|
1.
Preparation and governance.
2.
Generation and selection.
3.
Assessment.
4.
Validation.
5.
Incorporation into management.
6.
Scenario aggregation.
7.
Incorporation into capital.
S C E N A R I O P R E P A R A T I O N A N D G O V E R N A N C E
One of the main challenges in scenario analysis is the consistency of approach and
the mitigation of behavioral biases. It is, however, a strong regulatory requirement that
scenario analysis should lead to repeatable results, both quantitative and qualitative.
The regulator demands that firms minimize subjectivity and biases as far as possible
when conducting scenario identification and assessment. To do this, assumptions must
be based on empirical evidence, the rationale behind each scenario must be explained,
13
Operational Risk Management: Best Practices in the Financial Services Industry, First Edition.
Ariane Chapelle.
© 2019 John Wiley & Sons Ltd. Published 2019 by John Wiley & Sons Ltd.
14
RISK IDENTIFICATION
and the assumptions and process for generating scenario analysis must be rigorously
documented.
SA preparation and planning is normally the role of the risk function, unless the
business has taken full control of the SA process. The general documentation of
the organization and methodology is usually the role of the risk function. The business
lines own the documentation relating to the workshops, the experts involved and the
results of the various meetings.
The preparation phase includes defining the scope and objectives of the exercise,
identifying the relevant participants, organizing meetings and setting schedules.
Participants are business managers (generally, the more senior, the better) and risk
owners (HR, IT, Compliance, etc.). Representatives of the risk functions are there
mostly to facilitate meetings and to document the process and the content of the
meetings, if the second line is actively involved.
The preparation phase also involves compiling a “preparation pack” of documents
that will help later with the selection and assessment of scenarios. You may choose
to withhold the documents from the participants during the generation phase, in
order to keep the brainstorming sessions as free from influence and as creative as
possible. However, the more common practice is to distribute documents before
the first meetings (and they are not always read anyway). Preparation documents
include:
■
External loss data
■
Internal loss data, large past incidents and near misses
■
RCSA results
■
Key risk indicator scores
■
Audit issues and other issue logs, if any
■
Concentrated exposures, known vulnerabilities (if reported differently than KRIs)
■
Any other relevant documents for risk and exposure assessment
The participants in SA workshops and brainstorming sessions should be senior
managers within the different corporate functions and as a consequence should
have significant experience and understanding of the risks in their area. Ideally,
they should be knowledgable about operational risks and be open-minded thinkers.
The involvement of additional external experts is recommended (although uncom-
mon), particularly to mitigate behavioral biases. A frequent bias is myopia: the
over-estimation of recent events. Another widespread bias is the excessive focus on
scenarios driven by external causes. Interestingly, the majority of scenarios considered
by financial institutions are substantial losses caused by external events (terror
attacks, pandemics, weather, outsourcing, cyber crime, etc.). However, in reality,
most large losses experienced by the financial industry are due to internal causes,
such as rogue trading, LIBOR rigging, mis-selling, embargo breaches, data losses and
internal fraud.
Scenario Identification Process
15
S C E N A R I O G E N E R A T I O N A N D S E L E C T I O N
Brainstorming is a creative technique where groups generate a large number of ideas
to solve a problem. There are four main rules in brainstorming, which tend to foster
group creativity and reduce social pressures.
Do'stlaringiz bilan baham: |
