More guidance needed

In its Global study of operational risk management practices, MOW found that about 60% of the 43 global banks surveyed felt they required clearer regulatory guidance on certain op risk issues related to Basel II, such as use of external data, implementation timing and home/ host issues. And yet, “despite uncertainty that their methods and techniques will meet regulatory standards, many firms continue to advance their current management frameworks,” said the report.

The study also found that commitment to op risk management was waning among senior bank managers because they believed their qualitative risk controls and available capital would minimise the likelihood of a substantial ‘tail loss’. “Global banks regard their operational risk programmes as a largely compliance-driven issue to address the expected requirements of the Basel II Capital Accord, with a secondary focus on improving tactical and strategic flexibility,” MOW said in the report. It said senior managers and the board saw the process as a non-validated ‘capital tax’, with banks believing they can qualitatively ensure their risk controls will be adequate.

The study, conducted in early 2004, gathered responses from op risk managers at 43 major banks from North America, Europe and Asia-Pacific. It found that 80% of the firms now have well-developed op risk frameworks. Director of the study, Brad Ziff, who is also a director at MOW’s financial risk and capital market practice, said the findings were consistent with what the regulators’ compliance review of US banks is finding.

But op risk management challenges remain: “Only one-third of the firms have developed advanced modelling programmes; many believe quantifying op risks and developing acceptable capital allocation methods is the weakest area of their risk management framework.” The study also identified key risk indicators (KRIs) as largely insufficient for management purposes, and over half the firms identified them as a critical area for improvement in the coming year.