Transform your approach to oprisk modelling with a proven, non-statistical methodology

Operational Risk Modeling in Financial Services provides risk professionals with a forward-looking approach to risk modelling, based on structured management judgement over obsolete statistical methods. Proven over a decades use in significant banks and financial services firms in Europe and the US, the Exposure, Occurrence, Impact (XOI) method of operational risk modelling played an instrumental role in reshaping their oprisk modelling approaches; in this book, the expert team that developed this methodology offers practical, in-depth guidance on XOI use and applications for a variety of major risks.

The Basel Committee has dismissed statistical approaches to risk modelling, leaving regulators and practitioners searching for the next generation of oprisk quantification. The XOI method is ideally suited to fulfil this need, as a calculated, coordinated, consistent approach designed to bridge the gap between risk quantification and risk management. This book details the XOI framework and provides essential guidance for practitioners looking to change the oprisk modelling paradigm.

The financial services industry is in dire need of a new standard a proven, transformational approach to operational risk that eliminates or mitigates the common issues with traditional approaches.Operational Risk Modeling in Financial Servicesprovides practical, real-world guidance toward a more reliable methodology, shifting the conversation toward the future with a new kind of oprisk modelling.

PATRICK NAIM (left) is the CEO of Elseware and widely recognized as an expert for operational risk modeling and quantification. Patrick has extensive experience in advising banks, insurance and energy companies for over 20 years in Continental Europe, the United Kingdom, and North America. He is also the author ofRisk Quantification: Management, DiagnosisandHedging and Bayesian Networks: a Practical Guide to Applications, both from Wiley.

LAURENT CONDAMIN (right), PHD, is Managing Partner and Researcher at Elseware. For the past 10 years, he has been advising the largest financial institutions. His areas of expertise are operational risk modeling, stress testing, credit rating modeling, project risk analysis, insurance coverage optimization and cost-benefit analysis.

List of Figures xi

List of Tables xv

Foreword xix

Preface xxi

Part One Lessons Learned in 10 Years of Practice

Chapter 1 Creation of the Method 3

1.1 From Artificial Intelligence to Risk Modelling 3

1.2 Model Losses or Risks? 5

Chapter 2 Introduction to the XOI Method 7

2.1 A Risk Modelling Doctrine 7

2.2 A Knowledge Management Process 8

2.3 The eXposure, Occurrence, Impact (XOI) Approach 9

2.4 The Return of AI: Bayesian Networks for Risk Assessment 10

Chapter 3 Lessons Learned in 10 Years of Practice 13

3.1 Risk and Control Self-Assessment 13

3.2 Loss Data 24

3.3 Quantitative Models 30

3.4 Scenarios Workshops 36

3.5 Correlations 41

3.6 Model Validation 47

Part Two Challenges of Operational Risk Measurement

Chapter 4 Definition and Scope of Operational Risk 57

4.1 On Risk Taxonomies 57

4.2 Definition of Operational Risk 68

Chapter 5 The Importance of Operational Risk 71

5.1 The Importance of Losses 71

5.2 The Importance of Operational Risk Capital 74

5.3 Adequacy of Capital to Losses 76

Chapter 6 The Need for Measurement 77

6.1 Regulatory Requirements 77

6.2 Nonregulatory Requirements 82

Chapter 7 The Challenges of Measurement 93

7.1 Introduction 93

7.2 Measuring Risk or Measuring Risks? 93

7.3 Requirements of a Risk Measurement Method 95

7.4 Risk Measurement Practices 98

Part Three The Practice of Operational Risk Management

Chapter 8 Risk and Control Self-Assessment 105

8.1 Introduction 105

8.2 Risk and Control Identification 107

8.3 Risk and Control Assessment 113

Chapter 9 Losses Modelling 121

9.1 Loss Distribution Approach 122

9.2 Loss Regression 134

Chapter 10 Scenario Analysis 137

10.1 Scope of Scenario Analysis 137

10.2 Scenario Identification 150

10.3 Scenario Assessment 163

Part Four The Exposure, Occurrence, Impact Method

Chapter 11 An Exposure-Based Model 179

11.1 A Tsunami Is Not an Unexpectedly Big Wave 179

11.2 Using Available Knowledge to Inform Risk Analysis 180

11.3 Structured Scenarios Assessment 181

11.4 The XOI Approach: Exposure, Occurrence, and Impact 182

Chapter 12 Introduction to Bayesian Networks 185

12.1 A Bit of History 185

12.2 A Bit of Theory 186

12.3 Influence Diagrams and Decision Theory 187

12.4 Introduction to Inference in Bayesian Networks 187

12.5 Introduction to Learning in Bayesian Networks 189

Chapter 13 Bayesian Networks for Risk Measurement 191

13.1 An Example in Car Fleet Management 191

Chapter 14 The XOI Methodology 203

14.1 Structure Design 203

14.2 Quantification 209

14.3 Simulation 214

Chapter 15 A Scenario in Internal Fraud 219

15.1 Introduction 219

15.2 XOI Modelling 219

Chapter 16 A Scenario in Cyber Risk 227

16.1 Definition 227

16.2 XOI Modelling 234

Chapter 17 A Scenario in Conduct Risk 239

17.1 Definition 239

17.2 Types of Misconduct 241

17.3 XOI Modelling 246

Chapter 18 Aggregation of Scenarios 255

18.1 Introduction 255

18.2 Influence of a Scenario on an Environment Factor 257

18.3 Influence of an Environment Factor on a Scenario 258

18.4 Combining the Influences 261

18.5 Turning the Dependencies into Correlations 262

Chapter 19 Applications 265

19.1 Introduction 265

19.2 Regulatory Applications 267

19.3 Risk Management 278

Chapter 20 A Step towards Oprisk Metrics 287

20.1 Introduction 287

20.2 Building Exposure Units Tables 288

20.3 Sources for Driver Quantification 289

20.4 Conclusion 290

Index 291