Radar by chenshu

VIEWS: 120 PAGES: 51

									Operational Risk                     June 2002




      Operational Risk on Everyone’s Desk
      – The RADAR System
 OR Clients & Services

                   Business Needs                            External Requirement


 Business Lines &                                                              Regulators &
     Internal                    Business OR            Group OR                 External
  Stakeholders                                                                 Stakeholders



Risk Strategy
       Business               Risk Advisory/         Risk Disclosure         Market Discipline
       Direction              Risk Appetite


Governance
 Management &                 Progress Tracking                                Supervisory
                                                    Guideline/Policy             Review
 Daily Decisions                & Escalation


Data
   Information                  Risk Analysis &     Economic Capital        Regulatory Capital
    Provision                   Costing/Profiling     Methodology               Charge



                                                                                                 Page 1
   Control & Management Process


                                                     Mgt Actions &
                                                       Projects
                                      OR Committees
                                Risk Advisory

               Escalation &
                Tracking
                                                                                     Risk
Scenarios                                                                        Identification
                                                    OR
                   OR Costing                      Profile
                                                                       Process Mapping



                  Reporting &                                     Self- Assessment
                   Analysis
   Modelling
                                   KRI Reporting     Loss Data      Data
                                                      Collation    Collation


                                                                                                  Page 2
   Value Added Program


                Self-              OR                                                         Loss Data
                                                    Risk Advisory        KRI Reporting
             Assessment         Committees                                                    Collation

Proactive     Resource           Decision-              Project          Risk Costing /        Loss
              Planning          Making Body            Initiation         Risk Rating       Management
 Value-
 Added




             Capital Budget     New Initiatives     Outsourcing        Scenarios         Corrective Action
             Aggregation        Risk Mitigation     E-Commerce         Issue Mngmt       Accountability
             Quality Scores     Project status      Risk Transfer      Early Warning     Risk Awareness
             Healthcheck        Risk-Priorities     Constraints        Trending          Corporate
             Grey Areas         Audit Issues        New Products       Escalation       Memory
                                                      Infra. Projects    Benchmarking      Analysis/Reports
                                                                          Best Practice     Risk Mapping
                                                                                             Automation

Reactive    Potential Loss     Audit Follow-Up      Project Sign-Off     Status Report     Data Repository
Passive

                                                                                              Data Intensity



                                                                                                                  Page 3
System Architecture

                            Business Data - RADAR                                       Economic
                                                                                      Capital Budget


                                      Reporting

                           Incident            Key Risk                                   Self
                           Capture            Indicators                               Assessment

                             RADAR Process Model




 Incident Capture Features                        KRI & Reporting Features              Self-Assessment Features
  - Loss categorisation                            - KRI measure/issue set up            - Detailed question sets
  - Web-based workflow                             - Product/process mapping             - Loss frequency/severity
  - Decentralised control                          - Decentralised submission            - Quality scoring/weighting
  - Tailored p+l calculations                      - Multiple reporting streams          - Aggregated loss estimates
  - Email notifications/alerts                     - Edit/report/read roleplay           - Assessor/approver roles
  - Digital certification/sign-off                 - Multi-dimension data capture        - Data views and security
  - GDS group-based security                       - Item or bulk upload capability      - Multi-entity/multi-lingual
  - Data drilldown & extract                       - Data drilldown/breakdown            - Standardised reporting
  - Multi-entity/multi-lingual                     - Comparatives/benchmarks
  - Fully Parameterisable                          - Issue tracking/management
  - User/system notes                              - Scorecard report-writer
  - Online help                                    - Web report distribution


                                                                                                                        Page 4
 Process Model

“We must have a consistent framework – the data model is the risk map”


                         Losses                                                                                         Category
                                                                                                                        Location
                                                                                   Described by                         Org Unit
                                                     Operational
              Key Risk Indicators                                                    Activity
                                                      Risk Data
                                                                                    Attributes                             Process
                                                                                                                           Product
                Self-Assessment                                                                                            System


                                                        Simplified Activity Buckets

                                                                                Exch Traded                  Equity OTC               IR OTC & Credit
Capital Mkts - Ldn             Cash Equities               Cash Bonds
                                                                                 Derivatives                 Derivatives               Derivativatives

                            BestConnect, DROM,
Order Receipt/Routing                                   Manual              Gatornet                      Manual                     DealViewer
                            Wonder


                            Fidessa, Pirate, Colt,                          Trinitech, Liffe Connect,
Pricing & Execution                                     Bloomberg, e-Bond                                 CFD2, EqTrader             Kondor, Stars, Merlin
                            Spots, Reuters                                  Eurex, ORC


                            BestConnect, Fidessa,
                                                        Bloomberg, RIBS,    Pirate, Trinitech, Imagine,
Deal Capture & Risk Mgt     Pirate, Colt, Imagine,                                                        Murex, Equods, Imagine     Kondor, Stars, Merlin
                                                        Bondseye            GMI, Clearvision
                            Posts

                                                                            Imagine, Gerts, Grave,        POSTS, Imagine, Gerts,
Settlement & Reporting      Posts, Gerts, Grave         RIBS, GRR, TRMS                                                              AIMS, ANLOS, TRMS
                                                                            POSTS, GMI, Clearvision       Grave

                                                                                                                                                             Page 5
          Participation

   “What is a loss ? There’s no debate once it is internally owned and authorised”

                                                 RADAR Workflow Principles
             Stage Name                                                                              Stage Name
                                        Errors & Loss Data
               Identify                                                                              KRI Setup
                                        Anyone in the bank can identify an incident                 & Maintain
 reject
                    Automated e-mail    Investigation requires specialist control groups
            Investigate &               3 managers as a minimum sign off each incident            Assign & Raise
               Control                                                                              Submissions
reject              Automated e-mail
                                        Email notification and senior management alerts
                                                                                                           Automated e-mail

               Owner                    Validation & routing managed by control groups              Data Entry
             Acceptance                                                                              & Locking
reject              Automated e-mail
                                                                                                           Automated e-mail
                                       Risk Indicators 
            Authorisation                                                                         Produce Reports
                                        Central KRI specifications, also some user defined
                                                                                                   Review & Edit
reject
                    Automated e-mail
                                        Any department can establish its own reporting stream             Automated e-mail


             Validation                 Newspaper style workflow – reporters, editors, readers     Distribution
                                        Anyone can write an OR Report for their user rights

                                                                                                                          Page 6
  Categories

“What is a loss ? We need a lot of descriptive fields around the basic categories”

                               Errors and Loss Data
                                fully parameterisable, multi-entity, multi-lingual, local views & naming
                                direct/indirect loss effect types, multi-select, entered by investigator
                                causal ‘reason codes’, primary/secondary, entered by error owner
                                causal process point, expected/unexpected, entered by error owner
                                recoveries, contributing parties, entered by authoriser
                                Basel event categories, mapped by system, checked by validator
                                error accounts, cost centres, control process, checked by validator
                                online help and support facility
      RADAR Parameters

                               Risk Indicators
                                shared parameters/categories with loss platform
                                volume, exception, risk exception, error measures
                                multiple measure types – count, value, duration, score …
                                mandatory/optional data fields, high/med/low criticality
                                control processes, function reported by and reported for
                                                                                                            Page 7
Functionality

       “No-one uses a system unless there’s something in it for them”

Errors and Loss Data – Multi-Currency P+L Calculations 
 Cash Equity – buy/sell amount and price
 Cash Bonds – as above plus interest accruals
 Equity-Linked – as above plus conversion ratios
 Futures and Options – as above plus commission
 Interest Claims and Funding – rate/daycount/amount
 Freeform p+l – multiple effect types, user notes, attach file


Risk Indicators – Data Management 
 Product/Process/System Mapping – by KRI, org unit, location
 Multidimensional data entry and bulk data upload
 Data Locking and submission management
 Issues and action management


               RADAR User Tools
                                                                        Page 8
                            Reporting

t’s all about risk awareness .. if we can just put Operational Risk on everyone’s des
  XX Division Trading Error Report - 2001
  YY Product
  1. High level losses by month

                                        2001 Tr ading error losses (€) b y Sub-Product                                                                     2001 Number of trading error s b y Process


                                                                                                AA                                                                                                          Order Receipt

                                                                                                BB

                                                                                                CC
                                                                                                                                                                                                            Limit Checks

                                                                                                                                                                                                            Order Routing

                                                                                                                                                                                                            Price Quote
                                                                                                                                                                                                                                               Errors & Loss Data
                                                                                                DD
                                                                                                                                                                                                            Execution/Order Fill
                                                                                                EE



                                                                                                                                                                                                                                               Incident Search and data feed facility
                                                                                                                                                                                                            Client Reporting
                                                                                                FF                                                                                                          Deal Capture

                                                                                                GG                                                                                                          Position Management




                                                                                                                                                                                                                                               League table reporting with incident drill down
                                        Monthly evolution of losses b y location (€k)                                                                           X Product corr ect ed fields
               900                                                                                                          200



               700                                                                                                          160                                                                                                Unidentified
                                                                                                           AA
                                                                                                                Number of errors




                                                                                                           BB                                                                                                                  Currency




                                                                                                                                                                                                                                               Advanced power user reporting and data extract
                                                                                                           CC                                                                                                                  Account
                                                                                                                            120
               500
                                                                                                           DD
   Loss (€k)




                                                                                                                                                                                                                               Date
                                                                                                           EE
                                                                                                                                                                                                                               Direction
                                                                                                                                   80
               300                                                                                         FF
                                                                                                                                                                                                                                   ument
                                                                                                                                                                                                                               Instr
                                                                                                           GG
                                                                                                                                                                                                                               Price
                                                                                                           HH                      40




                                                                                                                                                                                                                                               Simple graphing and data analysis via data extract
               100                                                                                         JJ                                                                                                                  Quantity

                                                                                                                                                                                                                                       ade
                                                                                                                                                                                                                               Whole T r
                                                                                                                                    0
                      Jan   Feb   Mar      Apr    May     Jun    Jul    Aug    Sep       Oct   Nov   Dec
               -100                                                                                                                     Jan   Feb   Mar   Apr   May    Jun     Jul     Aug     Sep   Oct   Nov    Dec


  Comments:
  1. Trading errors peaked in February 2001, with a €XXXk loss on allocation to a client during the XY Z IPO. Aside from this, errors hav e f luctuated about the av erage of €YYY k per month.
  2. The majority of errors in 2001 were related to an incorrect price f ield, although the number of errors related to the whole t rade has increased steadily since May .




                                                                                                                                                                                                                                                               RADAR Reporting


                                                                                                                                                                                                                                               Risk Indicators
                                                                                                                                                                                                                                               Report templates including ‘scorecard’ style
                                                                                                                                                                                                                                               Measure/issue selection incl. prior period/benchmarks
                                                                                                                                                                                                                                               Editable draft reports with OR commentary facility
                                                                                                                                                                                                                                               HTML & PDF reports, data trending/graphing/drilldown
                                                                                                                                                                                                                                               Integrated reporting of KRIs, loss data and self-assessment
                                                                                                                                                                                                                                                                                                         Page 9
Operational Risk                    June 2002




      Loss Data Appendix & Screenshots
Loss Categorisation

Causal Categories                                       Sample Loss Effects
                     Direct Cost                               Indirect Costs

                                                               Lost Clients/Deals, Damaged Reputation,
  Human Capital      Cost to Rehire/Lock-in                    Corporate Memory Loss, Failed Initiatives,
                                                               Staff Morale, Ongoing Ability to Rehire


  IT Applications    One-off Developer/Support Costs
                                                               Business Disruption, Damaged Reputation,
                                                               Opportunity Cost of Management Time/Focus
  Infrastructure     Asset/Facility Replacement Costs




   Management        Project Write-downs, Write-offs           Opportunity Cost of Management Time/Focus


                     Trading Errors
  Procedures &       Funding Costs                             Regulatory Risk, Reputational Damage
    Controls         Penalties/Fines


 External Services   Cost to Cover Supply Failure              Business Disruption, Regulatory/Reputation Risk


 External Damage     Asset/Facility Replacement Costs          Business Disruption, Damaged Reputation


                                                                                                            Page 11
 Loss Data Workflow

          Stage Name                 Stage Description                                   Stage Owner

                                     • Enter basic incident details                     • Form Originator at
             Identify                • Can be entered by any RADAR user                 Control Process Point
                                     • Details passed to central control group
 reject
                  Automated e-mail
                                                                                        Restricted Access: Control
                                     • Investigation & validation of incident details   by independent function:
          Investigate &              • Independent calculation of profit/loss impact    • Fin Control
             Control                 • Allocation of error to an Owner                  • Risk Control
                                                                                        • Ops Control
reject            Automated e-mail
                                     • Review incident details                          • Incident Owner: e.g.
            Owner                    • Explain causes of error                          trader, salesman,
          Acceptance                 • Accept & nominate authoriser                     officer
reject            Automated e-mail

                                     • Review incident details & comment                • Level 1:Desk Head
          Authorisation              • Sign off on validity of incident                 • Level 2: Head of Trading
                                     • No of authorisers dependent on size              • Level 3: Head of Business
                  Automated e-mail
reject
                                                                                        • Restricted Access:
                                     • Validation of incident categorisation
           Validation                                                                   Investigator or other
                                     • Validate correct authorisation level             members of Control Group




                                                                                                                      Page 12
Main Menu




            Page 13
Online Help & Support




                        Page 14
Parameterisation – Control Groups




                                    Page 15
Parameterisation – Loss Categories




                                     Page 16
Identify




           Page 17
Investigate – Cash Equity




                            Page 18
Investigate – Interest Claim




                               Page 19
Investigate – Funding Details




                                Page 20
Investigate – Freeform P+L




                             Page 21
Owner Accept




               Page 22
Authorise




            Page 23
Management Alerts




                    Page 24
Validate




           Page 25
Routing, Void, Reassign




                          Page 26
Multi-Entity




               Page 27
Search




         Page 28
League Table Reporting




                         Page 29
Advanced Reporting




                     Page 30
Loss Data Reports

 Loss data can be analysed against any of the dimensions of the RADAR Process Model

 XX Division Trading Error Report - 2001
 YY Product
 1. High level losses by month

                                       2001 Trading error losses (€) by Sub-Product                                                                     2001 Number of trading errors by Process


                                                                                             AA                                                                                                        Order Receipt

                                                                                                                                                                                                       Limit Checks
                                                                                             BB
                                                                                                                                                                                                       Order Routing
                                                                                             CC
                                                                                                                                                                                                       Price Quote
                                                                                             DD
                                                                                                                                                                                                       Execution/Order Fill
                                                                                             EE
                                                                                                                                                                                                       Client Reporting
                                                                                             FF                                                                                                        Deal Capture

                                                                                             GG                                                                                                        Position Management




                                       Monthly evolution of losses by location (€k)                                                                          X Product corrected fields
              900                                                                                                       200



              700                                                                                                       160                                                                                               Unidentified
                                                                                                        AA




                                                                                                             Number of errors
                                                                                                        BB                                                                                                                Currency

                                                                                                        CC              120                                                                                               Account
              500
                                                                                                        DD
  Loss (€k)




                                                                                                                                                                                                                          Date
                                                                                                        EE
                                                                                                                                                                                                                          Direction
                                                                                                                                80
              300                                                                                       FF
                                                                                                                                                                                                                          Instrument
                                                                                                        GG
                                                                                                                                                                                                                          Price
                                                                                                        HH                      40
              100                                                                                       JJ                                                                                                                Quantity

                                                                                                                                                                                                                          Whole Trade
                                                                                                                                 0
                     Jan   Feb   Mar      Apr    May    Jun    Jul    Aug    Sep      Oct   Nov   Dec
              -100                                                                                                                   Jan   Feb   Mar   Apr   May    Jun    Jul    Aug     Sep   Oct   Nov    Dec


 Comments:
 1. Trading errors peaked in February 2001, with a €XXXk loss on allocation to a client during the XYZ IPO. Aside from this, errors have fluctuated about the average of €YYYk per month.
 2. The majority of errors in 2001 were related to an incorrect price field, although the number of errors related to the whole trade has increased steadily since May.




                                                                                                                                                                                                                                         Page 31
Operational Risk                   June 2002




      KRI Appendix & Screenshots
KRI Categorisation

Causal Categories                          Sample Key Risk Indicators
                     Volume                       Exception                   Risk Exception

  Human Capital      Staff                        Key Leavers/Joiners         Disciplinary Cases


                     # Systems                    Helpdesk Calls              Downtime Duration
  IT Applications    Enhancement Requests         Change Releases             System Bugs
                     New/Deleted Accounts         Firewall Changes            Policy Breaches

   Infrastructure    # Servers                    System Dependencies         Firecalls
                     Premises Capacity            Occupancy Rate              Engineering Incidents


                     # Projects                   Milestones Missed           Scrapped Projects
   Management        Decisions Announced          Decisions Pending           Negative Media/Press
                     Audits Conducted             # Audit Issues              Overdue Issues

                     Trade Volumes                Current Breaks              Breaks >30 days
   Procedures &
                     Exposure Limits              Limit Breaches              Managed Positions
     Controls        # Stat/Reg Reports           Targets Missed              Restated Reports


 External Services   # Ext Suppliers              SLAs Outstanding            SLA Breaches

                     Firewall Traffic             Firewall Alerts             Virus/Hacker Attacks
 External Damage     Physical Exposure            BCP Invocations             Insurance Claims
                     Indemnity Exposure           Complaints/Investigations   Lawsuits

                                                                                                      Page 33
Risk Indicator Workflow


       Stage Name                Stage Description                               Access Rights


       KRI Setup                 • Define/set up new mandatory/optional KRIs
                                 • Classify measure or issue type and nature    • OR   Editors
       & Maintain                • Associate products, processes, org units


                                 • Define submissions for functions/locations
      Assign & Raise             • Assign KRI submissions to reporter groups    •OR Editors
       Submissions               • Raise/manage submissions for time periods
              Automated e-mail
                                 • Enter data individually or via bulk upload
       Data Entry                • Enter commentary/issues and criticality      • Reporter   Groups
       & Locking                 • Lock data submissions once complete
              Automated e-mail

                                 • Produce OR reports and scorecards
    Produce Reports              • Select optional data and issues              • Editor   Groups
     Review & Edit               • Add or edit OR commentary
              Automated e-mail

                                 • Receive/read reports
       Distribution                                                             • Reader    Groups
                                 • Query and drill down capability



                                                                                                      Page 34
KRI Set Up




             Page 35
Process Mapping




                  Page 36
KRI Submissions




                  Page 37
Submission Details




                     Page 38
KRI Data Entry




                 Page 39
Multi-Dimensional Data Entry




                               Page 40
Bulk Data Entry




                  Page 41
Issues & Actions




                   Page 42
Manage Submissions




                     Page 43
Report Templates




                   Page 44
Report Writing




                 Page 45
Measures Selection




                     Page 46
Review & Edit




                Page 47
KRI Reporting




                Page 48
Data Drilldown




                 Page 49
   Integrated Reporting


  Actual loss & risk indicator data validate self-assessment loss estimates & KRI benchmarks



KRI Benchmarks &
 Self Assessment
 Loss Estimates




                                                                                 Actual Monthly
                                                                                 RIsk Indicators
                                                                                  & Loss Data

                                                                                               Page 50

								
To top