大浩浩的笔记课堂——FRM考试学习笔记113
- 2026-02-03 12:54:21
Topic 42 Operational Risk Data and Governance
1.Definition of operational risk:
⑴Basel definition:
It is the risk of loss resulting from inadequate or failed internal processes,people and systems or from external events.
⑵definition approach:
definition approach | cause impact |
what cause operational risk | people(human factor) |
internal processes | |
systems | |
external events | |
excluding | strategic risk and reputation risk |
including | legal risk |
2.Operational risk taxonomy:
Basel Ⅱ operational risk event types:
⑴execution,delivery,and process management(EDPM):
①categories:
A.transaction capture,execution and maintenance
B.monitoring and reporting
C.customer intake and documentation
D.customer/client account management
E.trade counterparties
F.vendors and suppliers
②characteristic:
They have small dollar amount,but a very large frequency of occurrence.
③example:
mandatory reporting failure,inaccurate external of loss inclined
⑵clients,products and business practices(CPBP):
①categories:
A.suitability,disclosure,and fiduciary
B.improper business or market practices
C.product flaws
D.selection,sponsorship and exposure
E.advisory activities
②characteristic:
The CPBP have the highest frequency and severity of losses.
⑶business disruption and system failures(BDSF):
①They belong to the category of systems.
②This risk type has least number of events.
⑷external frauds:
①categories:
A.theft and fraud
B.systems security
②They are very common in retail business:
retail banking,retail brokerage,credit card services
⑸internal fraud:
①categories:
A.unauthorized activity
B.theft and fraud
②These are usually low-frequency and high-severity events.
⑹employment practices and workplace safety(EPWS):
categories:
①employee relations
②safe environment
③diversity and discrimination
⑺damage to physical assets(DPA):
categories:
disasters and other events
3.Operational risk events:
⑴high frequency/low severity(HFLS):
occur regularly,but low-level losses→EL,such as EDPM
⑵low frequency/high severity(LFHS):
Rare but devastating→UL,such as CPBP
4.The elements of the operational risk framework:
⑴risk measurement and modeling(risk reporting):
①internal loss data& external loss data(external databases)
②risk and control & self-assessment(business environment and internal control factors(BEICF))
③scenario analysis
④key risk indicators(KRIs)
⑤risk culture/risk policies and procedures
⑵risk appetite
⑶risk governance
5.Internal loss data:
⑴background:
①Having a robust historical internal loss database is the basis of any operational risk framework.
②Basel Ⅱ regulation says the firms need to collect at least 5 years of data.
⑵setting a collection threshold and possible impacts:
A number of operational risk managers pick their threshold thinking only in terms of operational risk capital,but small losses in many cases can bias the risk profile of a business unit and have an impact on operational risk capital.
⑶completeness of database(under-reporting events)
⑷recoveries and near misses:
①The Basel Ⅱ rules in general do not allow for the use of recoveries to be considered for capital calculation purposes.
②The only exception is on rapidly recovered loss events but ever this exception is not accepted everywhere.
③When the rapid recovery is full,the event is considered to be a "near miss".
⑸time period for resolution of operational losses
⑹adding costs to losses
⑺provisioning treatment of expected operational losses
6.External databases:
⑴Basel Accord:
Operational risk models need to calculate regulatory capital at the 99.9% confidence level.
⑵overcome challenges:
By using other firm´s loss experiences.
⑶3 methods:
internally developed,consortia,vendors
7.Business environment and internal control factors(BEICF):
⑴background:
The tools that are commonly used by financial firms to perform this risk:
①risk control self-assessment(RCSA) programs
②business and control environment programs
⑵risk control self-assessment(RCSA):
①definition:
Asking experts about their views on the status of each business process and subprocess.These reviews are usually done every 12 or 18 months and coined,some firms try to quantify these risks.
②characteristic:
It is the anchor of the operational risk framework,and most operational risk activities are linked to this procedure.
③program:
A.assumption:
Controls are assumed to be absent.
B.questions:
The usual questions should be asked:
a/ risk scenarios:
Where are the potential failure points in each of these process?
b/ exposure:
How big a loss could happen to may operation if a failure happen?
c/ correlation to other risks:
Could a failure altogether change my organization´s performance,either financially,its reputation or affect any other area?
C.challenge:
One significant challenge that arises due to combining RCSA data is interpreting what the data actually means.
D.process:
a/ Identify and assess risks associated with each business unit´s activities.
b/ Controls are added to the RCSA program to mitigate risks identified for the firm.
·特别注意!
·Once these inherent risk are understood,controls will be added in the RCSA framework.
c/ Risk metrics and all other operational risk initiatives are linked to the RCSA program.
d/ Control tests to assess how well the controls in place mitigate potential risks.
8.Scenario analysis:
⑴3 approaches are widely used:
structured workshops,surveys,individualized discussions
⑵common issues and bias in scenarios:
①presentation bias
②availability bias
③anchoring bias
④"hurdle" bias or anxiety bias 从众心态,羊群效应
⑤gaming
⑥over or under confidence bias
⑦in expert opinion
⑧context bias(framing bias)
⑶fundamental problems in analysis:
The disparity of understanding and opinions on losses sizes and frequencies.
9.key risk indicators(KRIs):
⑴definition:
These indicators or factors are mostly quantitative and are used as a proxy for the quality of the control environment of a business.
⑵characteristic:
The lower the level you model the causal relationship,the better the chances that you will find higher level fits to the model.
10.Risk organization types:
·特别注意!
·The primary difference is that how the risk is reported and the link between separate business unit risk managers and the central risk function.
·特别注意!
·It is preferred by regulators.
大浩浩的笔记课堂之FRM考试学习笔记合集
【正文内容】
FRM二级考试
A.Market Risk
A.市场风险
Topic 1 Estimating Market Risk Measures:An Introduction and Overview
Topic 2 Non-Parametric Approaches
Topic 3 Parametric Approaches:Extreme Value
Topic 6 Messages from the Academic Literature on Risk Management for the Trading Book
Topic 7 Some Correlation Basics:Properties,Motivation and Terminology
Topic 8 Empirical Properties of Correlation:How Do Correlation Behave in the Real World
Topic 9 Statistical Correlation Models—Can We Apply Them to Finance
Topic 10 Financial Correlation Modeling—Copula Correlations
Topic 11 Empirical Approaches to Risk Metrics and Hedging
Topic 12 The Science of Term Structure Models
Topic 13 The Shape of the Term Structure
Topic 14 The Art of Term Structure Models:Drift
Topic 15 The Art of Term Structure Models:Volatility and Distribution
Topic 16 Overnight Index Swap(OIS) Discounting
B.Credit Risk
B.信用风险
Topic 20 Default Risk:Quantitative Methodologies
Topic 21 Credit Risks and Credit Derivatives
Topic 22 Credit and Counterparty Risk
Topic 23 Spread Risk and Default Intensity Models
Topic 25 Structured Credit Risk
Topic 26 Defining Counterparty Credit Risk
Topic 27 The Evolution of Stress Testing Counterparty Exposures
Topic 28 Netting,Compression,Resets,and Termination Features
Topic 32 Default Probability,Credit Spreads and Credit Derivatives
Topic 33 Credit Value Adjustment(CVA)
Topic 35 Credit Scoring and Retail Credit Risk Management
Topic 38 Understanding the Securitization of Subprime Mortgage Credit
C.Operational Risk
C.操作风险
Topic 39 Principles for the Sound Management of Operational Risk
Topic 40 Enterprise Risk Management:Theory and Practice
Topic 41 Observations on Developments in Risk Appetite Frameworks and IT Infrastructure
