Risk Officer

The Basel II Accord defines operational risk as the “direct or indirect loss resulting from inadequate or failed internal processes, people and systems or from external events.” Poor management of operational risk can damage the reputation and the finances of any organization.

The Basel II Accord lists several types of operational risk, including internal fraud, external fraud, business disruption and system failures. Basel II requires banks to manage operational risk as part of their overall risk management.

Intellinx reduces operational risk and enables compliance with Basel II and Solvency II. The accord breaks down operational risk loss events into seven general categories as follows.

Loss Event-Type Category Definition Supported
by Intellinx?
Internal fraud Losses due to acts of a type intended to defraud, misappropriate property or circumvent regulations, the law or company policy, excluding diversity/ discrimination events, which involves at least one internal party Yes*
External fraud Losses due to acts of a type intended to defraud, misappropriate property or circumvent the law, by a third party Yes*
Employment Practices and Workplace Safety Losses arising from acts inconsistent with employment, health or safety laws or agreements, from payment of personal injury claims, or from diversity / discrimination events No
Clients, Products & Business Practices Losses arising from an unintentional or negligent failure to meet a professional obligation to specific clients (including fiduciary and suitability requirements), or from the nature or design of a product. Yes*
Damage to Physical Assets Losses arising from loss or damage to physical assets from natural disaster or other events. No
Business disruption & system failures Losses arising from disruption of business or system failures Yes*
Execution, Delivery & Process Management Losses from failed transaction processing or process management, from relations with trade counterparties and vendors Yes*

 

* Examples of Intellinx Rules for Detecting Operational Risk

Internal Fraud

  • Credit limit change exceeding a specific threshold in terms of dollars or percents by customer type
  • Credit limit increase followed by a new loan within 48 hours

External Fraud

ATM/ Credit card fraud:

  • Excessive number of transactions per ATM device per hour
  • Excessive number of cancelled transactions per ATM device per hour

Clients, Products & Business Practices

Breach of privacy and Misuse of confidential information:

  • Access to customer sensitive information with no customer call received by the call center around the same time
  • Search for customer account information using selection criteria that is too general
  • Excessive or after-hours search for customer accounts by customer name

Business Disruption and System Failures

  • Simultaneous application errors (error screen or bad response code) in many user sessions
  • Irregular response time of critical transactions in many user sessions simultaneously

Execution, Delivery & Process Management

  • Sharing of user ID and password by several users – this situation can be discovered by detecting several user IDs in the same session from the same terminal
  • Similar transactions (may be duplicate)
  • Non-reasonable transaction (compared to past transactions, or to threshold)