Follow Us

Follow us on Twitter  Follow us on LinkedIn
 

06 October 2014

Bank for International Settlements: Review of the principles for the sound management of operational risk


This paper reviews banks' implementation of the 2011 Principles for the Sound Management of Operational Risk. The principles embody the lessons from the financial crisis and evolving sound practice in operational risk management.

In June 2011 the Basel Committee on Banking Supervision published its “Principles for the Sound Management of Operational Risk” (“the Principles”) to provide guidance to banks on the management of operational risk. The eleven principles incorporate the lessons from the financial crisis and the evolution of sound practice for management of operational risk.

The principles set out the Committee's expectations for the management of operational risk. All internationally active banks should implement policies, procedures and practices to manage operational risk commensurate with their size, complexity, activities and risk exposure, and seek continuous improvement in these areas as industry practice evolves. In order to enhance operational risk management, the principles provide comprehensive guidance regarding the qualitative standards that should be observed to achieve more rigorous and comprehensive operational risk management.

In light of the significant number of recent operational risk-related losses incurred by banks, and consistent with the Committee’s greater focus on monitoring the implementation of its standards and guidance, earlier this year the Basel Committee conducted a review of the implementation of its Principles. The review involved 60 systemically important banks in 20 jurisdictions and covered all 11 principles with a specific focus on the guidance related to the three lines of defence. The exercise was designed as a questionnaire by which banks self-assessed their implementation of the Principles. While it was conducted under the overall supervision of the Basel Committee and the respective supervisory authorities, the review did not involve an onsite validation of the banks’ responses.

The objectives of the exercise were to

  • establish the extent to which banks have implemented the Principles,
  • identify significant gaps in their implementation and
  • highlight emerging and noteworthy operational risk management practices at banks that are not currently addressed by the Principles.

Progress in implementing the principles varies significantly across banks and, overall, more work is needed to achieve full implementation. In particular, four principles that have been identified as among the least thoroughly implemented are:

  • operational risk identification and assessment;
  • change management;
  • operational risk appetite and tolerance; and
  • disclosure.

Full review



© BCBS (BIS)


< Next Previous >
Key
 Hover over the blue highlighted text to view the acronym meaning
Hover over these icons for more information



Add new comment