| 2. | YES | NO | COMMENTS |
- Is there any inventory of the institution's tangible and nontangible resources which may be subject to operational risks. These may include the following:
| | | |
- Physical Assets (i.e. physical plant, systems, real estate, etc)
- Financial Assets (i.e. cash, securities, negotiable instruments, etc.)
- Human Assets (i.e. employees, officers, directors, customers, shareholders, vendors and contractors, etc.)
- Intangible Assets (i.e. reputation, good will; etc.)
|
- Are operational risks with respect to new acquisitions, divestitures, expansions, or downsizing been identified. These may include the following:
|
- Physical Assets (i.e. physical plant, systems, real estate, etc.)
- Financial Assets (i.e. cash securities, negotiable instruments, etc.)
- Human Assets (i.e. employees, officers, customers, share holders, vendors and contractors, etc.)
- Intangible Assets (i.e., reputation, goodwill, etc.)
|
- Can the bank identify actual and potential loss exposures and risk events for all products and services currently being offered or proposed for implementation. Such risks may include the following:
|
| Criminal acts including fraud, forgery, robbery, burglary and counterfeiting ? |
| Direct loss of injury to or sickness of personnel ? |
| | | * | | Loss or compromise of information / data ? | | | | * | | Direct loss of or damage to physical property ? | | | | * | | Consequential loss and or loss of use ? | | | | * | | Customer Contractual Liability ? | | | | * | | Tort and Product Liability ? | | | | * | | Statutory and Regulatory Liability (Legal and Regulatory Compliance ) ? | | | | * | | Political risk and regulatory instability ? |
|
- On at least an annual basis, are formal qualitative and quantitative analyses conducted to measure the level of current operational risk?
|
Does this analyses include. |
| | | * | | Judgmental risk estimates by senior staff and operational managers based on probable and maximum severity costs of a single occurance and / or aggregate losses in a single year ? | | | | * | | Assessment of risk event probabilities by senior managers and operational personnel ? | | | | * | | Review of available loss data from other banks institutions both within the Kingdom and internationally ? | | | | * | | Maintenance of a data base of incident reports and exposure and loss history for both insured and uninsured losses ? | | | | * | | Comparison of past losses and loss ratios to the premium and exposure bases ? | | | | * | | Analysis of trends, reporting, and payment patterns for past losses ? | | | | * | | Decision and event tree analysis ? | | | | * | | Scenario development (including "worse case" analyses) ? | | | | * | | Frequency and severity analyses and projections ? | | | | * | | Preventive measures in place ? |
|
