.

Presentation by:
Yogieta S. Mehra

In light of
29 Jan 2009
 Who Regulates Bank Capital?
• Bank regulators of individual
countries do not act alone in
setting rules for bank capital.
They coordinate their capital
regulation through the Basel
Committee on Bank Supervision

• The Committee meets at the,

Bank for International
Settlements (BIS), an
Munsterplatz,,
international organization, Basel- Switzerland
founded in 1930, that fosters
monetary and financial
cooperation and acts as a bank
Post P100801 from Ed Dolan’s Econ Blog http://dolanecon.blogspot.com/
for central banks.
 The Basel Accords

• The Basel Committee periodically

issues “accords” that set out
international standards for bank
capital as well as other bank
regulations

• The first Basel Accords, now called

Basel I, were issued in 1988

• They were replaced by a new set of

standards, Basel II, in 2004.
 Regulatory Definition of
Operational Risk – BASEL II

• Operational Risk is defined as “the risk of

loss resulting from inadequate or failed
internal processes, people and systems or
from external events”

• This definition includes legal risk but excludes

Strategic and Reputational risk.
 Basel I
• Basel Committee on Banking Supervision established by
Central Bank Governors of G-10 countries

• The Bank for International Settlements (BIS) created the

first Basel Accord in 1988. The accord was meant to
strengthen soundness and stability of the international
Banking system.

• Basel I introduced in virtually all countries.

• The Accord had fairly stringent guidelines for calculating

credit risk.
 Basel II
• The 1988 Accord failed to address new and
innovative risk management vehicles and
methods for managing credit risk.

• Basel I did not include Operational Risk , thus

failed to capture an important component of
most banks’ risk profiles.

• 1999- Proposal for a new capital adequacy

framework to replace Basel –I

• Revised Framework issued in 2004

 Changes in Basel II

• Operational Risk separated from Credit and Market risk This

will increase capital requirement for banks.

• The framework based on three mutually reinforcing pillars:

– Minimum Capital Requirements;
– Supervisory Review Process;
– Market Discipline;

• Intended to provide a World Standard;

• Bank’s own risk assessment methodology is preferred;

 Basel Accord II–
Basic Structure
• . Three Basic
Pillars

Minimum Capital Supervisory Review

Market Discipline
Requirement Process

Risk Weighted Definition of

Assets Capital

Supplementary
Core Capital
Capital

Credit Risk Operational Risk Market Risk

Standardized Internal Rating Basic Indicator Standardized Advanced Measurement Standardized Models
Approach Based Approach Approach Approach Approach Approach Approach
 Objectives of Basel II Accord
Promote safety and soundness of Financial System

Enhance competitive equality

Create capital adequacy assessments and approaches that are

appropriate to the degree of risk involved in a bank’s positions
and activities.

Focus on internationally active banks while allowing principles to be

flexible enough to have application to a wide variety of banking operations

Encourage continuous improvement in bank’s internal risk assessment

capabilities.
 Basel II

3 Pillar Concept

Pillar 1 Pillar 2 Pillar 3

Minimum Capital Charge Supervisory Review Market Discipline

• Encourages
• Establish risk sensitive development of better • Reinforces capital
minimum capital risk management regulation/supervisory
requirements techniques efforts

• Rules for calculating • Assesses ability to • Greater transparency/

credit and operational measure economic disclosure trade-off for
risk capital capital use of internal
measurement
• Menu of options from • Allows for capital add- approaches
simple to advanced ons by supervisors
 Basel II definition of Operational Risk
Causal Categories:
Employee Behaviour
Potential or Corporate Behaviour

• . Forward looking Information

Technology
External Environment
Force Majeure

The risk of loss resulting from any inadequate or failed

internal processes or from external events

Inadequate collateral
management
External Fraud, Failed matching of cash &
Fire, Flood, securities
“People and systems” in Legal action, Missed option exercise date
the regulatory definition Tax, Unenforceable documentation
are captured in internal Regulations, Internal fraud
process False money,
Terrorism
What Operational Risk is not:
– Credit Risk
– Market Risk
– Strategic Risk

Operational Risk is NOT LIMITED to the

processing-type of risks generally
associated with a back-office operations.
 Other definitions of Op Risk
• Hoffman defines OR as “the risk of loss from
business disruption, control failures, errors,
misdeeds or external events.
• He categorized these losses into five risk
classes:
1. People Risks : losses due to the actions of an
employee.

2. Relationship Risks : losses due to firm’s

relation with others, including clients, investors,
regulators and other third parties.
3. Technology and Processing Risks : losses due
breakdown, failure, or disruption of operating
processes.

4. Physical Risks: losses resulting from loss of, or

damage to , physical assets for which the firm
is responsible.

5. Other External Risks: losses due to the actions

of external parties, including losses due to
fraud and legal exercise of a regulator’s
authority.
 Objectives of Operational Risk
Management
• There are three objectives of ORM:

1. Determine the type of losses the organization

faces

2. Identify the causes and estimate the size of the

losses.

3. Mitigate associated risks

 Why Focus on
Operational Risk Management?
• Largest losses in the financial services
industry are attributed to Operational
Risk.

• Good business sense

• The new world post-September 11, 2001,

and resulting regulatory requirements
 Examples of
Op Risk Failures
.
Societe Generale
Hurricane
Katrina
Enron Sumitomo Bank

Tyco
Allied Irish
Bank
Parmalat
Barings

REFCO
 Operational Risk –
Computational Approaches
 BIA - Basic Indicator Approach
• This is the simplest approach and the default option for
most banks all over the world unless otherwise specified.

• Capital charge is based on the average of positive gross

income of previous three years

• Total Capital Charge = a*gross income

 a is relating industry wide level of required capital to the

industry wide level of the indicator, which is set by
Committee at 15%.

• All Indian Banks are currently following this approach as

advised by RBI.
 TSA - The Standardised
Approach
• Banks’ activities divided into 8 business lines

• Indicator is gross income of each business line

• Capital charge for each business line calculated by

multiplying gross income by a factor (beta)

• Total capital charge is the sum of capital charge of

each business line:
Capital Charge = S(G1-8* b1-8)
 TSA contd…
The eight business line are :

1. Corporate Finance 18%

2. Trading & Sales 18%
3. Retail Banking 12%
4. Commercial Banking 15%
5. Payment & Settlement 18%
6. Agency Services 15%
7. Asset Management 12%
8. Retail Brokerage 12%

Shifting to Basel II, could be advantageous for economies

whose banks have significant SME exposure
 AMA – Advanced Measurement
Approach
• This is the most complicated of the three options.

• Each firm calculates its own capital requirement by

developing and applying its own internal risk
measurement system.

• Use of AMA is subject to supervisory approval

Why move to AMA ?

Moving from BIA or TSA to AMA would lead to less
capital allocation for Operational Risk
 AMA contd…..
• It is based on estimates of :
– Unexpected losses using internal & external data
– Scenario Analysis
– Bank specific business environment
– Internal control factors
• AMA takes into account the following:
– Internal Loss data of various units or sectors
– Probability of Loss Event
– Loss given Event
 Approaches to AMA
• Banks are required to employ quantitative /
qualitative approaches like :

Internal measurement Approach

Loss Distribution Approach
Balanced Scorecard Approach
RCSA
Scenario Analysis

for adopting AMA

 Operational Risk
Management
Components
• Identify & Assess Risk
• Monitor Risk
• Manage Risk
• Measure Risk
• Disclose Risk
 Dimensions of Op Risk
Assessment
• Qualitative Quantitative
Top – down
(firm wide
level) •Assessment •Firm wide Trends and
Interviews Regression analysis.
•Delphi Scenarios •Loss distribution / actuarial
analysis

•Assessment •Business unit level trends

Interviews and regression analysis.
•Control Self •Loss Distribution Analysis
Bottom –
up Assessment (CSA) •Causal Bayesian belief
(business – analysis
wide level) •Systems dynamics
Approaches to AMA
 The Key Building Blocks of the
Operational Risk Measurement Sub-Process

1. Historical Data 2. Forward Looking Data

Risk Industry & Risk

Data Key
Bank cleaning Scenario Risk
Control internal Investment in Mitigation
Self benchmarking people, process (control action
Incident & Analysis Indicators
Assessment & process & technology plans and/or
Database Aggregation (KRI)
(RCSA) efficiency insurance)

Industry Consortium Data Model Operational Risk

for pooling mapping &
Matrix
internal loss data comparison

Loss 3. Synthesis of Historical and Forward Looking Data

External Loss Distribution
Management
Database Information for
(i.e. Event data Initial Qualitative Op Risk Committees
Analytics
such as PWC) Operational Risk Factors •KRI
Capital Adjustment •RCSA
Figure •Matrix
•Regulatory Capital
•Economic Capital
•Action plans
•Recommendations
Ultimately
 Indian Exposition – KPMG
Survey
• 75% banks have not specifically budgeted for Basel
II programme.

• 89% banks have a dedicated team for Basel II

implementation.

• 16% banks have commenced planning process for

more advanced approaches of Basel II.

• Most of the banks not prepared to manage

operational risk.
 Major Challenges to manage
Operational Risk
• Indian Banks have no database of time series or
historical data of operational losses and causes.

• Process standardisation, cost control, acquiring

necessary skill sets is another concern area.

• Awareness and creation of right culture in the

organization for Operational Risk Management.

• Solution must be ingrained in the day-to-day

process of the bank.
 Measurement of Operational
Risk- various approaches
• Various approaches are
suggested for Operational Risk
measurement .
• Some of them are :
• Near Miss Management
approach
– This approach by
Muermann & Oktem aims
to focus more on high
frequency- low impact
events (Area 3) as they are
a signaling device for rare
but big events.
 The RCSA approach
• RCSA is the most proactive approach.

• based on idea that people on the field are better

informed than external auditors or controllers.

• Basel Committee has allowed banks to model their risks

themselves, provided they comply with a number of
criteria.

• RCSA process is a co-operative work between line

management, operational risk management, and internal
audit.

• In workshops and group discussions, the objectives are

to identify the various risks of the entity, assess the level
of control, and suggest improvements
• This matrix includes potential
incidents given the controls
that are already in place.
• Without any internal control,
one could almost place every
incident in the « danger »
zone.
• Thus, incidents placed in the «
safe » zone are probably
events mastered by efficient
controls and
procedures

• Department heads/business
heads are ultimately
responsible for assessing the
design and the performance of
controls. Self-assessment
reinforces this accountability.
 The road ahead…….
• Basel II will foster Financial Stability and encourage
banks to adopt improved risk management practices

• Subprime crisis has highlighted the range of

Operational Risks banks are exposed to

• The new framework is complex and calls for

revamping of entire management information
system and allocation of substantial resources
• There is no foolproof model to manage and
measure Operational Risk.

• Many Indian Banks intend to adopt RCSA on their

way to move from BIA to AMA.

• Alternative approaches be studied and applied to

the Indian Banks data available and tested.

• Implementation of Basel II is a long journey than the

destination itself.
Thank you