van den Aarssen, Daniel
Operational Risk Management; An analysis of FSA Final Notices.
[Dissertation (University of Nottingham only)]
In the last two decades, financial markets have been highlighted by large-scale financial failures due to incompetence and fraud, such as Barings, Daiwa, Allied Irish Banks, UBS, Société Génerale, and more recently JP Morgan. While previous research has focussed on market and credit risk, and even if the focus was on operational risk it concentrates on the market reaction to operational losses, the current research addresses the root of the problem.
The current research explores the final notices issued by the FSA (now FCA and PRA) of over £1,000,000 from 2008-2013 in order to find a common theme in the operational risks of the financial institutions. In order to categorise the final notices a framework by McConnell (2008) has been adopted. With the help of this framework the risks are more accurately distinguished in either an incident, individual, institution, or industry area.
The data analysis the frequently breached principles outlined by the FSA ‘principles for business’. The results from this allow the accurate categorisation of each case, and allow us to see where financial institution most often commit operational risks. The findings indicate that the vast majority of operational risks occur on an institutional level; however, the findings also show that no cases were attributed to solely the incident or industry area. Furthermore, two subcategories have been created in order to place the cases more accurately, these subcategories are a combination of the already existing areas; the individual and institution area, and the industry and institution area. This makes the tally for institutional area increase, and results in only 3 cases involving no institutional factors whatsoever.
With these results suggestions to minimise the frequency and severity of operational risks are made in the form of adopting either a new regulatory body, which has already happened. The further suggestions include adopting a Dodd-Frank Act stress testing similar approach to risk management of financial institutions, or applying the Enterprise Wide Risk Management (EWRM) framework in order to stop risks in the earlier stages. However, it is important to consider the definition of risk, as it is not necessarily deemed a bad thing, especially for financial institutions who most take some risks in order to maintain competitive and profitable, the suggestions are therefore recommendations on determining what the good, and the bad risks are.
Actions (Archive Staff Only)