Page 13

identify
Identify

Page 17

investigate interest claim
Investigate – Interest Claim

Investigate – Interest Claim

Page 19

owner accept
Owner Accept

Owner Accept

Page 22

authorise
Authorise

Authorise

Page 23

validate
Validate

Page 25

search
Search

Page 28

loss data reports

XX Division Trading Error Report - 2001

YY Product

1. High level losses by month

2001 Trading error losses (€) by Sub-Product

2001 Number of trading errors by Process

Order Receipt

AA

Limit Checks

BB

Order Routing

CC

Price Quote

DD

Execution/Order Fill

EE

Client Reporting

FF

Deal Capture

GG

Position Management

Monthly evolution of losses by location (€k)

X Product corrected fields

900

200

Unidentified

160

700

AA

Currency

BB

CC

Account

120

500

DD

Date

Number of errors

EE

Loss (€k)

Direction

80

FF

300

Instrument

GG

Price

HH

40

100

Quantity

JJ

Whole Trade

0

Jan

Feb

Mar

Apr

May

Jun

Jul

Aug

Sep

Oct

Nov

Dec

-100

Jan

Feb

Mar

Apr

May

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Comments:

1. Trading errors peaked in February 2001, with a €XXXk loss on allocation to a client during the XYZ IPO. Aside from this, errors have fluctuated about the average of €YYYk per month.

2. The majority of errors in 2001 were related to an incorrect price field, although the number of errors related to the whole trade has increased steadily since May.

Loss Data Reports

Loss data can be analysed against any of the dimensions of the RADAR Process Model

Page 31

kri categorisation
KRI Categorisation

Causal CategoriesSample Key Risk IndicatorsVolume Exception Risk Exception

Staff Key Leavers/Joiners Disciplinary Cases

# Systems Helpdesk Calls Downtime Duration Enhancement Requests Change Releases System Bugs New/Deleted Accounts Firewall Changes Policy Breaches # Servers System Dependencies Firecalls Premises Capacity Occupancy Rate Engineering Incidents

# Projects Milestones Missed Scrapped Projects Decisions Announced Decisions Pending Negative Media/Press Audits Conducted # Audit Issues Overdue Issues Trade Volumes Current Breaks Breaks >30 days Exposure Limits Limit Breaches Managed Positions # Stat/Reg Reports Targets Missed Restated Reports

# Ext Suppliers SLAs Outstanding SLA Breaches Firewall Traffic Firewall Alerts Virus/Hacker Attacks Physical Exposure BCP Invocations Insurance Claims Indemnity Exposure Complaints/Investigations Lawsuits

Human Capital

IT Applications

Infrastructure

Management

Procedures & Controls

External Services

External Damage

Page 33

risk indicator workflow
Risk Indicator Workflow

Stage Name

KRI Setup & Maintain

Assign & Raise Submissions

Automated e-mail

Data Entry & Locking

Automated e-mail

Produce Reports Review & Edit

Automated e-mail

Distribution

Risk Indicator Workflow

Access Rights

Stage Description

  • OR Editors
  • Define/set up new mandatory/optional KRIs
  • Classify measure or issue type and nature
  • Associate products, processes, org units
  • OR Editors
  • Define submissions for functions/locations
  • Assign KRI submissions to reporter groups
  • Raise/manage submissions for time periods
  • Reporter Groups
  • Enter data individually or via bulk upload
  • Enter commentary/issues and criticality
  • Lock data submissions once complete
  • Editor Groups
  • Produce OR reports and scorecards
  • Select optional data and issues
  • Add or edit OR commentary
  • Reader Groups
  • Receive/read reports
  • Query and drill down capability

Page 34

kri set up
KRI Set Up

KRI Set Up

Page 35

kri submissions
KRI Submissions

KRI Submissions

Page 37

kri data entry
KRI Data Entry

KRI Data Entry

Page 39

multi dimensional data entry
Multi-Dimensional Data Entry

Multi-Dimensional Data Entry

Page 40

bulk data entry
Bulk Data Entry

Bulk Data Entry

Page 41

issues actions
Issues & Actions

Issues & Actions

Page 42

review edit
Review & Edit

Review & Edit

Page 47

kri reporting
KRI Reporting

KRI Reporting

Page 48

integrated reporting
Integrated Reporting

Actual loss & risk indicator data validate self-assessment loss estimates & KRI benchmarks

KRI Benchmarks & Self Assessment Loss Estimates

Actual Monthly RIsk Indicators & Loss Data

Page 50