A bank may transfer its financial responsibility through purchase of insurance or it may transfer its liability through a contractual arrangement (hold harmless agreement).

Self insurance may be obtained through a contractual agreement. As a practical matter, the ability to transfer risk contractually depends on whether one party or the other to the contract is in a better bargaining position. As one cannot always arrange to have a contract drawn in one's favour, there should be a review of all contracts before they are signed to make sure what liabilities are being accepted.

Even when the bank is in the position of being able to dictate terms of contract, every effort should be made to ensure that the provisions for the transfer of risk are both reasonable and equitable to both parties. In recent years, many countries have enacted legislation which has acted to significantly restrict the use of "hold harmless" language in contracts. When transferring risk through any form of hold-harmless agreement, it is essential that a number of points be reviewed by competent legal counsel:

Reasonable of Provisions - Harsh and restrictive language may serve to both antagonize customers .and may be invalidated in court as being contrary to both law end public policy. 1t is essential that the bank clearly understand precisely what contractual limitations of liability are legally acceptable in the jurisdiction in which the contract is to be enforced.

Clarity of Language - Unclear or ambiguous language will usually be construed against the maker of the contract. Therefore, it is critical that all contracts be written clearly and that unnecessary legal 'jargon' is avoided since much of the traditional legal language has been invalidated by recent changes in statute in many countries.

Disclosure of Obligations - All contracts should clearly disclose the obligations of all parties to the contract. Failure to adequately disclose obligations may make the contract un-enforceable.

Financial Soundness - The bank should always ensure that the counter-parties are financially to meet their contractual commitments. It is often useful to obtain an irrevocable financial guarantee from the counter-party

The most common method of unfunded retention is the deductible. Also refer to section 3.2.3 entitled Deductible. Generally deductibles should be used to eliminate coverage for losses that are apt to occur regularly. For example deductible levels of employee dishonesty should be sufficiently high to eliminate low level theft of cash by Tellers and ATM Machines.

Although more rare than unfunded programs, self insurance also includes programs where funds are actually set aside to pay incurred losses These have several significant benefits including the following:

• 1.    Liability Accounting - By using a funded approach, the funding process goes hand in hand with an accounting system which establishes the amount of the liabilities. It is extremely useful to have an accurate measurement of year-by-year costs of operational losses - particularly as these risks grow relative to the bank’s size. This assessment ensures that significant unfunded and unrecognized liabilities are not accumulating under the self-insurance program. Furthermore, it is crucial that actuarial analysis is used for projecting losses and in determining loss reserves to avoid significant unfunded or unrecognized liabilities.

• 2.    Service and Product Pricing - An accurate accounting and assessment of costs associated with operational losses can be important in both pricing the institution's products and services and in determining those business areas which are profitable and those which are not.

• 3.    Investment of Funds - A funded program allows specific investment income to be earned on the funds comprising the funded loss pool. This, in turn, offsets the cost of the losses themselves.

 When a banks actually establishes its own insurance company it is also called "single parent captive". Such insurance companies actually act as a re-insurers, using the services of a licensed insurance company to issue policies and handle claims. This licensed insurance company is often referred to as the "fronting" insurer. Under this arrangement, the fronting insurer does the insurer's claims handling and loss control services, satisfies various legal and regulatory requirements concerning policy issuance, and may also satisfy creditors shareholders, regulators, and other interested parties The "fronting" insurance company actually assumes the primary legal obligation for the payment of claims. Thus, if professional indemnity is insured in the captive but the bank becomes insolvent, the "fronting" insurer issuing the professional Indemnity Policy is ultimately responsible for the payment of all incurred claims, regardless of whether it is able to collect from the captive or the bank. Therefore, while the use of single parent captives may provide a potentially viable vehicle for managing operational risk within a single bank, its use must be carefully evaluated in relation to legal implications within the Kingdom.

Unfortunately, some banks treat the purchase of insurance essentially as "commodity', transaction being driven entirely by price. Consequently, it is routine for banks to place their insurance programs out on an annual tender offer basis, and place little emphasis on developing stable and long-term relationships with both brokers and underwriters. All financial markets reward stability and consistency and the bank insurance market is no exception. The effect of this instability and fragmentation in the some of the insurance market has been two-fold.

Quality of underlying re-insurance - When account relationship is perceived by the both underwriters and brokers to be totally price driven, it is often impossible to re-insure the risk with the most reputable and stable re-insurers. This means that brokers must often place the risk with .re-insurers of lesser quality and stability. This, in turn, frequently leads to difficulties in claims settlement and other coverage issues, as weaker re-insurers are often reluctant to settle even the most valid of-claims. In addition, brokers also tend to charge a premium for these types of placements - meaning that brokerage commissions are higher as a percentage of overall cost and it is often difficult (if not possible) to find out the exact extent of these charges or to get full visibility into who the re-insurers are on the cover.

Lack of Enhanced Coverages and "Value Added" Services - Brokers and underwriters reward stable long-term relationships with the provision of "value added" services and enhanced coverage. Both brokers and underwriters add value to relationships through such vehicles as underwriter/broker financed risk management, audits and consulting services, assistance in structuring risk financing programs (such as captives, pooling arrangements, and finite programs), and other forms of expert operational risk management support. Long-term and stable relationships also invariably bring with them an increased willingness by underwriters to enhance coverage within existing premiums and deductible levels, to provide more favourable policy wording, and to continue to renew coverage even in the face of loss. Banks should consider the possibility of multiple year insurance contracts and also negotiating broker services based on fees as opposed to commissions.

Although globally over fifty different types of insurance coverages are available specifically for banks, six types are of primary concern.

The Bankers Blanket Bond/Financial Institution Bond (BBB/FIB)- This coverage generally consists of six basic insuring agreements: employee dishonesty, loss of property on premises, loss of property in transit, forgery, forged securities, and counterfeit money. The BBB/FIB has traditionally provided the cornerstone for any bank insurance program. Although, most banks world-wide purchase this coverage, which is mostly a function of management's perception of operational risk exposures as well as generally accepted business customs. Further, there are no rules either formal or informal for establishing bond limits. Only in some jurisdicticus there are legal or regulatory requirements that a financial institution purchase a BBB/FIB

Electronic and Computes Crime (ECC) Coverage -The ECC may either be a separate or stand-alone policy or appended to the BBB/FIB. It is designed to respond to financial loss from third-party fraud or mysterious and unexplained disappearance relating to the insured computer or telecommunications systems. It is for this reason that ECC coverage may not be written without a BBB/FIB being present. The ECC (in its London form) currently consists of eleven insuring agreements i.e Computer Systems, Insured Service Bureau Operations, Electronic Computer Instructions, Electronic Data and Media, Computer Virus, Electronic Communications, Electronic Transmissions, Electronic Securities, Forged Tele facsimile, and Voice Initiated Transfers. Generally, the ECC is purchased in the same limit as the BBB/FIB since it is truly a companion piece to the BBB/FIB.

Directors and Officers (D&O) Coverage - D&O coverage indemnifies directors and officers of the bank against liability claims arising from alleged negligence, wrongful acts, errors and omissions. The wording and insuring agreements of directors and officers policies are specific to the jurisdiction in which the coverage is being written. On a global basis, D&O coverage is rapidly overtaking the BBB/FIB as a institution's most important and expensive form of transferring operational risk through insurance.

Professional Indemnity (PI) Coverage - Unlike Directors and Officers liability insurance, banks professional indemnity coverage is intended to provide insurance to the bank itself against claims arising from alleged errors or omissions committed by bank's employees and officers in the performance of their professional duties(fiduciary and operations), investment advisory activities, private banking, etc. This is driven by the shift in emphasis away from lending income into income streams generated by fee for service.

Payment Card Coverage - Coverage for losses incurred by banks as the result of counterfeit, forged and or altered payment cards is currently available through most international payment card organizations such as VISA and MASTERCARD. This coverage is designed to address counterfeiting, forgery and or alteration of both the embossed plastic as well as magnetic encoding on the card. In addition, specialised coverage for merchants, banks, processors, and independent service organizations against fraudulent and/or excessive charge baclcs by participating merchants has recently been introduced. Underwriters view the loss, theft, or misuse of cards as a completely uninsurable risk. Therefore, no coverage for this exposure is available in the market.

Given the potential profitability of payment card operations, growing consumer demand for these services, and the potential for enhanced sharing of credit data between Saudi banks, it is inevitable that the number of payment cards in circulation within the Kingdom will increase dramatically in the near term. It is also inevitable that given global trends in payment card, fraud losses to banks will increase substantially. To address this growing operational risk, banks within the Kingdom will need to take a hybrid approach consisting of loss prevention, and regular and self insurance of risk.

Loss Prevention - The payment card industry has found that the most effective way of dealing with card fraud and abuse is prevention. Careful screening of both cardholders and participating merchants, on-line monitoring and analysis of account activity, anti counterfeiting measures, sharing of fraud information among institutions. and aggressive investigation and persecution of abuse has significantly reduced losses on a global basis. As Saudi banks increase their participation in the payment card market, it will be essential that they establish with the assistance of organizations such as VISA International and MASTERCARD International viable and effective loss prevention programs in this area.

Internal Risk Financing - All banks involved in payment card operations must understand that a certain level of loss to fraud is simply a cost of doing business. While loss prevention programs may keep this amount within manageable limits, each institution must establish self insurance mechanisms - funded retention, loss allocation, contractual transfer of risk to address these losses.

External Risk Financing - Due to the relatively high cost and coverage restrictions of conventional insurance, Saudi banks should explore the possibility of using alternative forms of external risk transfer including risk retention groups, risk pooling, and group captives to address the financing of their exposures.

Political Risk Insurance - First written in the early l96o’s, political risk insurance is designed to facilitate stability in international trade and investment by indemnifying certain operational risk associated with political and regulatory activities in the counterparty country. This type of coverage is written by commercial underwriters in the United States, the United Kingdom, and Western Europe. In addition, it is also available through the facilities of the Multilateral Investment Guarantee Agency (MIGA) of the World Bank. Political risk insurance may be written to cover a number or areas:

Confiscation, Nationalization, Expropriation, and Deprivation (CNE&D) This is most commonly purchased form of political coverage. These policies are generally used by organizations with assets permanently located in another country and respond when these assets are taken over by government action.

Contract Frustration - This entails the nonperformance or frustration of a contract with a overseas customer through an invalid action by that customer. This invalid action wrongfully invalidates an overseas transaction in such a manner that the bank is unable to obtain payment for its services or recoup its assets.

Currency Inconvertibility - This type of loss occurs when payment occurs in local currency and the local government is unable or unwilling to exchange the currency at prevailing market rates. This has traditionally been a problem in many developing countries.

Trade Disruption - This types of losses are associated with interruption of trading activities due to war, strike, change in government, or change in law or regulation in the counterparty country. Trade disruption coverage can provide protection not only for the direct loss of revenue associated with the disrupted transactions, but also potential loss of earnings, extra expense, loss of profits, and loss of market.

One of the major "revolutions" which has taken place in the bank insurance industry globally has been in the area of retention find deductible levels. Many banks have realized that retaining and financing significant portions of their operational risk exposure simply makes good business sense. No longer can insurance be used as a substitute for sound management and loss control. Generally deductibles should be used to eliminate coverage for, losses that are apt to occur with some degree of regularity. For example, when purchasing employee infidelity coverage under the BBB/FIB, the deductible level for employee dishonesty should be set sufficiently high to eliminate low level theft of cash by tellers and ATM technicians which occur rather frequently.

There are two primary types of deductibles:

Straight Deductible - This is a flat amount that is subtracted from each loss. The sum insured is then paid over and above this amount of retention.

Aggregate Deductible - These types of deductible protect against a series of losses which, in total, may exceed the amount which can be safely assumed by the bank. Often written in conjunction with a straight deductible, this "stop loss" protection limits the total amount of losses to be absorbed to a specific amounts An aggregate deductible may apply annually or during a specified policy period, may limit the amount to be retained by the accumulation of a number of deductibles, or it may require that claims in total exceed specified amount before coverage is afforded.

While many approaches have been devised by both insurers and insiders to determine the "correct" level of deductible, the most commonly used method is to calculate the deductible as a percent of total assets. The rationale behind this approach being that the larger the institution in terms of asset base, the better its capability to absorb losses without resorting to insurance. Currently. the factor used by many underwriters in determining the minimum deductible level is approximately .0005% of total assets. Thus, using this factor as a guide, a bank with assets greater than SR 60 billion should, as a minimum, be retaining approximately SR 3 million loss as its deductible for BBB/FIB, EEC, D&O, and PI coverages, with a negotiated deductible of SR 5 million as being optimal from the insurers standpoint.

One of the significant methods for measuring the effectiveness of banks in managing their operational risks is the evaluation of the losses. In evaluating levels of loss several factors should be kept in mind:

Recurring Vs Catastrophic Losses - In general, routine recurring losses (small teller frauds, thefts of cash from ATMs, low value check forgery, etc.) should not exceed the banks deductible level. Although, all banks should attempt to control and reduce these losses to the lowest practical level, some losses must be expected as a cost of doing business. In fact, implementing a true "zero loss" environment would probably be far more costly than simply observing an acceptable level of small losses. Insurance should be viewed as catastrophe cover and should only be used to assist the institution in dealing with the consequences of "low probability and high cost" risks. Again, insurance should not be used as a substitute for sound and effective management of operational risks.

Frequency, of Claims Payment - If deductible levels have been established properly underwriters expect to pay a loss on an account every 7 to 10 years. However, with a loss frequency of more than 1 per 5 years indicates both a deductible level which is too low and problems with the bank's internal controls

Allocation of Losses

In an organisation, such as a bank which consists of many different departments and subsidiaries. it is good risk management to charge a unit directly for its losses However, it may be very difficult for smaller units to handle their self-insurance as self-insurance levels may be handled more easily by large units or subsidiaries. Therefore, in order that all units be allocated their fair share of premiums and loss costs, it is often necessary to establish an internal pooling or loss allocation system. Banks may add to the credibility and create accurate allocating systems by using acturial methodology and techniques. Such a system allows for the direct allocation of loss in some cases and the sharing of loss in others. This can make a system of higher deductibles practical.

For example, consider a bank with fifty branches and other non bank subsidiaries. A SR 5 million loss spread among the fifty units in one time period would amount to SR 0.1 million on the average. If an appropriate deductible is charged to the unit that actually suffered the loss and loss-sharing levels of the other units are adjusted relative to their size, a relatively large loss may be absorbed relatively painless. Further, very large losses could be amortized over a period of years. However, there are two important issues to consider in constructing such a system.

Penalize Frequency; Accommodate Severity -Allocation system should penalize frequency and be more forgiving of severity. This is based on the fact that severe or the high cost low probability risks" are far more difficult to control than incidents which to occur frequently and that if many incidents are allowed to occur frequently, it is inevitable that one or more will be severe. For this reason, charging units directly for loss costs can significantly improve loss controls, but the size of the penalty should be appropriate to the size of the operation.

The System Must be Accurate and Understandable - Allocation systems must be both accurate and clearly understandable to unit managers. Many allocation systems have failed because they became very complex in an attempt to create a degree of accuracy that may serve no useful purpose. The following example may serve to illustrate the point:

In this bank, a deductible of SR 1 million is set for Head Office and other wholesale nondepository subsidiaries (i.e trust company, the private bank, etc) while deductible as low as SR 50,000 are set for the small branches - a total of 35 units. Each unit pays 100% of its deductible for losses occurring in its units, and 50% of the loss in excess of the deductible up to an amount no greater than 150% of the stated deductible amount. Thus, a unit with a SR 50.000 deductable would pay the first SR 50,000 of the loss plus 25,000 of the next 50,000 loss for a total possible deductible of Sr 75,000. All units then share equally an excess losses up to the institution's aggregate of SR 1,000,000 deductible. Therefore, the largest loss which could be shared is SR 925,000 which when divided by 35 units is SR 26,428 per unit. If this is still too large a burden for the smaller units, the risk sharing percentages may be adjusted or a cap set on the maximum loss to be borne by smaller units, with the remainder shared corporate-wide.

In evaluating the level of premiums paid by banks for their insurance coverage it is useful to use the standard insurance industry metric of “Rate on Line”_ This is simply the . ratio of premium charged to sum insured (i.e. premium charge/sum insured = "Rate on. Line"). Globally, the spread for Rate on Line runs between 1% - 2% for highly preferred risks with excellent loss records and high retention to approximately 10 % for low quality risks with high loss records and low retention.

Therefore, as may be readily seen insurance pricing is designed to insure that underwriters will recapture the cost of all but the most catastrophic (and lowest probability) losses through the premium structure The premiums of conventional insurance programs may be structured in a number of ways:

Guaranteed Cost Programs - The standard approach for determining a bank's insurance premiums is by means of a guaranteed cost rating. most Saudi banks currently use these types of insurance programs. The guaranteed cost plan is intended to pre-fund all losses that are expected to occur during the policy period. This approach applies predetermined rates to an exposure base to determine premiums. The premium is guaranteed in the sense that it will not vary. However, depending on actual loss incurred during the policy period, premiums may be adjusted at renewal to reflect actual exposures which existed during the rating period. Therefore, reserves for losses that have been Incurred But Not Reported (IBNR) or paid remain with the insurer and investment income accrues to the insurer and the insured receives no benefit from them. However, if the insured has poor loss experience during the policy period, the insurer has no recourse for these which could far exceed earnings generated from the reserves.

Retrospective Rating Programs - Retrospective rating programs are based on the risk management ability and performance of the bank. For these arrangements which offer the insured the opportunity for substantial cost savings over a guaranteed cost plan if the loss record is good. Consequently, if the loss record is poor, the insured may end up paying more premium to the insurer than under self-insurance. Retrospective rating programs offer a system of rewards and punishments depending upon the effectiveness with which the bank manages its risk. Retrospective programs may involve a variety of methods.

No Claims Bonus - The simplest of the retrospective rating programs is the no claims bonus. Under this type of policy a percentage of the premium is returned to the insured at the end of the policy period if no claims are filed with the insurer.

Incurred Loss Retro- Here, an initial premium is paid at policy inception and is adjusted during subsequent years as actual incurred losses become known - with deposit premium being adjusted upward or downward based on loss experience. Generally, premium adjustments are computed annually and a minimum is established for the protection of the insurer. It is adjusted on the basis of losses that have actually been paid, as opposed to losses that have actually occured which may be more than losses that have been paid. This eases the insured's cash flow problem and allows the use of the loss reserves. The difference Between the standard premium and the amount paid by the insured is normally secured by a Letter of Credit or other acceptable financial guarantee.

Loss Multiplier Plans - Since all retro methods are essentially cost-plus contracts, a simple way to compare retros is by comparing the amount of "load" for non-loss costs on a percentage basis. Dividing the premium by the incurred losses gives an index known as the Effective Loss Multiplier (ELM) - thus a plan with an ELM of l30% is less expensive than plan with an ELM of 150%. Some plans utilize this-concept for determining the premium by simply multiplying the incurred losses by a stated loss multiplier subject to agreed upon minimum and maximum premium levels. This greatly simplifies the calculation process for both insured and insurer.

Present Value Discount Plans- Under these plans, losses are forecasted and then discounted back to present value at some agreed upon interest rate. Insurer expenses are added and a flat premium is charged. This premium is intended to be adequate to cover losses and to avoid the need for adjustments. However, most plans include provisions for eventually adjustment if actual losses are substantially higher or lower than expected.

Fixed_ Cost Participating Dividend Plans - This type of program is really a hybrid between retrospective and guaranteed costs policies as it gives the insurer an option to return a portion or all of the under-writing profits to the participant if it chooses, but generally does no allow the insurer to charge an additional premium for worse than expected losses. While the potential savings are not as great as under a pure retrospective program, the insured is in a no loss position. This is because maximum premium which may be charged is equal to the guaranteed cost premium less any applicable "dividend" discounts granted by the insurer.

Multiline Aggregate Program - Becoming increasingly more attractive as operational risk exposures rise, multi-line aggregate programs use a single insurance policy to cover all of the institution's exposures subject to an aggregate deductible applied to all covered losses. Once the aggregate deductible is satisfied by the payment of one or more claims, the policy would respond to any additional losses upto the aggregate limit. The theory is that by combining the various types of insurable exposures the overall predictability of loss costs is enhanced. An insured may then pay directly for planned and budged loss costs and rely on the multi-line aggregate policy to cover unplanned "high value low probability risk".

Banks which have strong internal audit and investigative functions and are able to properly document losses, generally experience little difficulty in getting claims paid in a prompt and satisfactory manner.

As a very general measure, insurers typically pay about 75% of the claimed value for about 90% of the items for which legitimate claims are submitted. Therefore, if an insured submitted ten legitimate claims totaling SR 1 million in a year, they could reasonably expect to receive between SR 600,000 and SR 800,000 in compensation less deductibles. It is extremely important that the bank clearly understand what is covered and more importantly what is not covered under the insurance contract. The filing of frivolous claims for which no coverage was contemplated in the policy not only creates extra work for the banks but also serves to antagonize both brokers and underwriters. However, it should be noted that claim payment is almost entirely a function of the quality of claims. Fully documented paid in full by underwriters, while poorly documented claims are, at best settled for a negotiated amount below that claimed or denied completely. In addition the quality of claims documentation and processing by both the bank and its broker directly effects the speed with which claims are settled. If underwriters must repeatedly request additional documentation in order to reach a settlement decision, claims processing becomes a drawn out and cumbersome process. In addition, if a bank has inadequate audit trails and investigative documentation procedures it will be necessary to secure the services of outside accountants, attorneys' or loss surveyors to conduct a proper investigation and generate claim documentation which will be acceptable to the underwriter. This process is both costly and time consuming and materially erodes whatever financial settlement is ultimately reached with the insurer.

It should also be noted that nowhere in any BBB/FIB or ECC contract a condition precedent to liability exists which requires a court judgment against a perpetrator to prove a claim. In fact, no condition precedent to liability exists in the insurance contract that incidents of either internal or external fraud be reported to the police.

Although this may be a legal/regulatory requirement and is certainly a prudent action on the part of the bank.

Although they are established as insurance companies, they are more properly viewed as self-insurance mechanisms. Risk retention groups, group captives and risk sharing pools are simply cooperative risk funding vehicles designed to write insurance to cover risks. They maybe formed to reduce insurance costs within a specific group of participants, increase limits of coverage and secure more favourable terms of coverage, or to spread the risk as compared to going without insurance entirely.

Pools are developed by group captives and self insureds that wish to transfer some of the risk they have agreed to assume. Pooling arrangements frequently occur when group captives cannot find adequate reinsurance or the cost of such reinsurance is excessively high relative to the risk. Thus, participants in a risk retention group, group captive or pool should understand that they are participating in self-insurance. Viewing the captive or pool in this manner is important for two reasons:

Paying for Loss - With the exception of reinsurance for potential catastrophic losses, the group will pay for virtually all of its own losses.

Pooling the Risk - Experience indicates that the "average premium" theories that underline traditional insurance industry thinking are valid only if good risks are willing to stay in the pool with the bad risks.

These are captive insurance companies formed by brokers or agents to provide coverage for their insured. These types of captives increase the probability that brokers will have a market into which to place their insured and therefore may allow them to offer broader levels of coverage than that offered by risk retention groups or group captives.

A highly specialized form of captive operation. These companies are designed for firms that do not want to own a captive but want to obtain some of its advantages. A rent-a-captive is formed by investors and is operated as an income producing business. An insured pays a premium and usually pays a deposit or posts a letter of credit to back up its business. The operators of rent-a-captives handled the operations and claims for the insured and place the reinsurance. .At the end of the policy period the insured is paid a dividend based on incurred losses, operating expenses, and cost of reinsurance.

Finite risk works best in situations where a severe loss is possible. A typical finite risk prospect is an organization which has a high severity/low frequency loss situation (i.e an "upstream" professional liability loss from overseas derivative trading) for which inadequate insurance coverage is available in the conventional market or the cost of the coverage is prohibitive.

Frequently, a bank will use a single-parent captive to front a finite program to fill the middle layer of operational risk - above the self-insurance used for smaller recurring losses and below commercial insurance used for catastrophe cover - although some insurers have used finite insurance on top of self insurance and handled the upper layer of risk through a captive.

An example of how a finite risk program can handle a high severity/low frequency situation might be that of an investment banking firm which has developed a new series of global derivative trading products. To fully exploit the potential market the firm wishes to spin off this function as a separate operating subsidiary through an Initial Public Offering (IPO). However, investors are concerned that, given current liability issues involving derivative trading products, the proposed firms professional liability exposures are inadequately covered, since they fear that a professional liability loss in the first year of the IPO would drive insurance premiums to a prohibitive level and/or severely deplete capital. To address this issue, a program is structured utilizing both finite and conventional insurance. The finite portion consists of a five year program with a guaranteed premium for the underlying primary finite layer. For coverage in excess of this primary finite layer, commercial insurance is used since premium rates in the excess layers are less than using the finite market. This program gives the firm precisely what it needs during the critical IPO phase - maximum transfer of risk with a guaranteed premium level for five years. In addition, if there are no significant losses over the period of the finite contract, the firm will receive a return of premium at the end of that time.

One of the primary attributes of any finite insurance program is the ability to address the financing of liabilities over a multi-year period, thereby minimizing the impact of a severe loss in a single year. In addition, finite programs also minimize the "financial costs" of insurance - the cost of going into the market year after year to renew policies and being subject to market cycles. It also help building and strengthening long-term relationships with insurer. Since going into the market on an annual basis is highly inefficient, finite programs are designed to maximize the allocation of premiums to loss payments and minimize their use for transaction costs and overheads. '

One of the most attractive aspects of finite insurance programs is the possibility of premium reduction through the return premium mechanism. In return for limitation of liability through an aggregate cap and for a guarantee of premiums over a specific period of time, the insurer agrees to share underwriting profits with the insured in the event of favourable loss performance.

As with all approaches to managing operational risk. finite risk insurance has certain drawbacks:

Risk Management Expertise - To effectively blend the internal and external financing elements necessary in a successful finite risk program, it is necessary that management clearly understands the nature and magnitude of the bank loss exposures and is willing to pav for a significant portion of these exposures through self-insurance. Banks' must have a very clear view of the financial resources they will need for these programs. Since these programs are multi-year in nature, a bank must be certain about its future period cash flows and how much cash it wants to devote to the program. Otherwise finite risk management programs simply will not work more effectively with structuring the program than will normal conventional insurance.

Cost - Since finite programs are typically structured for three to five years, they may represent a higher initial cost both in terms of guaranteed premiums and costs associated with structuring the program than will conventions insurance. They are certainly more expensive than self insurance. In addition, failure to control losses over the period of the contract may result in no return of premium one of the primary advantages of finite programs,