Читать книгу Non-financial Risk Management in the Financial Industry - Группа авторов - Страница 19

Looking at the history of the development of non-financial risk, the starting point is perceived by many as the development of operational risk. In 1997, the Basel Committee on Banking Supervision (BCBS or Basel) issued a paper that set out 25 core principles for effective banking supervision.[10] One of the key risks faced by financial institutions was cited as operational risk, which was defined “as the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. The definition includes legal risk but excludes strategic and reputational risk.”[11]

Two years later, BCBS issued a proposal for a new capital adequacy framework to replace Basel I, the capital measurement system launched in 1988.[12] Following the publication of the first round of proposals in 1999, the revised framework for capital measurement and capital standards, called Basel II, was endorsed in 2004. As part of the framework, operational risk, along with credit risk and market risk, was named as a risk type for capital requirements calculations. The scope of the definition of operational risk was contained in seven loss event types: (1) internal fraud, (2) external fraud, (3) employment practices and workspace safety, (4) clients, products and business services, (5) damages to physical assets, (6) business disruptions and system failures, and (7) execution, delivery and process management.[13]

The idea of Basel II was to measure the operational risk on a model basis by using loss data from operational risk loss events through one of the following three methods: the advanced measurement approach (AMA), the basis indicator approach (BIA) or the standardised approach (STA), which was mainly based on revenues over the past three years. However, the distributions used in the AMA were unable to appropriately consider extreme outliers because risk measurement and corresponding capital requirements were always based on some confidence level. In comparison with operational risk management, non-financial risk management is not only based on historical events but needs to include risk assessments that require organisations to familiarise themselves with their business models, risk appetites and the risks themselves. This means that financial risks are the original risks while non-financial risks are second-order effects of the original risks. And while financial risks can be measured, it is still a challenge to measure non-financial risks.

Simultaneously to the BCBS developments, the history of the development of non-financial risk was supported by six waves that triggered the development of the respective risks (Figure 1).