By Sabyasachi Bardoloi, Pinnacle Research Group, Pinnacle Systems, Inc.

The tabling of the New Basel Capital Accord, or more commonly Basel II, by the Bank for International Settlement heralded a change of perception within the financial services industry with regard to its locus standi on capital requirements. One of the most sweeping changes in the accord is the inclusion of operational risk assessment for the very first time. The Basel Committee defines operational risk as “the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events.” Thus, it includes the fallout of technology failure, fraud, legal uncertainties, and other unexpected catastrophic events.

A peek within
Operational risk surfaced in the 1990s as a chain of operational catastrophes affecting numerous financial institutions around the globe. The most notable among them included the collapse of the Barings Bank. The entire last decade of the twentieth century witnessed news of banking failures grabbing cover page headlines the world over, the latest being reports of failure by several Australian banks to provide online services.

The Basel Committee has made it clear that operational risk is now a core issue for financial institutions and has set a deadline for this year to allocate capital aimed expressly at reducing exposure to operational risks. The term operational risk has been defined only in the last few years. Risk simply cannot be understood as “uncertainty about the future” or the “probability of sustaining a loss.” Rather, it is “an expression of the danger that the effective future outcome will deviate from the expected or planned outcome in a negative way.” This definition means that a bank does not accept risks simply as fate but deals with them intentionally.

The vital rudiments
A study of the definitions of operational risk published in the last few years by banks, consultancies, and supervisory authorities indicates the following vital rudiments:

  • Persistent focus on internal aspects that the bank can and needs to shape and influence. These are often measures or failures to be acted upon by the bank and its staff. These risks are clearly different from market and credit risks.
  • Higher emphasis on process orientation in the operational risk concept. The importance placed on the process aspects positions the definition of operational risk management nearer to “total quality management.” In the banking sector, operational risk resembles similar risks in industry more closely than it resembles market or credit risks in a bank.
  • The critical role played by people and the errors they commit either out of self-interest or sheer ignorance. The three types of operational risk in this context include hazards, errors, and conflicts.
  • The external incidents include natural, political, or military events, and losses and failures in the infrastructure of technical nature; they deal with the legal, tax, and regulatory environment. All occur outside the ambit of credit and market risk.

The measurement metrics
One pertinent question that arises is, why measure operational risk?

It is undoubtedly breaking new ground. Over and above this, the methodology needs to be continuously reviewed, improvised, and improved. Measuring operational risk on a holistic firm-wide basis accounts for the following advantages to banks:

  • Risk management and audit focus becomes more proportional to the potential risks.
  • Performance metrics can be fully articulated on a risk/return basis and aligned with the creation of shareholder wealth.
  • A risk-aware culture in the business dawn, leading to a cautious approach.
  • Leads to profitable businesses, products, and clientele groups.
  • Delivery process can be more accurately identified and subsequently dominated.
  • Risk diversification advantages, as well as costs of mergers, acquisitions, and divestments, can be judiciously estimated.

The key approaches
The Basel Committee has identified three approaches to determine capital allocation for operational risk. They are:

  • The Basic Indicator Approach
  • The Standardized Approach
  • The Advanced Measurement Approach

The Basic Indicator Approach is the simplest, but it will charge the most capital. It’s based on a straight percentage of gross income, which includes net interest income and net noninterest income but excludes extraordinary or irregular items. While this approach may roughly capture the scale of an institution’s operations, it surely has only the most questionable link to the risk of an expected loss due to internal or external events.

The Standardized Approach calls for an institution to break up its operations into eight business lines. Each business line is assigned to an Exposure Indicator (EI) in reference to the magnitude of the bank’s operation in that particular area. Hence, each of the EIs is multiplied by a percentage, which reflects a business line’s operational risk and thus determines the overall capital requirement of the institution.

The Advanced Measurement Approach (AMA) charges the least amount of capital. However, going by the sophistication of the AMA from the perspective of the cost beneficial factor, it will perhaps be wrong to conclude that it is thus far the best approach. The AMA, however, offers the greatest possibility to reduce capital requirements. It includes three approaches, namely the internal measurement approach (IMA), the models approach, and the scorecard approach. The AMA offers maximum elasticity for banks to measure risk. As the AMA requires numerous requirements, most institutions could not be expected to cater to the same overnight.

A critical overview
Regulatory authorities recently informed the U.S. Congress about the way they intend to comply with Basel II obligations. They believe it’s mandatory for 10 active international banks, which retain about 95 percent of the foreign assets of U.S. banks, to abide by Basel II recommendations. To compute the capital charge, these banks have to adopt the Advanced Internal Ratings Approach for credit risk and the Advanced Measurement Approach for operational risk in conjunction with Basel II norms.

“The Advanced Measurement Approach is more suited for operational risk measurement than the other two types of risks. They are inherent and unique to the system and any attempt of marking to market will be a futile exercise. Firms had better understand their risk exposure concentration, which will be clearly neglected by the basic or standardized approach,” said Srinivasan Rajasekaran, offshore head, Capital Market Excellence Center (CMEC), Pinnacle Systems Inc.

Rajasekaran, however, feels that “the successful emergence of this approach is purely dependent upon firms’ efficiency in quantifying and qualifying these risk factors. And another critical element is how best the relevant data is handled to manage these risks.”

It is therefore advisable for financial institutions to examine the classification of risk groups in order to find out how much data is internally available. In the case of nonavailability of enough historical data, new business partners and technologies need to be identified to provide it. The need of the hour for financial institutions clearly is to take into account the cost vs. benefit factor of each approach, and work on a stratagem to move on and adopt the most cost-beneficial approach.