1
A SUMMER TRAINING REPORT
ON
OPERATIONAL RISK MANAGEMENT IN BANKING
AT
STATE BANK OF BIKANER & JAIPUR BANK
SUBMITTED IN T...
2
ACKNOWLEDGEMENT
“Nothing we achieve in this world is achieved alone. It is always achieved with
others teaching us along...
3
ABSTRACT
commerical banks are in the risk business. In the process of providing financial
services, they assume various ...
4
TABLE OF CONTENTS
SR. NO TOPIC
1. Introduction about bank.
2. Organization profile of SBBJ bank
3. Introduction to the t...
5
6
ABOUT STATE BANK OF BIKANER AND JAIPUR
Brief History of the Bank
The genesis of State Bank of Bikaner and Jaipur dates b...
7
Bank's Vision and Mission
The Bank has codified its ethos, values, culture and aspirations in its Vision and Mission
sta...
8
Our Management Committee
The management team of SBBJ Bank consists of the following individuals who are very well
qualif...
9
Offerings
Offerings
Personal
Banking
NRI
Services
Inter-
national
Banking
Corporate
Banking
Agri-
culture
Products
Servi...
10
OFFERINGS
1) PERSONAL BANKING
a)DEPOSITS
State Bank of Bikaner & Jaipur offers various deposit plans that you can choos...
11
3) INTERNATIONAL BANKING
International Banking services of State Bank of Bikaner & Jaipur are delivered for the benefit...
12
 Tractor Plus
 Thresher, Implements etc.
 Minor/Micro Irrigation Scheme:
 Loan for new wells /deepening of wells/Bo...
13
14
Indian Banking Sectory
The Reserve Bank of India (RBI), as the central bank of the country, closely monitors
developmen...
15
BRIEF HISTORY ABOUT SBBJ BANK
State Bank of Bikaner & Jaipur (SBBJ) is an associate bank of State Bank of India. Curren...
16
17
OBJECTIVE
To bring to light the various Operational Risks involved in the Banking sector.
To find out the efficiency wi...
18
INTRODUCTION TO RISK MANAGEMENT
What is risk?
Risk is hazard, danger, chance of loss or injury that a person can face. ...
19
A brief description of the various risks is given below:
1) Market Risk
Market Risk is the possibility of loss to a ban...
20
Equity/Commodity risk –
Risk that a bank may suffer losses as a result of adverse movements in equity/commodity
prices ...
21
Reputational risk
The financial implication of a moral obligation cast on a bank in the environment it is
functioning o...
22
23
INTRODUCTION
Since the mid-1990s, the topics of market risk and credit risk have been the subject of much
debate and re...
24
DEFINITION OF OPERATIONAL RISK
Operational Risk: The risk of loss resulting from inadequate or failed internal processe...
25
Dissatisfied customer
Supply or supplier failure Regulatory breaches
Incomplete documentation
Failed trades
Unsettled t...
26
27
SBBJ BANK AND OPERATIONAL RISK
SBBJ Bank has to manage Operational Risk in order to comply with the regulations BASEL I...
28
Improving quality of services/products/processes through robust risk management
system and rewards better risk manageme...
29
THE OPERATIONAL RISK TOOLKIT
The “tools” available for managing Operational Risk at SBBJ Bank:
i) RCSA
ii) KRIs
iii) LO...
30
OBJECTIVES OF RCSA:-
a) Early detection of unidentified, uncontrolled and / or under estimate risks.
b) Assess the acce...
31
Increasing awareness of organizational objective and the important role that internal control
plays in their achievemen...
32
b) Review and approve the RCSA plan and its coverage for the ensuing year.
c) Review and approve RCSA manual at yearly ...
33
 Reporting unit(business unit head, branch head & operational unit head):-
a) Validate the risk events identified duri...
34
Basel Accord and RBI Guidelines lay down 3 approaches for
measuring and managing operational risks and specify certain
...
35
Qualitative criteria addressed by RCSA:
The following qualitative requirements under standardized approach are addresse...
36
 2) KRIs( KEY RISK INDICATORS)
KEY RISK:
key risk is defined as an event that could significantly impact bank‟s abilit...
37
Provide effective monitoring tool to track change in risk levels and keep management apprised of
shift in thresholds.
T...
38
Key process steps for identification of key risk indicators:
The KRI process comprises of the following phases:
a) Deve...
39
a) Development phase of KRIs:
Development of KRIs is an iterative process initially. It may not be possible to identify...
40
 Lagging/detective control indicators.
- Predictive indicators can be identified by considering how the business can m...
41
 The risk or control it is monitoring.
 The definition of the KRI- it is important to
appropriately define the indica...
42
iii. The units are expected to operate below the
threshold levels in the respective activity/operation.
As mentioned ea...
43
i. The approach taken to setting tolerance for
each KRI may differ.
ii. Tolerance should difference between what is
exp...
44
Roles and Responsibilities
1. Operational risk management committee(ORMC)
o Review and approve the development and impl...
45
5. Reporting unit (business unit head,branch head & operational unit head)
o Submit the relevant data required for KRI ...
46
Essential data element of an AMA model:
Para 8.5.1.1 A bank‟s internal loss data may not be sufficient to model the ope...
47
authorized to make such decisions. The policies and procedures should identify when an
operational risk events becomes ...
48
a) Loss event type
b) Loss event cause; and
c) Loss event effects.
1. Loss event type:
The definition of each loss even...
49
Losses or potential losses arising from an unintentional or negligent failure to meet a
professional obligation to spec...
50
PEOPLE RISK:-
The risk resulting from the deliberate or unintentional actions or treatment of employees and / or
manage...
51
The risk resulting from external events to the bank. This category also includes the risk
presented by actions of exter...
52
 4 . Scenario analysis
Scenario analysis is a systematic and well-reasoned process of getting experts drawn from the
b...
53
Para 8.5.2.6: Scenarios are likely to have a significant influence on the amount of capital
calculation as per AMA. Sce...
54
Scenario analysis process flow and timelines:-
Scenario analysis process flow Time frame
1. Pre-workshop preparation:
a...
55
Roles and Responsibilities:-
Roles and responsibilities of the departments and participants:-
Department & participants...
56
ROLES AND RESPONSIBILITIS OF THE COMMITTEES:-
COMMITTEE PESPONSIBILITIES
Operational risk
management
committee(ORMC)
a)...
57
ADVANTAGE OF SCENARIO ANALYSIS :-
Scenario analysis provides a forward-looking view of operational risk that complement...
58
Managing operational risk is becoming an important feature of sound risk management practices
in modern financial marke...
59
detection of operational problem spots rather than their being pointed out by supervisors/internal
or external auditors...
60
RESEARCH METHODOLOGY
61
Research in common parlance refers to search of knowledge. In other
words research means search for facts-answers to qu...
62
Review the Literature
Error! Reference source not found.
 Research objective
The objective of the study is to understa...
63
ANALYSIS
Operational Risk in Banking, the topic of the project is very complex and critical to the
functioning of the b...
64
by someone else other than the user. A common source of secondary data is organizational
records.
As the project studie...
65
FINDINGS
66
Good co-ordination between the sales and finance department add all comfort ability
to Operational services.
Different ...
67
68
CONCLUSION
On the basis of data provided to me, I can say that bank is trying to moving on the policies
prescribed by R...
69
“How far should risk management go in public banking?”
But the real question is
“How good is risk management in public ...
70
RBI should show the banks as to how the banks can benefit by following their
guidelines.
All the banks should provide c...
71
Bank policies
Bank Manual-RCSA,KRI,LOSS DATA,SCENARIO ANALYSIS
72
RBI CIRCULARS OR BASEL-II
WWW.Sbbjbank.com
www.google.com
www.bankingonly.com
www.rbi.co.in
73
Upcoming SlideShare
Loading in …5
×

Summer training report on Operational risk management at State bank of bikaner & Jaipur bank

1,623 views
1,399 views

Published on

Summer Training Report on Operational Risk Management at State bank of bikaner & Jaipur

Published in: Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,623
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
45
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Summer training report on Operational risk management at State bank of bikaner & Jaipur bank

  1. 1. 1 A SUMMER TRAINING REPORT ON OPERATIONAL RISK MANAGEMENT IN BANKING AT STATE BANK OF BIKANER & JAIPUR BANK SUBMITTED IN THE FULLFILLMENT OF THE REQUIRENMENT OF THE AWARD OF THE DEGREE OF MASTER OF BUSINESS ADMINISTRATION 2012-2014 SUBMITTED BY: JIGYASA SONI Under Guidance Of: Industry Guide Faculty Guide Mrs.Usha yadav Dr. Harsh Purohit Cheif Manager- ORMD Faculty Finance Sbbj Bank, Jaipur wisdom, Bansthali Vidyapith
  2. 2. 2 ACKNOWLEDGEMENT “Nothing we achieve in this world is achieved alone. It is always achieved with others teaching us along the way” It is my proud privilege to express my sincere gratitude to all those who helped me directly or indirectly in completion of this project report… First of all I would like to thank Mr. S. K. Jain ( DGM- IRM Dept. SBBJ Bank, Jaipur.. ) who gave me the opportunity to complete my forty five days summer internship program in SBBJ bank Jaipur as per requirement of my curriculum of MASTER OF BUSINESS ADMINISTRATION… I would like to thank Mr. Sujit Kumar deb (AGM- IRMD . SBBJ Bank,Jaipur), & Mrs. Usha Yadav (Chief Manager operational risk-SBBJ), Sitaram Meena (MIS Dept.) under whose guidance I could learn various operations in SBBJ, Jaipur and for his expert & invaluable guidance, constant encouragement and constructive criticism to accomplish such laborious & exhaustive work timely and perfectly. I would want to thank Prof. Harsh Purohit without his unending support this internship would not have been possible. He always seemed to have time for me to help me in all my difficulties. Last but not least I‟m indebted to those entire people and other personnel working at the SBBJ bank, head office, Tilak Marg, C- Scheme, Jaipur. Who indirectly contributed and without whom this work would not have been possible… Endeavour has been made to make the project error free yet I apologies for the mistakes….. JIGYASA SONI
  3. 3. 3 ABSTRACT commerical banks are in the risk business. In the process of providing financial services, they assume various kinds of financial risks. The past decade has seen dramatic losses in the banking industry. Firms that had been performing well suddenly announced large losses due to credit exposures that turned sour, interest rate positions taken, or derivative exposures that may or may not have been assumed to hedge balance sheet risk. In response to this, commercial banks have almost universally embarked upon an upgrading of their risk management and control systems. Here in this project I have discuss the concept of risk management in banks, to know whether the Banks are following RBI guidelines to manage the risks, shortcomings of the current methodology used to analyze risk, and the elements that are missing in the current procedures of risk management.
  4. 4. 4 TABLE OF CONTENTS SR. NO TOPIC 1. Introduction about bank. 2. Organization profile of SBBJ bank 3. Introduction to the topic 4. Operational risk 5. Risk management at SBBJ Bank. 6. Research design 7. Data Analysis 8. Findings and Suggestions 9. Conclusion 10. Recommendation 11. Bibliography
  5. 5. 5
  6. 6. 6 ABOUT STATE BANK OF BIKANER AND JAIPUR Brief History of the Bank The genesis of State Bank of Bikaner and Jaipur dates back to the year 1943-44, when the Bank of Jaipur Ltd. and the Bank of Bikaner Ltd. came into existence. In 1960, both banks were incorporated as subsidiaries of State Bank of India and named as State Bank of Bikaner and State Bank of Jaipur. On January 1, 1963, both banks were merged into one entity viz. State Bank of Bikaner and Jaipur. The constitution, capital, management and other matters pertaining to the Bank are governed by the provisions of SBI (Subsidiary Banks) Act, 1959. 75% of the shares of SBBJ are held by SBI and the remaining by institutions and general public. The Bank took over the business of the Govind Bank Pvt. Ltd, Mathura on 25th April, 1966. SBBJ went public in the year 1997-98 with an issue of 12.21 lakh shares of 100 each at a premium of 440/-. SBBJ is the only public sector bank with headquarter in Rajasthan. At the time of incorporation, the Bank had a business of 45 crore, net profit of 7.5 lakh and a network of 124 branches (96 in Rajasthan). By March 2013 the business of the Bank increased to 1,30,590 crore, net profit stood at 730.24 crore. The number of branches increased to 1037 ( 855 in Rajasthan) as on 31.03.2013. SBBJ had sponsored three Regional Rural Banks viz. Marwar Gramin Bank (set up in 1976), Sriganganagar Kshetriya Gramin Bank (1984) and Bikaner Kshetriya Gramin bank (1985). These were merged into single RRB viz. MGB Gramin Bank in June 2006. On 25.02.2013 the MGB Gramin Bank (RRB sponsored by SBBJ) and Jaipur Thar Gramin Bank (RRB sponsored by UCO Bank) were amalgamated into a single Regional Rural Bank named 'Marudhara Gramin Bank' sponsored by SBBJ with Head office at Jodhpur. The Bank shoulders Lead Bank responsibility in 9 districts of the State.
  7. 7. 7 Bank's Vision and Mission The Bank has codified its ethos, values, culture and aspirations in its Vision and Mission statements. The Vision and Mission statements were last revised in the year 2000 and a need was felt to revise these statements keeping in view the changed market conditions. Accordingly, the statements were revised in the year 2009-10 and the revised statements are as under:- Vision : “To be a state-of-the-art, customer-centric, values driven and professionally managed banking organisation; committed to the highest standards of good corporate governance practices; perpetual enhancement of the wealth of the shareholders and welfare of all stakeholders and the society”. Mission : “To provide one stop solutions to all the banking needs of customers through a highly motivated, professional and efficient human resources pool with quality of service, customer care and customers‟ business in focus by efficient use of Information Technology in a cost effective manner; meeting the expectations of all stakeholders through transparent, true and fair disclosures and responsive management principles in all the activities; to strive to fulfil corporate social responsibility with special emphasis on financial inclusion throughout the State of Rajasthan and aiming to provide the best banking services to one and all”. The major distinguishing features of the revised Vision and Mission Statements were laying emphasis on being state-of-the-art Bank, adopting good corporate governance practices, welfare of all stakeholders and the society, providing one stop solutions to all customers, efficient use of information technology in a cost effective manner, transparent/ true/ fair disclosures, responsive management principles, fulfilling corporate social responsibility and implementing financial inclusion in the State of Rajasthan.
  8. 8. 8 Our Management Committee The management team of SBBJ Bank consists of the following individuals who are very well qualified, possess rich experience and are competent professionals from their field. Name Designation Shri B Sriram Managing Director Shri Sanjay Kumar Singh Chief General Manager (Retail Banking) Shri Santanu Mukherjee Chief General Manager (Commercial Banking) Shri Nirmal Joshi Chief Vigilance Officer Shri G.D.Rozario GM-Inspection & Audit Shri Siddarth Biswal GM-IT & New Business Shri Narayan Swamy R GM (Try, F&A ) & Chief Financial Officer Shri K.K.Das GM- (Risk Mgmt.,Credit Policy,Procedures)& Chief Risk Officer Shri S.S.Negi GM-MSME,Rural Banking & Financial Inclusion Ms. Papia Sengupta GM- HR & General Administration Shri Haridas K.V. GM-Recovery & Rehabilitation
  9. 9. 9 Offerings Offerings Personal Banking NRI Services Inter- national Banking Corporate Banking Agri- culture Products Service to SME's Other Services
  10. 10. 10 OFFERINGS 1) PERSONAL BANKING a)DEPOSITS State Bank of Bikaner & Jaipur offers various deposit plans that you can choose from depending on the nature of deposit, term period, unique saving and withdrawal features. Apart from competitive interest rates and convenient withdrawal options, our deposit plans offer other features such as overdraft facility, outstation cheque collections, safe deposit lockers, ATM's etc. b) SAVINGS BANK ACCOUNT Simplest deposit option available to the depositor. Easy to operate. Terms and conditions kept simple to facilitate understanding. No hidden costs. Low minimum balance requirement. Option to withdraw money through withdrawal forms or by cheque. An ideal option to cultivate the habit of banking and saving amongst the younger generation. Students above 10 years can open accounts in their own names. Easy withdrawal of cash under single window concept. 2) NRI SERVICES India is one of the fastest growing economies of Asia and offer unique opportunities to Non- Resident Indians, both individuals and corporations, for investment. The country is looking towards its Non-Residents for flow of foreign exchange resources and invite all Non-Resident Indians to contribute their mite in its developmental activities. One of such avenues is deposit of funds with the banks and we, the State Bank of Bikaner and Jaipur, welcome you all for putting your deposits in any of our branches. State Bank of Bikaner and Jaipur is one of the associates of State Bank of India with over 833 offices in India and a network of correspondents all over the world. We can meet all your needs offering satisfactory Banking services. We offer undernoted type of accounts:  Finest and fastest rates for any foreign exchange transaction, for any account and for any delivery.  Forward cover as well as rollover cover.  Market intelligence from our extensive database  Profiles, prospects, rate forcast for foreign currencies.  Counseling, risk management and hedging of your total foreign exchange exposure in the long-term perspective.
  11. 11. 11 3) INTERNATIONAL BANKING International Banking services of State Bank of Bikaner & Jaipur are delivered for the benefit of its Indian customers, non-resident Indians, foreign entities and banks. Amongst the various services offered by us are. For this purpose 68 of our branches are authorized to do Forex business.  Services for exporters and importers  Services for domestic customers  SBBJ expo gold card  Export credit interest rate  Interest gold card  Service charges 4) CORPORATE BANKING WE provide financial products / services of a wide range for large, medium and small corporates Infrastructure, non-infrastructure, manufacturing units, and services such as tourism- we are there to cater to the needs of all. We provide both fixed interest and floating interest loans. SBBJ offers:  Working Capital Finance including Trade Finance  Export Credit  Project Finance  Deferred Payment Guarantee  Term Loan  Loan Syndication 5) AGRICULTURAL PRODUCTS We, at State Bank of Bikaner & Jaipur have always understood the need for developing the agrarian community of the nation. As such we are committed to the development of Agriculture, not only in the state of Rajasthan, but also elsewhere in the country. To cater to the needs of the farmers, we offer finance for a number of activities as enumerated below  Kisan Credit Card Scheme (KCC)  Kisan Gold Card Scheme (KGC)  Loans for Purchase of Agricultural Implements:
  12. 12. 12  Tractor Plus  Thresher, Implements etc.  Minor/Micro Irrigation Scheme:  Loan for new wells /deepening of wells/Bore wells  For pump sets diesel/electric/submersible.  For conveyance Pipes/Lining of water courses.  For sprinkler sets  For drip sets  Loans for activities allied to Agriculture  Dairy Loans  Loans for Poultry/Sheep/Goat rearing.  Loans for Medicinal & Horticulture Plantation  Kisan Vahan Yojana  Vermi Compost Scheme for Organic Farming  For development of storage facilities  Construction of farmers/Rural godowns  Cold storage  For Rural housing – Gramin Awas/ Sahyog Niwas Schemes.  Arthias Plus scheme.  Loans to Agri Input seeds, fertilizers/Agri. Machinery dealers/Cattle feed and Poultry feed dealers.  Others. 6) SERVICES TO SME’S Interest Simplified Common Loan Application Form For MSEs Regional MSME Care Centre 7) OTHER SERVICES  Cross selling activities  E-mitra  Dermat services  Internet banking  ATM services  Real time gross settlement  National electronic fund transfer  Zero balance current account
  13. 13. 13
  14. 14. 14 Indian Banking Sectory The Reserve Bank of India (RBI), as the central bank of the country, closely monitors developments in the whole financial sector. It was established in April 1935 with a share capital of Rs. 5 crores on the basis of the recommendations of the Hilton Young Commission. Reserve Bank of India was nationalized in the year 1949. As at end-March 2002, there were 296 Commercial banks operating in India. This included 27 Public Sector Banks (PSBs), 31 Private, 42 Foreign and 196 Regional Rural Banks. Also, there were 67 scheduled co-operative banks consisting of 51 scheduled urban co-operative banks and 16 scheduled state co-operative banks. Retail Banking is the new mantra in the banking sector. The home loans alone account for nearly two-third of the total retail portfolio of the bank. According to one estimate, the retail segment is expected to grow at 30 to 40% in the coming years. Net banking, phone banking, mobile banking, ATMs and bill payments are the new buzz words that banks are using to lure customers. Just too many players. 27 Public sector banks, 31 Private Banks and 29 foreign banks. The Indian banking sector is headed for consolidation. The presence of many regional players will see few banks emerging as global competitors. Future belongs to technology. Cheaper delivery points like Internet and tele banking to improve their shares. ATM banking costs 80% while Internet and telebanking costs only 15% compared to normal banking transactions.
  15. 15. 15 BRIEF HISTORY ABOUT SBBJ BANK State Bank of Bikaner & Jaipur (SBBJ) is an associate bank of State Bank of India. Currently, SBBJ has 1000 branches, mostly located in the state of Rajasthan, India. Its branch network out of Rajasthan covers all the major business centers of India. In 1997, the Bank entered in the capital market with an Initial Public Offering of 13,60,000 shares at a premium of Rs 440 per share. State Bank of Bikaner & Jaipur came into existence on 1963 when two banks, namely, State Bank of Bikaner (established in 1944) and State Bank of Jaipur (established in 1943), were merged. Both these banks were subsidiaries of the State Bank of India under the State Bank of India (Subsidiary Bank) Act, 1959. On April 25, 1966 SBBJ took over Govind Bank, Mathura. In 1984 SBBJ sponsored and established Ganganagar Kshetriya Gramin Bank as a Regional Rural Bank. Thereafter, in 1985 SBBJ opened the Bikaner Kshetriya Gramin Bank, the second Regional Rural Bank sponsored by it. The third Regional Rural Bank, sponsored by SBBJ was Marwar Gramin Bank covering the districts of Pali, Jalore and Sirohi. On 12 June 2006, SBBJ merged all three Regional Rural Banks sponsored by SBBJ were merged and the merged entity was named MGB Gramin Bank, with headquarters in Pali. The bank follows transparent corporate goverence polocies and has smoothly migrated to Basel II. On the technology front , the bank migrated all branches to core banking solution and become among the first new bank in india to offer outline banking facilities across the country the bank has installed 495 ATMs.
  16. 16. 16
  17. 17. 17 OBJECTIVE To bring to light the various Operational Risks involved in the Banking sector. To find out the efficiency with which Sbbj Bank can handle and manage Operational Risk. To know the guidelines set up by RBI for commercial banks. To know whether the banks are following those guidelines or not. To know the bank performance.
  18. 18. 18 INTRODUCTION TO RISK MANAGEMENT What is risk? Risk is hazard, danger, chance of loss or injury that a person can face. It is also the degree of probability of loss and volatility of unexpected outcomes. Operating in a liberalized and globalized environment, banks are exposed to various kinds of risks that can emanate from financial and non-financial factors. Generally, risks faced by banks are grouped into clearly identifiable categories, which include i) Credit risk ii) Market risk iii) Operational risk. With progressive de-regulation, cross border dealings, globalization, introduction of wide range of products and services, improvement in technology and communications significant changes have occurred in the operating environment as well as in the balance sheets of banks. Risks faced by banks have now increased manifold posing significant challenges to both, banks and the supervisor. To respond to these challenges there have been various supervisory initiatives to induce better operating standards in banks, greater transparency and sensitivity towards risk management by banks.
  19. 19. 19 A brief description of the various risks is given below: 1) Market Risk Market Risk is the possibility of loss to a bank caused by changes in the market variables. The Bank for International Settlements (BIS) defines market risk as “the risk that the value of „on‟ or „off‟ balance sheet positions will be adversely affected by movements in equity and interest rate markets, currency exchange rates and commodity prices”. Market risk consists of: - Liquidity risk Liquidity risk occurs when Bank is not in a position to pay amounts due to its customers/counterparties or these are met by borrowing from the market at high cost. Measured in terms of the negative gap in any time bucket. As per RBI guidelines, this gap should not exceed 20% of outflows in first two time buckets. Interest Rate Risk The risk that changes in interest rates will adversely impact the revenues and balance sheet. Balance sheet comprises of diverse assets and liabilities, each of which is subject to different interest rates, maturity period. Hence, calculation of impact of interest rate changes is a complex and computer-intensive task. Forex risk Risk that a bank may suffer losses as a result of adverse exchange rate movements during a period in which it has an open position.
  20. 20. 20 Equity/Commodity risk – Risk that a bank may suffer losses as a result of adverse movements in equity/commodity prices during a period in which it has an open position. 2) Operational risk Operational risk arises out of inadequate or failed internal processes, people and systems or from external events. It includes People risk (incompetence, frauds, work environment, motivation) Process risk (errors in transactions, product complexities) Operational control risk (failure of operational controls, volumes) Model risk (model application error, methodology error). For risk profiling of banks under RBS, the following risks have also been included in operational risk: -. Legal risk Legal risk can arise due to the possibility of actions of a bank not being in conformity with the laws of a country or being in violation there of. The bank can also experience legal risk when customers approach court of law for redressal of their grievances where transactions with its counterparties are not supported by proper documents or the terms of the contract are unclear or even due to lack of well established legal pronouncements in cases where issues involved are nebulous. Legal risk can also assume shades of cross border risk when the legal requirements of other countries are unknown or unclear or when jurisdiction ambiguities with respect to the responsibilities of different national authorities arise.
  21. 21. 21 Reputational risk The financial implication of a moral obligation cast on a bank in the environment it is functioning or by virtue of its association with another organization is called Reputational risk. Reputational risk is the potential of suffering loss due to significant negative public opinion, bad or wrong publicity. It could arise either from the bank‟s own failure to perform or due to the actions of a third party. The bank can also experience Reputational risk on account of contagion effect of adverse developments in its subsidiaries. Technology risk Technology risk can arise out of IT related factors like validity of IT systems, back up and disaster recovery systems, failure of systems, security of systems, programming errors, etc. It can also arise due to obsolescence of technology being used, technology not being in alignment with business needs or adoption of untried and untested technology, inability of staff to respond to new technology etc. Adoption of Internet banking, in the initial stages, can also be fraught with several risks like reputation risk, legal risk including cross border risk and money laundering risk. 3) Credit Risk Credit risk is defined as the possibility that a borrower or counterparty will fail to meet its obligations in accordance with agreed terms. Credit risk, therefore, arises from the banks dealings with or lending to a corporate, individual, another bank, financial institution or a country. Credit risk may take various forms, such as:  In the case of direct lending, that funds will not be repaid;  In the case of guarantees or letters of credit, that funds will not be forthcoming from the customer upon crystallization of the liability under the contract;  In the case of treasury products, that the payment or series of payments due from the counterparty under the respective contracts is not forthcoming or ceases;  In the case of securities trading businesses, that settlement will not be effected;  In the case of cross-border exposure, that the availability and free transfer of currency is restricted or ceases.
  22. 22. 22
  23. 23. 23 INTRODUCTION Since the mid-1990s, the topics of market risk and credit risk have been the subject of much debate and research, with the result that financial institutions have made significant progress in the identification, Measurement and management of both these forms of risk. Globalization and deregulation in financial markets, combined with increased sophistication in financial technology, have introduced more complexities into the activities of banks and therefore their risk profiles. These reasons underscore banks' and supervisors' growing focus upon the identification and measurement of operational risk. Events such as the September 11 terrorist attacks, rogue trading losses at Societe Generale, Barings, AIB and National Australia Bank serve to highlight the fact that the scope of risk management extends beyond merely market and credit risk. The list of risks (and, more importantly, the scale of these risks) faced by banks today includes fraud, system failures, terrorism and employee compensation claims. These types of risk are generally classified under the term 'operational risk'. The identification and measurement of operational risk is a real and live issue for modern-day banks, particularly since the decision by the Basel Committee on Banking Supervision (BCBS) to introduce a capital charge for this risk as part of the new capital adequacy framework (Basel II). State bank of bikaner & jaipur Bank is no exception. The Bank in order to minimize the Operational Risk in its daily operations have put in place certain controls and checks , thereby complying with the necessary regulations. This project highlights the involvement of financial risk while processing of bank‟s various products and services.
  24. 24. 24 DEFINITION OF OPERATIONAL RISK Operational Risk: The risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events. Operational risk is one of the three primary risk disciplines in the financial services industry, along with Credit Risk and Market Risk. It includes legal, Technology and reputational risk to the Bank that they are impacted or impact Operational Risk. There have been a number of major incidents within financial organizations over recent years caused not by credit or market risks, but by the very nature of risks associated with running a financial services company, known as Operational Risk. Some of the causes of operational risk: There are numerous causes of operational risk. For eg, day-to-day problems such as the difficulty in recruiting and retraining staff. Other examples of operational risk: Fires, flood and earthquake- risk arising from natural disorders. Fraud Terrorist attacks Human error Hacking
  25. 25. 25 Dissatisfied customer Supply or supplier failure Regulatory breaches Incomplete documentation Failed trades Unsettled transactions Unauthorized transactions Inadequate checking Untrained staff Misleading advertising Failure to treat customers fairly Unsafe buildings, System Failure
  26. 26. 26
  27. 27. 27 SBBJ BANK AND OPERATIONAL RISK SBBJ Bank has to manage Operational Risk in order to comply with the regulations BASEL II BASEL II In 2007 a new directive came into force for all financial companies known as BASEL II This directive defines Operational Risk as one of the three risks for which all banks mast: - Put aside capital (PILLAR 1) - Be available for supervisory review (PILLAR 2) - Disclose information to the market (PILLAR 3) OPERATIONAL RISK MANAGEMENT POLICY Operational risk management(ORM) policy sets the tone and objectives of operational risk management in SBBJ .the ORM policy at SBBJ has been approved by the Board of Directors on 24/09/2004 and subsequently reviewed on 19/01/2006. The Objectives of ORM are: Enabling a pro-active operational risk management framework which covers: Risk identification Risk assessment Risk control/mitigation plans Risk measurement Capital calculation Risk monitoring and reporting-covering “KRIs, risk reporting, validation of RCSA risk assessment with empirical loss data” as pro-active risk monitoring tools.
  28. 28. 28 Improving quality of services/products/processes through robust risk management system and rewards better risk management. Developing a common understanding of operational risk across the bank involving every employee at all levels and assign risk ownership. - This policy is applicable to all branches/business units of the bank and has been circulated to all branches/offices of the bank. THE OPERATIONAL RISK FRAMEWORK Operational Risk Policies & Procedures- what needs to be done Compliance assurance- how we know it is being done Risk & Loss Reporting- information in an accessible and consistent format An Operational Risk Management Toolkit- Key Control Standards (KCS), Key Control Self- Assessment (KCSA) and Key Risk Indicators (KRI) An Operational Risk Committee structure- the management structure People with defined roles & responsibilities- who does what
  29. 29. 29 THE OPERATIONAL RISK TOOLKIT The “tools” available for managing Operational Risk at SBBJ Bank: i) RCSA ii) KRIs iii) LOSS DATA iv) SCENARIO ANALYSIS OPERATIONAL RISK ASSESSMENT PROCESS:-  1) RCSA(RISK AND CONTEOL SELF-ASSESSMENT) A risk and control self-assessment (RCSA) forms an integral elements of the overall operational risk framework.is it helps the bank in risk identification and risk management efforts and to improve the understanding control and oversight of its operational risks. Purposes of RCSA An RSCA programs covers two business lines functions- risk self-assessment and control self- assessment. Risk self-assessment is a practice that enables department‟s heads to analyze various business risks and rank them as high, medium, low based on potential losses. A control self-assessment program helps senior manager ensure that internal controls, procedures and mechanism are adequate, functional and conform to top leadership‟s recommendations, industry practices, professional standards and regulatory guidelines.
  30. 30. 30 OBJECTIVES OF RCSA:- a) Early detection of unidentified, uncontrolled and / or under estimate risks. b) Assess the acceptability level of identified risks and controls. c) Evaluation of effectiveness in the risk profils. d) Identify material changes in the risk profile. e) Establish a relationship between changes in the business environment and controls with the risk profile. f) Involve the business and support groups (IT , LEGAL , HUMAN RESOURCE) in their risk assessment, thereby creating responsibilities from respective management to proactively manage and monitor its operational risks, framing and implementation of mitigation plans. RBI GUIDELINES FOR RCSA RBI Guidelines on risk and control self-assessment forming part of the circular issued on “Guidance note on management of operational risk” dated 14th October, 2005.these are:- Para 4.8:-A bank assesses its operational and activities against a menu of potential operational risk vulnerabilities . this purpose is internally driven and often incorporates checklists and / or workshop to identify the strength and weakness of the operational risk environment. BENEFITS OF RCSA:- A risk and control self-assessment framework is critical in a banking sector. RCSA program include early detection of risks that have not been effectively managed and the development of mitigation plan that safeguard the bank against significant business risks occurring. RCSA also improves the control environment by:
  31. 31. 31 Increasing awareness of organizational objective and the important role that internal control plays in their achievement. Training participants how to analyses and report on internal controls. Helping to achieve a culture where employee apply risk management processes in their day to day STEPS FOR RCSA RCSA include four key steps: 1. Risk identification 2. Risk assessment 3. Risk mitigation/control 4. Risk reporting ROLES AND RESPONSIBILITIES:-  Operational risk management committee (ORMS):- a) Review and approve the development and implementation of operational risk methodologies for risk and control self-assessment(RCSA).
  32. 32. 32 b) Review and approve the RCSA plan and its coverage for the ensuing year. c) Review and approve RCSA manual at yearly intervals. d) Review the risk profile, understand future changes and threats and prioritize actions steps.  Operational risk management department (ORMD):- a) Responsible for establishing and implementing the RCSA procedures contained in this manual. b) Maintenance of library of risk registers. c) Facilitate conduct of workshops to assess residual risk and design effectiveness of controls. d) Reporting of RCSA results to the ORMS. e) Design RCSA training programme.  Zonal OR managers:- a) Assist in testing controls identified as mitigating action points during the RCSA exercise. b) Identify the outliner in the RCSA exercise. c) Develop RCSA training programme in coordination with ORMD. d) Reporting of consolidated RCSA data.
  33. 33. 33  Reporting unit(business unit head, branch head & operational unit head):- a) Validate the risk events identified during the RCSA process b) Approve the residual risk rating. c) Endorse the control rating for the RCSA entity. d) Ensure successful completion of the RCSA exercise. e) Submit the RCSA results to the ZORM as per the time schedule. f) Develop risk mitigation plan and follow up on the implementation for bringing down the risk scores to acceptable levels within definite timelines.  RCSA PARTICIPANTS (OFFICIALS WHO PARTICIPANTS IN RCSA):- a) Complete the RCSA exercise in a timely manner. b) Provides the RCSA template(completed) to the head of RCSA entity for validation.  INSPECTION & AUDIT DEPARTMENTS:- a) Independent review/audit of the bank‟s RCSA process. b) Share information on inspection reports with ORMD to review and enhance its risk.
  34. 34. 34 Basel Accord and RBI Guidelines lay down 3 approaches for measuring and managing operational risks and specify certain qualitative criteria in respect of each approaches which are addressed by RCSA. 1)APPROACH : Basic Indicator Approach Qualitative criteria addressed by RCSA: No specific criteria suggested by Basel, but it encourage banks to follow guidance of sound practices on operational risk management(SPOR).the following principal Of SPOR are addressed by RCSA methodology:  Principal 4: Banks to identify and assess the inherent risk in all material products, activities, process and system.  Principal 5: regular monitoring of OR risk profile and material exposures to losses. Regular reporting of pertinent information to senior management and the board for proactive ORM.  Principal 6: policies, process and procedures in place to control and/or mitigate material OR. 2 APPROCH : Standardized Approach
  35. 35. 35 Qualitative criteria addressed by RCSA: The following qualitative requirements under standardized approach are addressed by RCSA:  ORM function to incorporate following elements:  Strategies to identify, assess, monitor and control/mitigate operational risk.  Risk reporting system for operational risk. 3.APPROCH: Advance measurement Approach(AMA) Qualitative criteria addressed by RCSA: The bank must have an independent operational risk management function that is responsible for the design and implementation of the bank‟s operational risk management framework. The operational risk management function is responsible for:  Codifying bank-level policies and procedures concerning operational risk management and controls.  Design and implementation of a risk- reporting system for operational risk; and  Developing strategies to identify, measure, monitor and control/mitigate operational risk.
  36. 36. 36  2) KRIs( KEY RISK INDICATORS) KEY RISK: key risk is defined as an event that could significantly impact bank‟s ability to implement its strategy and to achieve its established objectives. KEY RISK INDICATORS: Key risk indicators (KRIs) are early warning signals, which enable management to Monitor and mitigate operational risks that are beyond acceptable levels. These are Statistics and / or metrics, which can provide insight into a bank‟s operational, risk profile and its changes. Example of KRIs would be- For branches numbers of days , day end cash did not tally numbers of days cash retention limit was breached, number of days ATM cash did not tally with admin balance. OBJECTIVES: The KRIs framework aims at the following:
  37. 37. 37 Provide effective monitoring tool to track change in risk levels and keep management apprised of shift in thresholds. Timely reporting of significant control slippages. Minimize the occurrence of a risk event/loss; and Provide a homogenous monitoring tool that can give the bank a complete view of its operations. Quantify, where applicable operational risk appetite of the bank. Key risk indicator process The key risk indicator process is to establish indicators for each of the key risks which appear on the business risk profile .the number of indicators and the type of indicators that can be identified for which risk will vary depending on a number of factor. In general key risk indicators(KRIs) have the following attributes: a) Indicators are linked to risks or controls identified in the RCSA exercise. b) Indicators need to be appropriately defined to ensure understanding of the measures i.e whether KRIs will be monitored on a percentage basis or whole number etc. c) Data need to be sourced for each indicators. d) Thresholds should be established to reflect the business tolerance or appetite to risk; e) Indicators need to be monitored, reported and escalated appropriately; and f) Thresholds to be established for each KRI.
  38. 38. 38 Key process steps for identification of key risk indicators: The KRI process comprises of the following phases: a) Development Phase of KRIs i) Identification and documentation of KRIs. ii) Source , validation and analysis data iii) Determine threshold levels for monitoring KRIs. b) Ongoing review of KRIs i) Aggregation of KRIs ii) Monitoring of KRIs The pictorial representation of key steps and processes involved in identification of key risk indicators (KRI) is as under: DdDevelopment Ongoing reviewDevelopment Ongoing review Source, validate and Analyse data Identify and document KRIs Determine Tolerance Aggregation of KRIs Monitor KRIs
  39. 39. 39 a) Development phase of KRIs: Development of KRIs is an iterative process initially. It may not be possible to identify meaningful KRIs. However , as knowledge of the drivers or causes of risks and controls improve more effective indicators can be identified. Identification and documentation of KRIs Identification of KRIs 1. Preparation Result from the RCSA exercise should be used as the starting point for the identification process. The documented controls of the RCSA entity should be classified as either preventive or detective controls.  A preventive control helps to prevent or stop the risk event from occurring.  A detective controls aids the business to identify whether a risk events has occurred.  A recovery control helps the business minimize the impact of an event should it occur. Indicators linked to preventive controls are generally more predictive in nature than those for detective controls. 2. How to identify indicators When identifying potential indicators, it is useful to consider the four main categories of KRIs:  Predictive/lead risk indicators  Predictive/lead control indicators  Lagging/detective risk indicators
  40. 40. 40  Lagging/detective control indicators. - Predictive indicators can be identified by considering how the business can monitor the cause and preventive controls in place. - Lagging indicators usually relate to the risk consequence, detective or recovery controls. Examples for preventive/lead indicator  Where an employee earlier handled on an average 20 transaction in a day, due to business growth, the employee now handle 40 transactions in a day. The increase in volume without a corresponding increase in manpower would imply that an employee would have to skip some parts of the process would have to skip some parts of the process so as to complete the increased volume within the same time period. Thus percentage increase in the business without increase in manpower is a leading indicator of the potential error in the process.  The type of deviations in account opening process would indicate the likelihood of fraud occurrence. Example for detective / lag indicator  Percentage of customer complaints is a lag indicator of the level of customer satisfaction. Documentation of KRIs The following information should be documented for each KRI:  The title of the KRI- what the indicator is called e.g. staff turnover, customer complaints, etc.
  41. 41. 41  The risk or control it is monitoring.  The definition of the KRI- it is important to appropriately define the indicators this ensures that the correct data is sourced and inform how the indicators is to be interpreted e.g. how will staff turnover be measured.  If the KRI is predictive or lagging.  If the indicator is a risk or control indicator. i. Source, Validation and Analyses Data  Assessing Data Quality  Change to data  Extraction of data ii. Determine Threshold level for monitoring of KRIs a) Threshold level zones Thresholds determine how well the bank‟s operational activities are managed. In simple terms a threshold level is a measure which determines the seriousness/ probability of a risk materializing. i. Threshold levels can be measured at the 3 levels namely- GREEN, AMBER and RED. ii. These thresholds also demonstrate the risk tolerance of the activity/ operation.
  42. 42. 42 iii. The units are expected to operate below the threshold levels in the respective activity/operation. As mentioned earlier, thresholds would be calibrated into green, amber and red zones. The color coding is assigned to facilitate the attention of the management to the areas that are critical. These zones would represent the tolerance level of the indicators: RED Highlights the need for immediate resolution. AMBER A potential problem that requires further review and analysis. GREEN No immediate concern. Red (Unacceptable): The KRIs should be escalated to senior management and appropriate mitigation initiatives implemented to manage the KRI back to the green zone. Amber(increased concern): The KRI should be closely monitored and where appropriate actions should be put in place to manage the KRI back to green zone. Green(Acceptable): Normally no action required. b) Criteria for threshold determination: When setting tolerance , the following guidelines may be useful for the bank to consider:-
  43. 43. 43 i. The approach taken to setting tolerance for each KRI may differ. ii. Tolerance should difference between what is expected(business as usual ) variance in data and what may highlight there is an increased chance of risk occurring or a control failing. iii. The bank may want to consider setting more prudent tolerance thresholds initially until experience of monitoring and analyzing the data is deeper. iv. Tolerance should be set at level to meet management needs I .e at what level should management be made aware of a particular metrics. Ongoing review of KRIs i. Aggregation of KRIs KRI that are similar across the various units of the bank can be consolidated for reporting at the entity level, if there are multiple indicators for a single risk group , average of the scores of all the indicators can be reporting purpose. Monitoring of KRIs: On an ongoing basis KRIs need to be reviewed to assess the degree of relevance and relevance and usefulness in monitoring the underlying risk and control.
  44. 44. 44 Roles and Responsibilities 1. Operational risk management committee(ORMC) o Review and approve the development and implementation manual of operational risk methodologies for key risk indicators. o Approving threshold level for various KRIs. In consultation with ORMD. 2. Zonal level operational risk management committee(ZRMC) o Discuss and recommend suitable actions for KRIs to ORMD. 3. Operational risk management department (ORMD) o Maintain and update the list of key risk indicators (KRIs) and related policy documentation. o Reporting KRI analysis results to ORMC. o Testing and validating KRIs. o Decide on threshold on KRIs in consultation with business and support groups and place it before respective ORMC for approval. 4. OR managers o Coordinate with ORMD and respective reporting units for gathering data for KRIs. o Verify completeness of all KRIs reported & consolidate KRIs at the zonal level. o Assist in testing of KRI values reported as required by ORMD. o Report the KRI‟s to ZRMC.
  45. 45. 45 5. Reporting unit (business unit head,branch head & operational unit head) o Submit the relevant data required for KRI reporting. o Ensure successful completion of the KRI exercise. o Provide evidence to OR manager, during KRI testing. 6. Inspection & audit department o Independent assessment and evaluation of the KRI process. o Test-check the data provided by reporting units during internal audits.  3 LOSS DATA MANAGEMENT: DEFINATION: - The operational risk loss data, derived from pooling of individual loss experience, provides banks with an invaluable insight into the past frequency of the events and their impact. In addition of the loss information, the associated rating of business and control environment at the time of loss is also collected. Combined together these evaluations help banks derive the loss distributions for each of the ratings or risk classes. Regulatory guidelines: RBI Guidelines on loss data management from part of the circular issued on “implementation of the Advance Measurement Approach (AMA) for calculation of capital charge for operational risk “dated 27th April, 2011.the important guidelines are as under:-
  46. 46. 46 Essential data element of an AMA model: Para 8.5.1.1 A bank‟s internal loss data may not be sufficient to model the operational risk exposures faced by the bank as many of the potential risks to which the bank is exposed would not have materialized during the life of the bank. Basel II framework, therefore, requires that a bank measurement system must incorporate four key data input. These four inputs/elements are:  Internal bank  Relevant external operational risk data;  Scenario analysis; and  Business environment and control factors (BEICFs) : [BEICF are indicators of a bank‟s operational risk profile that reflects underlying business risk factors and an assessment of the effectiveness of the internal control environment. Internal loss data Para 8.5.4.3 (i): the collection, tracking and use of internal loss data is an essential pre-requisite to the development and functioning of a credible and robust ORMS. Para 8.5.4.3 (ii): the bank should have documented policies and procedures for assessing the ongoing relevance of historical internal loss data, including situations where scaling, judgment overrides or other adjustment may be used , to what extent that may be used and who is
  47. 47. 47 authorized to make such decisions. The policies and procedures should identify when an operational risk events becomes an operational risk loss for the purpose of collection within the operational risk loss data base and when it is to be included in the calculation data set. The policies and procedures should provide for consistent treatment across the bank. Para 8.5.4.3 (5) A bank adopting AMA should have a minimum 5 years observation period of internal loss data requirement whether the internal loss data is used to be the operational risk measure or to validate it, the 5 years loss data should be available with the bank for building the operational risk measure or to validate it before making a formal application to RBI for Implementing AMA. However, when a bank first moves to an AMA , a 3 years historical data window may be allowed subject to written approval by RBI. RBI would consider this based on factors such as quality of operational risk management systems, quality of external of external data available and banks. OBJECTIVES OF LDM (LOSS DATA MANAGEMENT): The LDM framework aims at the following:-  Timely and immediate reporting of incident.  Minimizing the future recurrence of similar loss events , by identifying control weakness and initiating root cause analysis.  Complying with the regulatory requirements.  Meeting the loss data collection standard.  Facilitating the calculation of regulatory capital; and  Providing a transparent and uniform framework for LDM. LOSS DATA ELEMENTS: Any operational loss event will comprises three elements viz. cause of the loss, loss event type and the loss effect. it is important to identify losses and categorize them into their appropriate event type and business line. given below the definitions of:-
  48. 48. 48 a) Loss event type b) Loss event cause; and c) Loss event effects. 1. Loss event type: The definition of each loss event type is detailed below: Internal fraud (IF):- Losses or potential losses due to acts of a type intended to defraud, misappropriate property. Example:- a) Losses to the resulting from the instance of an employee paying illegal compensation to generate or retain business. b) Losses to the bank resulting from unauthorized trading. External fraud (EF):- Losses or potential losses due to acts of a type intended to intended to defraud , misappropriate property or circumvent the law, by the third party. Example:- a) Losses to the bank resulting from a default of a loan where it was determined that the loan had been obtained through fraudulent documents. b) Losses resulting from fraud by false identify or identify theft by using computer systems. Employment practices and workplace safety(EPWS):- Losses or potential losses arising from acts inconsistent with employment, health or safety laws or agreements , from payment of personal injury claim, or from diversity/ discrimination events. Examples:- a) Losses to the bank resulting from discrimination against employee based on age, gender, religion or sexual orientation. b) Losses to the bank resulting from the unavailability of workforce due to store specific to the bank. Client, products & business practices(CPBP):-
  49. 49. 49 Losses or potential losses arising from an unintentional or negligent failure to meet a professional obligation to specific clients (including fiduciary and suitability requirements ), or from the nature or design of a product. Examples:- a) Losses resulting from breach of corporate policies like:branding, communication, email rerention ,investigation ,outsourcing, etc. b) Losses on account of miselling. Damage to physical assets(DPA):- Losses arising from loss or damage to physical assets from natural disasters or other events. Examples:- a) Losses resulting from disruption caused by civil/political actions. b) Losses resulting to the bank from floods, landslides , etc. Business disruption & system failures(BDSF):- Losses arising from disruption of business or system failures. Examples:- a) Losses to the bank resulting from the use of absolute systems that cannot handle current workload, volume or product complexity. b) Losses caused by interruptions of communication lines, e.g. telephone lines, security access network (staff cannot enter the building). EXECUTION, DELIVERY & PROCESS MANAGEMENT(EDPM):- Losses from failed transactions processing or process management, from relations with trade counterparties and vendors. Examples:- a) Losses to the bank resulting from failure to deliver mandatory reports. b) Losses to the bank resulting from the omission of valid documents in marketing materials, or from poor or non- existent documentation. c) Losses on account of employee‟s missing deadlines ( not remitting to RBI on time.) d) Losses on account of incorrect entries posted and subsequent temporary overdraft granted to the customer. LOSS EVENT CAUSES:- Operational risk loss events can be grouped into the following categories, according to the cause of the loss events:-
  50. 50. 50 PEOPLE RISK:- The risk resulting from the deliberate or unintentional actions or treatment of employees and / or management – i.e employee error, employee misdeeds- or involving employees, such as in the area of employment deployment disputes. The risk class covers internal organizational problem and losses. Examples:- a) Human resource issues(employee unavailability, hiring/firing etc.) b) Personal injury- physical injury (health and safety, etc.). PROCESS RISK:- Risk related to the execution and maintenance of transaction , and the various aspects of running a business, including products and services. Examples:- a) Business /operational process (lack of proper due diligence , inadequate/ problematic account reconciliation, etc.) b) Error and omissions (inadequate maker/ checker controls, inadequate/ problematic quality controls,etc.) TECHNOLOGY RISK:- The risk of loss caused by a piracy , theft , risk resulting from inadequate or failed systems infrastructure including network , hardware , software , communication and their interface; also include risk of technology failing to meet business needs. Examples:- a) General technology problems (Unauthorized use/misuse of technology, etc.) b) Hardware c) Security (hacking, firewall failure, etc.) d) Software (computer virus, programming bug , etc) e) Systems (system failures , systems maintenance , etc.) f) Telecommunication ( telephone , fax , etc.) EXTERNAL EVENTS:-
  51. 51. 51 The risk resulting from external events to the bank. This category also includes the risk presented by actions of external parties or in the case of regulators, the execution of change that would alter the bank‟s ability to continue operating in certain markets. Examples:- a) Disasters (natural disasters, non- natural disasters, etc.) b) External misdeeds (external fraud, external money laundering, etc.) c) Litigation/regulation (capital control, regulatory change, legal change, etc.) LOSS EVENT EFFECTS:- This refers to the effect by an operational risk event. Following are some categories of loss effects;- a) Legal liability due to operational risk. b) Loss/damage of assets; this refers to direct reduction in value of physical assets. c) Write downs: this refers to direct reduction in value of assets. d) Loss of recourse: this refers to payments or disbursements made to wrong parties and not recovered.
  52. 52. 52  4 . Scenario analysis Scenario analysis is a systematic and well-reasoned process of getting experts drawn from the business and relevant support functions to estimate the most severe losses that could materialize in the firm and the likelihood of such occurrences. Scenario analysis for operational risk involves analyzing events that might occur infrequency , but have the potential for significant business impact(i.e. losses) that have a significant impact on capital. Scenarios are defined as an outline, description or model of a sequence of unexpected or adverse events. AIMS OF SCENARIO ANALYSIS:- Scenario analysis aims to identify and assess severe operational risk events that could plausibly happen. OBJECTIVES OF SCENARIO ANALYSIS:- The objectives of operational risk scenario analysis is to identify potential scenario applicable to your business, assess how bad these could be, and consider the events and failures that would need to occur for such an event to crystallize. RBI GUIDELINES ON SCENARIO ANALYSIS :- Rbi guidelines on scenario analysis from part of the circular issued on implementation of the advanced measured approach (AMA) for calculation of capital charge for operational risk “ dated 27th april , 2011. The important guidelines are as under:-
  53. 53. 53 Para 8.5.2.6: Scenarios are likely to have a significant influence on the amount of capital calculation as per AMA. Scenarios involving multiple risk factors(frequency/severity of losses in different events types) would obviously require assumptions of correlations. For this purpose , the correlation among various risk factors already calculated by the bank based on historical data could form the basis of projections with appropriate to account for the possibility that the correlations could break down under a stressed scenario. Para 8.5.4.1: A bank‟s internal loss data may not be sufficient to model the operational risk exposures faced by the bank as many of the potential risk to which the bank is exposed would not have materialized during the life of the bank. Basel-II framework, therefore , requires that a bank‟s operational risk measurement system must incorporate four key data inputs. These 4 inputs / elements are: Internal data External data Scenario analysis Business environment and internal control factors(BEICF) Para 8.5.4.5: (iii) scenario analysis is especially relevant for business lines, activities or operational loss event type where internal and relevant external loss data or assessments of the business environment and internal control factors(BEICFs) do not provide a sufficiently robust estimate of the exposure of the bank to operational risk.
  54. 54. 54 Scenario analysis process flow and timelines:- Scenario analysis process flow Time frame 1. Pre-workshop preparation: a) Identification of scenarios for the workshop; b) Development of scenario analysis tool kit. c) Selection of participants for the workshop; and d) Familiarizing the participants with the probable scenarios. a) Exercise should commence one month before scenario analysis workshop. 2. Scenario analysis workshop:- a) Conduct of scenario analysis workshop; b) Documentation of results; c) Approval from business heads for the outcomes of the results; and d) Placing the results before the concerned business department, the ORMC. a) Scenario workshops for all business units/departments can be phased coinciding with RCSA schedule as outcome of RCSA will be an input for the workshop. b) All scenario workshops should be completed by January end. 3. Capital computation In the month of February. 4. Validation of scenario analysis process by I&A In the month of march.
  55. 55. 55 Roles and Responsibilities:- Roles and responsibilities of the departments and participants:- Department & participants Roles and responsibilities Operational risk management department (ORMD) a) Determine scenarios. b) Preparation of background analysis material. c) Documentation of scenario analysis result. d) Present the result to the heads of the respective business department for sign off. e) Present the outcome before the concerned business departments, the ORMC . Department heads a) Selection participants for scenario analysis workshop; and b) Review extreme events scenarios for their plausibility and validity assumptions. Scenario participants a) Participate in the identification of scenarious. b) Provide inputs for the assessment of the scenario impacts ; and c) Incorporate outputs of the scenario analysis into day – to day business, as appropriate. Inspection and audit departments a) As a part of qualitatives validation , audit team will validate the scenario analysis process and its results after computation of AMA capital. b) Audit will submit its findings to (a) the operational risk management committee through ORMD ; and (b) the audit committee of the board (ACB)
  56. 56. 56 ROLES AND RESPONSIBILITIS OF THE COMMITTEES:- COMMITTEE PESPONSIBILITIES Operational risk management committee(ORMC) a) Review and approve results of scenario analysis; b) Approve changes,if considered necessary to scenario assessment rating viz.most likely loss frequency(MF) , most likely loss severity (MS) , worst likely frequency (WF) & worst likely severity (ws) ; and c) Annual review of scenario analysis framework; d) Propose / approve enhancement to scenario analysis framework, as considered necessary from time to time. Risk management committee of the board(RMCB) a) Take note of the result of scenario analysis process. Audit committee of the Board(ACB) a) Review finding of audit on scenario analysis process
  57. 57. 57 ADVANTAGE OF SCENARIO ANALYSIS :- Scenario analysis provides a forward-looking view of operational risk that complements historical internal and external loss data. Scenario analysis (SA) is a systematic process of obtaining expert opinions. scenario analysis, which uses a systematic approach to anticipate a broad range of possible outcomes, provides valuable insights. Scenario analysis facilitates business decisions by taking into account a number of potential developments and possible future events in business environments. Most insurers use scenario analysis for strategy development and risk management. Scenario analysis is particularly important for insurers, as their survival depends on their abilities to gauge and appropriately price risk. To manage the broad range of risks they face -- many of which are interrelated -- Insurers often develop scenarios for risk management, underwriting and pricing decisions, Strategic planning and capital management. The popularity of scenario analysis is the result of the limitations with the others three approaches and the fact that regulators have accepted that there is a role for human judgment and expertise in measuring operational risk and setting a side capital. MANAGING OPERATIONAL RISK
  58. 58. 58 Managing operational risk is becoming an important feature of sound risk management practices in modern financial markets in the wake of phenomenal increase in the volume of transactions, high degree of structural changes and complex support systems. The most important type of operational risk involves breakdowns in internal controls and corporate governance. Such breakdowns can lead to financial loss through error, fraud, or failure to perform in a timely manner or cause the interest of the bank to be compromised. Generally, operational risk is defined as any risk, which is not categorized as market or credit risk. This is the risk of loss arising from various types of human or technical error. It is also synonymous with settlement or payments risk and business interruption, administrative and legal risks. Operational risk has some form of link between credit and market risks. An operational problem with a business transaction could trigger a credit or market risk. In order to manage Operational Risk, the following is required Identifying issues, control breaches and risks Assessing impacts of issues, control breaches and risks Setting priorities on issues, control breaches and risks Reporting and discussing issues , control breaches and risks Resolving or escalating issues, control breaches and risks Mitigating or containing issues, control breaches and risks This provides a standard methodology. One of the major tools for managing operational risk is the well-established internal control system, which includes segregation of duties, clear management reporting lines and adequate operating procedures. Most of the operational risk events are associated with weak links in internal control systems or laxity in complying with the existing internal control procedures. The ideal method of identifying problem spots is the technique of self-assessment of internal control environment. The self-assessment could be used to evaluate operational risk along with internal/external audit reports/ratings or RBI inspection findings. Banks should endeavor for
  59. 59. 59 detection of operational problem spots rather than their being pointed out by supervisors/internal or external auditors. Along with activating internal audit systems, the Audit Committees should play greater role to ensure independent financial and internal control functions. The Basle Committee on Banking Supervision proposes to develop an explicit capital charge for operational risk. Control of Operational Risk Internal controls and the internal audit are used as the primary means to mitigate operational risk. The contingent processing capabilities could also be used as a means to limit the adverse impacts of operational risk. Insurance is also an important mitigator of some forms of operational risk. Risk education for familiarizing the complex operations at all levels of staff can also reduce operational risk. Business continuity plan and disaster recovery drill are important tools
  60. 60. 60 RESEARCH METHODOLOGY
  61. 61. 61 Research in common parlance refers to search of knowledge. In other words research means search for facts-answers to questions and solutions to the problem. It is purposive investigation. Research methodology may be understood as all those methods/techniques that are used for conduction of research. Thus it refers to the methods the researchers use in performing research operations. Since the object of research is to arrive at a solution for a given problem, the available data and the unknown aspects of the problem have to be related to each other to make a solution possible. The selection of appropriate methodology for doing research is very important. It must be in accordance to the topic of the research. The topic of the study is: Study of risk management at state bank of Bikaner & Jaipur Bank  Research design It is the framework or plan for the study that is used as a guide in collecting and analyzing the data. It is the framework of the project that stipulates what information is to be collected from what sources and by what procedures. Designing is preliminary step in every activity. It provides a picture for the whole before starting of the work. RESEARCH PROCESS FOLLOWED……… FF
  62. 62. 62 Review the Literature Error! Reference source not found.  Research objective The objective of the study is to understand the concept of risk management in banking and to analyze whether the bank is following those guidelines or not.  Collection of Data 1. Primary data sources Under primary sources we have data in the form of personal interview. 2. Secondary data sources Basically this research is exploratory research; the secondary data used for the research is collected through Bank‟s documents, websites and magazines.  Sampling Area Jaipur Define researc h proble m Review concepts & theories Interpre t & Report writing
  63. 63. 63 ANALYSIS Operational Risk in Banking, the topic of the project is very complex and critical to the functioning of the banking industry as a whole. As the topic indicates the study involves the collection of secondary data for the research purpose. Secondary data refers to the data collected
  64. 64. 64 by someone else other than the user. A common source of secondary data is organizational records. As the project studies the Operational Risk with major emphasis on State bank of Bikaner & Jaipur Bank‟s products and processes , the information gathered is restricted to the bank‟s internal products and services. Thus the research done in this project is based on secondary data provided by the bank‟s record. The first step towards the data collection was to request the personal in charge for the processing of the respective product to provide the secondary data from the bank‟s database. The samples kept for the record of the bank were shown with major emphasis on those cheques which could have lead to Operational Risk. Like in the case of Account Opening Form , personal from the Fraud Control Unit showed the necessities which are required to be checked in order to avoid fraud and forgeries. The same procedure was followed for all the products and services. Therefore the data analysis done in the project is based on the secondary database of the State bank of Bikaner and Jaipur.
  65. 65. 65 FINDINGS
  66. 66. 66 Good co-ordination between the sales and finance department add all comfort ability to Operational services. Different vendor services related to software solutions, at times hamper processing function affecting customer services and thus making the bank more prone to operational risk. With load of information, the server sometimes goes down affecting the speed of Operational processing and thereby causing delay in the functioning of the bank and thus adding to operational risk problems. On regular basis Key Control Standards are updated with new records which help to keep effective check on fraud and forgeries. Anytime banking (i.e internet banking , phone banking , sms banking ) is available for 24 * 7 days for easy access of information to the customer. Any query between the insurance provider and the sales and marketing team are simultaneously informed to operations and sales department through e-mails. Thus the sales and marketing team are made responsible first to report to operation department which would further be responsible to the service provider and the same norm will be followed by the investment department. This provides a systematic approach to the bank for eliminating any discrepancy as far as operational risk is concerned. Regular static data related to each customer‟s personal information or account related information is regularly updated to avoid any discrepancy on the part of the bank. As far as managing operational risks are concerned the needs to tighten up it‟s checking of the Account Opening Forms and Inward Clearing process as these areas are most prone to such types of risks.
  67. 67. 67
  68. 68. 68 CONCLUSION On the basis of data provided to me, I can say that bank is trying to moving on the policies prescribed by Reserve Bank of India. The bank is also using their own policies as per guidelines of RBI for risk management. As the Bank move more off balance sheet, the implied risk of these activities must be integrated into overall risk management and strategic decision making, but generally they are ignored when bank risk management is considered. Here the question is not that
  69. 69. 69 “How far should risk management go in public banking?” But the real question is “How good is risk management in public Banking and how can it be improved?”
  70. 70. 70 RBI should show the banks as to how the banks can benefit by following their guidelines. All the banks should provide complete information so that there is more transparency. The banks must be make their risk management practices robust to address operational risk which is increasing with diversification of business lines and more dependence on technology As a part of developing an understanding of OR, manual of operational guidelines should be there in the bank.
  71. 71. 71 Bank policies Bank Manual-RCSA,KRI,LOSS DATA,SCENARIO ANALYSIS
  72. 72. 72 RBI CIRCULARS OR BASEL-II WWW.Sbbjbank.com www.google.com www.bankingonly.com www.rbi.co.in
  73. 73. 73

×