Читать книгу Non-financial Risk Management in the Financial Industry - Группа авторов - Страница 82
2.5 Conclusion and outlook
ОглавлениеNon-financial risk has been gaining significant importance over the recent years as incidents such as the financial crisis of 2008 and recent money laundering scandals have shown that organisations not only need to keep their financial risks but also their non-financial risks in mind. Given that there is no general definition of non-financial risk and that regulators of different jurisdictions have not yet developed a common view, financial institutions need to develop their own non-financial risk taxonomies based on their business models and risk appetites.
Generally, non-financial risk is divided into two main categories: operational and strategic risks. The former contains operational risks, i.e. risks related to banking operations, while the latter contains those risks that we view as strategic risks, which makes them part of non-financial risk but separate from operation-related risks. This approach combines the specification of operational risks according to the BCBS definition, considering that the risks falling under strategic risks are also non-financial risks. Historically, we have seen that the non-financial risk taxonomy constantly evolves parallel to emergent risk topics, e.g. cybercrime and resilience risk due to access to new technologies. It will be interesting to see which currently unknown risk topics will surface in the future. Therefore, all the better if organisations are already well-positioned concerning the known risk topics.
Whereas the management of certain non-financial risks such as fraud risk or outsourcing risk is already established quite well and follows a standardised process, emerging risks such as conduct risk and sustainability risk require more attention. In addition, well-established risks like ICT risk need to be monitored closely as new sub-risks occur from increasing digitisation and automation. Therefore, it is important to review risk types periodically in a holistic manner and to assess their inherent and residual risk in order to see if they still match the organisation’s business model and risk appetite. Given the nature of non-financial risk, its measurement remains a challenge. Therefore, financial institutions need to develop robust methodologies for a more quantitative risk assessment of non-financial risks.
Fußnoten:
[1] Meyer 2000.
[2] OeNB/FMA 2006, 9.
[3] BCBS 2021b, 2.
[4] US Department of Commerce/National Institute of Standards and Technology 2012.
[5] EBA 2017.
[6] BCBS 2021b, 16.
[7] Ibid.
[8] OeNB/FMA 2006, 43.
[9] BCBS 2021b, 10–11.
[10] BCBS s.a., History.
[11] BCBS 2012.
[12] BCBS s.a., History.
[13] BCBS 2004.
[14] ESMA s.a., MIFID II.
[15] Federal Bureau of Investigation s.a., White-Collar Crime.
[16] European Union s.a., Data Protection Directive.
[17] European Union s.a., Comprehensive approach on personal data protection in the European Union.
[18] European Union s.a., General Data Protection Regulation.
[19] State of California Department of Justice s.a., California Consumer Privacy Act (CCPA).
[20] EBA 2019b.
[21] Europol 2021.
[22] FCA 2019a.
[23] Bank of England 2021.
[24] BCBS 2021a.
[25] Marita Delgado (Banco de España) at the SSM Round Table/Bankers Forum on 15 November 2019.
[26] ECB 2021.
[27] Board of Governors of the Federal Reserve System 2019.
[28] APRA 2019.
[29] Investopedia 2021b.
[30] BCBS 2000.
[31] BCBS 2019.
[32] BCBS 2008.
[33] Basel II refers to an international framework issued by the BCBS in 2006 in order to revise the standards governing the capital adequacy of internationally active banks; BCBS s.a., Basel II.
[34] BCBS 2017.
[35] FCA s.a.
[36] ICA s.a.
[37] OCC s.a.
[38] FATF s.a., Money Laundering.
[39] FATF s.a., Glossary.
[40] FATF 2019.
[41] BCBS 2020.
[42] EBA 2021b.
[43] APRA 2007.
[44] Deutsche Bundesbank 2021.
[45] Central Bank of Ireland s.a.
[46] The Wolfsberg Group 2019.
[47] Transparency International, Global Anti-Bribery Guidance.
[48] Cornell Law School, Legal Information Institute.
[49] Transparency International s.a., Tax Evasion.
[50] IRS s.a.
[51] European Commission s.a., Taxation.
[52] Copley 2016, 28–29.
[53] Central Bank of Ireland 2017, 7.
[54] FMSB 2018b.
[55] Bank of England/HM Treasury 2015.
[56] EBA 2014, 97–98.
[57] European Union 2021.
[58] SEC 2012.
[59] FDIC 2008.
[60] BCBS 2001.
[61] COSO 2016.
[62] OCC 2019a.
[63] APRA 2015.
[64] ACFE 2011.
[65] Cornell Law School s.a.
[66] Investopedia 2021a.
[67] European Union s.a., Antitrust Overview.
[68] International Chamber of Commerce s.a.
[69] US Department of Justice/Procurement Collusion Strike Force 2021.
[70] ACFE 2004.
[71] EBA 2019b.
[72] European Parliament 2020.
[73] EBA 2018.
[74] EBA 2019b, 18.
[75] Ibid.
[76] NIST s.a., cyber risk.
[77] OSFI 2021b.
[78] APRA 2013.
[79] NIST s.a., data confidentiality.
[80] EBA 2017.
[81] ECB 2021.
[82] APRA 2013.
[83] SNIA s.a.
[84] EUR-Lex 2016.
[85] State of California 2018.
[86] BCBS 2021a.
[87] FCA 2019a.
[88] Board of Governors of the Federal Reserve System 2020.
[89] BCBS 2021a.
[90] MAS/ABS 2021
[91] EBA 2019a.
[92] Bank of England 2019a.
[93] Board of Governors of the Federal Reserve System 2013.
[94] FDCI 2008.
[95] APRA 2017.
[96] MAS 2018a.
[97] Central Bank of Bahrain s.a.
[98] Gartner s.a.
[99] BCBS 2017.
[100] Board of Governors of the Federal Reserve System 2021a.
[101] Inaugural address by Ms Shyamala Gopinath, Deputy Governor of the Reserve Bank of India, at the Symposium on “Changing Dynamics of Legal Risks in the Financial Sector,” Kochi, 30 October 2009.
[102] Open Risk Manual s.a.
[103] Hillson 2000.
[104] IRM s.a.
[105] FDIC s.a.
[106] FDIC 2008.
[107] OCC 1996.
[108] EBA 2018.
[109] Board of Governors of the Federal Reserve System 2013.
[110] FDIC 2008.
[111] EBA 2021a.
[112] ECB 2020a.
[113] EBA 2021a.
[114] Bank of England 2019b.
[115] OSFI 2021a.
[116] MAS 2020a.
[117] Deutsches Institut für Menschenrechte 2016.
[118] UNEP 2014.
[119] Corporate Finance Institute s.a.