Understanding the Standardized Approach to Operational Risk

The standardized approach to operational risk is a method used by financial institutions to measure and manage operational risk. This approach is based on a bank's own internal data and is used to estimate the potential loss of revenue due to operational risk.

The standardized approach is a widely accepted method and is used by many banks around the world. It requires banks to estimate their operational risk exposure based on their own internal data.

Banks that use the standardized approach must estimate their operational risk exposure using a formula that takes into account the bank's business activities, size, and complexity. This formula is designed to provide a more accurate estimate of operational risk.

The standardized approach is a key component of the Basel Accords, a set of international banking regulations that aim to promote financial stability.

The history of operational risk regulation is a story of evolution and refinement. Regulatory expectations regarding operational risk management were first set out by the Basel Committee on Banking Supervision’s (BCBS) 2003 document Sound Practices for the Management and Supervision of Operational Risk.

The financial crisis highlighted many deficiencies in the overall regulatory framework, leading to significant changes. Basel III introduced updates to the 2003 document with the publication of Principles for the Sound Management of Operational Risk in 2011.

One of the main changes post-crisis was greater regulatory intrusion in all aspects of risk management, including operational risk. This was largely due to high-profile operational risk failures that led to regulatory fines, censure, and customer compensation.

Under Basel II, banks had three options for calculating regulatory capital for operational risk, which were initially left unchanged in Basel III.

The Standardized Approach for calculating operational risk capital is a key component of the Basel framework. It provides a standardized method for banks to estimate their capital requirements based on their operational risk profiles.

This approach categorizes banks into business lines, each with its own predetermined factor. The risk weights are expressed as percentages and are applied to the average gross income generated by each business line over a reference period.

The Business Indicator (BI) is a simple financial statement proxy for operational risk exposure that is combined with bank-specific loss data. The BI structure has been brushed up since October 2014 to avoid reprimanding certain business models.

Banks using the Standardized Measurement Approach (SMA) must adhere to minimum loss data standards under Pillar 1 to promote evenness in the implementation of the Loss Component. This includes sound data collection, integrity, and quality.

The Standardized Approach categorizes banks into seven business lines: Corporate Finance, Trading and Sales, Retail Banking, Commercial Banking, Payment and Settlement, Agency Services, and Asset Management.

Here are the seven business lines categorized under the Standardized Approach:

The Federal Reserve uses stress tests to evaluate a bank's ability to withstand potential losses. This includes losses from operational risk, which can be estimated using the standardized approach.

Banks must adhere to minimum loss data standards under Pillar 1 to ensure the accuracy of their operational risk assessments.

The committee recommends that banks using the SMA Loss Component must meet these standards to promote evenness in implementation.

The BI Services Adjustment is a crucial part of the standardized approach to operational risk. A cap on the BI's services component is being proposed to address the disproportionate penalty on business models with high noninterest income.

This cap would be tied to total assets, not interest-earning assets, to better reflect operational risk. Deducting deposits at Federal Reserve Banks, U.S. Treasuries, and Agency MBS from total assets would also reduce the procyclicality of the cap.

A cap of 2.25 percent of total adjusted assets would be binding for 15 out of 33 CCAR banks, similar to the number of banks bound by the BI's cap on the interest component. This would significantly reduce the capital charge for these banks.

The revised formulation would result in a capital charge near 10 percent of RWA for American Express, down from 48 percent. Foreign-bank organizations with high capital markets presence would also benefit from this adjustment.

The correlation between the adjusted OPE capital charge and operational risk losses in the stress tests would increase from 29 to 53 percent. This suggests a more accurate assessment of operational risk.

The new capital standard under Basel III fundamentally changes how operational risk capital is calculated. This new standard has major implications for banks' internal loss data and how it can be used to enhance business value.

Banks must calculate operational risk capital using the standardized measurement approach, which will limit a bank's influence over ORC to a single variable: the internal loss multiplier (ILM).

The Standardized Measurement Approach (SMA) for Operational Risk combines a financial statement proxy for operational risk exposure, known as Business Indicator, with bank-specific loss data. This structure has been refined since October 2014 to avoid penalizing certain business models.

Business volume is only one factor that influences exposure to operational risk, and the Business Indicator (BI) is stable and comparable to other banks. To increase risk sensitivity, other sources of information are needed, such as historical loss experience.

The standardized approach for calculating regulatory capital for operational risk is a key component of the Basel framework. It provides a standardized method for banks to estimate their capital requirements based on their operational risk profiles.

To calculate the capital charge for operational risk, banks assign a risk weight to each business line based on their relative operational risk exposure. The risk weights are expressed as percentages and are applied to the average gross income generated by each business line over a reference period.

Managing internal losses is a crucial aspect of operational risk management. To mitigate the impact of internal loss factors, banks can focus on improving the quality of historical loss data by formalizing definitions of operational risk events and improving incident identification and reporting.

Improving the quality of historical loss data requires empowering managers with enough authority to change their business environment and manage risks more proactively. This can be achieved by aligning operational losses with business unit and executive performance.

Banks can also change behaviors and culture by viewing internal operational risk incidents as manageable risks rather than unavoidable costs. This can be done by implementing processes for the identification, collection, and treatment of internal loss data with documented procedures.

A bank's internal loss data must be comprehensive and capture all material activities and exposures from all appropriate subsystems and geographic locations. The de-minimis gross loss threshold for internal loss data collection should not be higher than €10,000, although a higher threshold of €20,000 is acceptable when a bank first moves to the SMA.

The following criteria should be used for the identification, collection, and treatment of internal loss event data:

The Business Indicator (BI) is a key component of the standardized approach to operational risk. It's made up of the same P&L items found in the composition of Gross Income (Gl), but with some adjustments to improve consistency.

The main difference between the BI and Gl is how the items are combined. To improve the consistency of the BI as a proxy indicator for operational loss exposure, the impact of other operating capital requirements must be changed from negative to positive.

The BI structure has been adjusted to address several issues raised during the first consultation of the committee. These issues include overcapitalization of firms with a high net interest margin, inconsistent treatment of dividend income, and the overcapitalization of banks with high expenses and fee revenues.

The services component of the BI has been modified to address the asymmetric impact on different business models. The new structure is: "max(Fee Income;Fee Expense) + max(Other Operating Income;Other Operating Expense)".

To address the issue of overcapitalization of high-margin banks, a linear normalization ratio has been adopted. The interest component of the BI is adjusted by the ratio of Net Interest Margin (NIM) cap to 3.5%, to the actual NIM.

Here's a summary of the adjustments made to the BI structure:

The Internal Loss Multiplier is a crucial concept in the Standardized Approach to operational risk. It's used to determine the impact of internal losses on a bank's operational risk capital calculations.

The Internal Loss Multiplier is calculated using a logarithmic function, which is a mathematical formula that helps to stabilize capital requirements. This function is represented by the equation: $$ Internal\quad Loss\quad Multiplier=Ln\left( exp\left( 1 \right) -1 \right) +\frac { Loss\quad Component }{ BI\quad Component } $$

The Internal Loss Multiplier is confined by a minimum value of approximately 0.541, which means it increases at a decreasing rate with the Loss Component.

Banks with exposure at the average of the industry have an Internal Loss Multiplier equal to 1, and their BI Component corresponds to the SMA capital.

To calculate the Internal Loss Multiplier, banks need to have at least five years of good quality loss data, or a minimum of ten years of data if they have more than ten years of experience.

The standardized approach to operational risk can be applied within a group, but it's essential to understand how it works at different levels.

SMA calculations use consolidated BI figures at the consolidated level to net all intragroup expenses and incomes.

At the subsidiary level, the SMA capital is calculated by applying 100% of the BI component if the bank meets the standards and is from the subsidiary level.

The bank uses only the losses incurred in SMA calculations at the sub-consolidated level.

Intragroup transactions are fully netted at the consolidated level, which simplifies the calculation process.

The bank uses bucket 2 or higher to determine which BI figures to apply at the subsidiary and sub-consolidated levels.

To ensure accurate calculation of regulatory capital under the Standardized Measurement Approach (SMA), banks must adhere to minimum loss data standards. This includes soundness of data collection, integrity, and quality.

Banks using the SMA Loss Component must comply with these standards under Pillar 1. This promotes evenness in the implementation of the Loss Component, preventing arbitrage in Pillar 1. Banks with heavy losses unable to meet these standards may seek alternative solutions.

The committee recommends that banks follow the principles for the Sound Management of Operational Risk, published in 2011 under Pillar 1. This ensures that banks have robust processes in place for data collection and management.

Here are the key minimum standards for loss data under SMA: