Literature Review of Graduacting Project Finance Essay

The purpose of this literature review is to understand how the operational risks are managed, prevented and how much it cost by non-managing and managing it for financial establishment. To study the operational risk management of banks and the impact of the non-management of operational risks for a French financial sector, our research will particularly focuses under the certain financial regulation like Basel III and scientific articles about the management of operational risks. It will permit to have a clear idea of the positions of those companies about it. Firstly, we are going to have an overview of risks in general then operational risks for different types of business companies to then evolve on worldwide regulation towards the latest one Basel III. The literature review is going to be based on scientific reviews and the Bank for International Settlement reports for studying position of regulators and banks about operational risks. To better know of what the topic is all about, it is compulsory to explain how are define the risks for Basel committee and then go further with the operational risks. The BIS (Bank for International Settlement) has created in 1974 the Basel Committee on Banking Supervision (BCBS) in Basel in Switzerland. The aim is to create a worldwide banking regulation by publishing a set of minimum capital requirements for banks however the Committee cannot obliged countries to follow those rules. The representative’s members are from central banks and regulatory authorities mainly from leader countries i.e. G 20 countries and they use to meet 4 times per year. It has been created because of the systemic impact of the bankruptcy of Herstatt Bank in Germany.

Basel I in 1988 focused on the capital measurement system with the COOKE ratio where 8% of a credit has to be financed by bank equity. Then Basel II in 2004 has as goal to create an international standard for banking regulators to control how much capital banks need to put aside to guard against the types of financial and operational risks banks (and the whole economy) thanks to the Mac Donough ratio. For Jayamaha (2005), Basel II needs a separation between the capital allocations for operational risk. This ratio does not only take into account the credit risk but also the operational risk and the market risk (cf bcbs 196). In response to crises and the bankruptcy of Lehman Brothers, banks have from 2013 to 2018 to implement the new rules adopted of Basel III. For Basel committee (bcbs 222), the risk management will be part of the politic of banks and that decisions “in terms of risk coverage, analysis and interpretation, scalability and comparability across group institutions” will have be take to as a priority i.e. “A bank should determine risk reporting requirements to best suit its own business models and risk profiles. For example, an aggregated risk report should include, but not be limited to, the following information: capital adequacy, regulatory capital, capital and liquidity ratio projections, credit risk, market risk, operational risk, liquidity risk, stress testing results, inter- and intra-risk concentrations, and funding positions and plans ” As the regulation advice, managing all the risks (specific, systemic, liquidity, counterparty, interest rate, FOREX, operationalA¢â‚¬A¦) are the most important to not lose money for companies.

This interrogation is very important for the financial sector because it is one of the main reasons where most of the problems come from leading a loss of money and then clients. Almost all of the banks and big brokers have a risk management department but it is still quite new in this sector. In this regard, the BIS took into account numerous factors that have an influence over the value change: volatility, credit rating, correlation with risky assets, investors’ confidence (the flight to quality), and the liquidity of these assets (that is, the speed at which they can be traded without a loss of value). It has been found that these factors have a crucial impact on banks’ profitability and solvency, and that banks should have a tighter risk management policy regarding the counterparty risk (avoidance of exposure above 1% of the total balance sheet) and the quality of assets (they should not be pledged, nor collateralized). This study is a good start to analyze the Basel III ratio as it establishes the variables that have an influence over banks’ financial positions. Thus, operational risks began to be managed from Basel Agreement II in order to allocate an amount of equity.

Before those companies was not managing those risks and realized that after scandals, frauds and crises that it was mandatory to take into account the operational risk in the management of the banks. This topic is actual because it has been highlighted thanks to the different crises, fraud and events that occurred this last 4 years. These events have showed that managing risk especially operating risks is essential from different point of views. Besides, operational risks are linked to people, to the management, the intra and inter-communication. A good management can avoid spending money for mistakes that you be averted and keep a good reputation.

Thus it will go through a huge improvement for banks and huge development for brokers these next few years. Thereby this graduating project will be based on being efficient in case of operating problems and control at the maximum operational risks. First of all, an operational risk is defined for the Basel committee as the “risk of loss resulting from inadequate or failed due to procedures, human factors and systems or from external causes. Legal risks are not included but strategic risks are” (BCBS, 2003). Nonetheless, this definition evolved during the creation of Basel II because at the beginning the Basel committee didn’t define it like that. However not everybody is agreed on this definition, Vanini (2004) criticized it and Wild West Semantico defined it as “any risk other than credit risk and market”. To come back to Basel II agreement, it structured the operational risks in 7 types : internal and external frauds, employment relation and safety at work, customer, business and product relations, damage to physical assets, business disruption and system failures and execution of operations, deliveries and process which allow us to study on different cases regarding on what face more a broker. Jobst (2007) agrees on the definition below by splitting it in two categorizes : internal and external operational risk. He spilt internal risks in various risks as people risks by attributing loss exposure to the potential for failure of people “from management failure, organizational structure or other human failures, which may be exacerbated by poor training, inadequate controls, poor staffing resources, or other factors”, then the process risk, ” with the breakdown of established processes, failure of following processes or inadequate process mapping within business lines and finally technology or system risk, “which reflects the operational exposure to disruptions and outright system failure in both internal and outsourced operations”. These risks are applicable in the course of regular business operations, such as breaches in internal controls and monitoring, internal and external fraud, legal claims or business disruptions and improper business practices” but also goes more further by defining it “as the risk of some adverse outcome resulting from acts undertaken (or neglected) in carrying out business activities, inadequate or failed internal processes and information systems, misconduct by people or from external events. This definition includes legal risk from the failure to comply with laws as well as prudent ethical standards and contractual obligations, but excludes strategic and reputational risk”. On the side of external risk, Jobs (2007) expand his point of view based on “environmental factors, such as a new competitor that changes the business paradigm, a major political and regulatory regime change, unforeseen (natural) disasters, terrorism, vandalism, and other such factors that are outside the control of the firm”. For Jarrow (2008), he defines the operational risks into two types which create loss processes.

The first one is “the risk of a loss due to the firm’s operating technology” and the second one “the risk of a loss due to agency costs”. He argues that the “current methodology for the determination of economic capital for operational risk is overstated. It is biased high because the computation omits the bank’s net present value (NPV) generating process. Although it is conceptually possible to estimate the operational risk processes’ parameters using only market prices, the non-observability of the firm’s value makes this an unlikely possibility, except in rare cases. Instead, we argue that data internal to the firm, in conjunction with standard hazard rate estimation procedures, provides a more fruitful alternative”. So the assessment and the management of operational risks are different regarding activities in the financial sector ant countries. We also have to adapt the estimation of operational risks regarding the type of companies i.e. banks, credit establishment, brokers and also on the countries where the businesses are based Spain, France, England, China, India, United StatesA¢â‚¬A¦that’s why we are going to do. Operations risks are linked to internal control and analysis of internal losses of companies. To take into account the percentage of those risks, a risk mapping has been done and imposed for and by banks. For Bon Michel (XXXX 71930056) “This approach is part of an effort to streamline the complexity in an uncertain world” with the crisis, we had the demonstration in the financial sector where figures mean everything and nothing at the same time. So this mapping risk was created to reassure managers, regulatorsA¢â‚¬A¦. But for Bon Michel (XXXX 71930056) “can we really trust the results of the mapping?” Taleb (2009) thinks that : “Rationality itself could be an obstacle to the identification of a risk often characterized by the interdependence of causes because of the complexity”. Operational risks, as we saw on Basel, are linked to people so that risk by nature is strongly linked to the human component (Power, 2005). “It is then in a continuous process of interaction that the construction of intelligence risks can generate a change in the perception of risk by the same individuals and thus of their actions”. Bon Michel But we also have to adapt the estimation of operational risks regarding the type of companies i.e. banks, credit establishment, brokers and also on the countries where the businesses are based Spain, France, England, China, India, United StatesA¢â‚¬A¦that’s why we are going to do. To begin with Hedge Funds, the definition of operational risks is slightly different.

For (CAPCO 2005) it includes the operating environment of the fund i.e. “middle and back office functions such as trade processing, accounting, administration, valuation and reporting”. This combination of “Multiple Risks”spans these categories. The evidence of non managing risks has been highlighted especially for Hedge Funds From a survey [1] , it resulted that over 10 years (1996-2006) half of the hedge funds went to bankruptcy because of an insufficient control of operational risk only (43843882). For most of them, fraud is the main reason i.e. embezzlement or false valuations of capital. (43443142 d©ja r©f en bas) as the graph below shows (CAPCO 2005) : Figure 1: graphs showing the different types of risk failure and the detail of operational risks Breakdown of Fund Failures Attributed to Operational Risk Only by Operational Issue The opacity of the management of operational risk exist because those companies are not obliged to provide information to investors about the management process and risks linked to operational risks. Besides, Hedge funds have a specific structure, usually off shore companies trading on OTC (Over The Counter) in illiquid products market or by doing arbitrage so it result that operational risks are specific thus it is less easy to prevent it. Regulations tried to implement for each complex product a prospectus. However, all the operations risks cannot be mentioned on it and defined due to a lack of maturity of the industry and its opacity so these prospectus alert investors to be aware of the risks known. “Risks related to the operational weaknesses of hedge funds significantly outweigh the levels of financial risk, which are usually the focus of the managers’ attention and investors’ concerns.” If we assume that the universe of investable funds is 2,500, the failure rate can be estimated at 0.6%, which represents a very high probability of default in the context of funds of hedge funds that invest in 10 to 25 vehicles EDHEC Une meilleure prise en compte des risques op©rationnels sera n©cessaire pour retrouver la confiance des investisseurs notamment à la suite des scandales r©cents SOL : managing operational risks – working paper EDHEC Credit establishments have to follow Basel rules (BCBC, 2006) and regulations. For example, Power (2005) established that the “operational risk assessment differs from traditional risks of the bank including the absence of known outstanding. It is diffuse, multifaceted and ambiguous”. That is all the complexity of the assessment of operational risks. It is based on the probability of a risk occur. And the risks as we saw before are various so even more difficult to manage and prevent. Banks are split in different activities; traditionally it is composed of retail banking, corporate and investment banking.

However, these last few years’ banks developed a new service, the online banking specialized in stock exchange for individual investors. This was really an expectation from customers so most of the French banks have their own online brokers under a different brand name.

They are doing advertising to bring the clients of the retail bank but also clients from others competitors. Those brokers had a huge development and didn’t focus on risk management. Usually the Director of Operation also deals and solves the risks problems in these small entities. All the banks for traditional activities and others brokers in France or abroad particularly in the FOREX market have a risk management department because they understood it was primordial.

Thereby we will focus more on what has been done and developed in those companies and how it has been treated on the research side. The operation risks are those that use the most of equities after credit risks. To solve the operating losses, three strategies have been implemented in the banking system : the internal controls inside the department i.e. the back office and the management control the operations, the internal audit where a specialized department checks the operations to ensure that policies and procedures are followed and external audits where it is an external and independent institution who checks the financial statements and more. Those three actions permit to reduce operational risks and its cost. To focus on internal controls, for Arnold, Larsen, Hollinger, O’Doherty, and Milne (2008), the problem of banks is that they don’t care about it and are done by a “spawned allegations of moral hazard” and for Anna Chernobai, Philippe Jorion, and Fan Yu (2011) this is the “consequences of a weak internal control environment” so it makes loss an enormous amount of money”. In the same article, they illustrate it by taking the example of the Trader Jerome Kerviel in Soci©t© G©n©rale in 2008 that made a loss of $7.2 billion “due to unauthorized trading” and that the management did nothing by letting him trade. However, for Alberto Balestra (2006), there is “existing internal control procedures” but because of a “lack of compliance” companies makes big losses. For the internal and external audit, the approach is quite different, the first one has to be permanent and the second one is usually periodic. The Basel committee defines what the banks have to do to manage its internal audit of its operational risk like create an operational risk management function “responsible for codifying firm-level policies and procedures concerning operational risk management and risk-reporting system for operational risk; and for developing strategies to identify”. And for the GCAP (group of Assistance to poor) the internal control is define by checking all the following points : “The financial information and operating data are accurate and reliable, the policies and internal procedures are followed, the business risks of the institution are identified and minimized, resources are used efficiently and economically, the institution’s objectives are being achieved and the external regulations are met”. J. Cernes agreed to say that “Internal audit sees his expanded role, including the control of new skills related to this development”. Although for Balestra (2006), the operational risk manager can have difficulties to do it so it has to “ask help from rely also on reengineers for this operational auditing”. From the external point of view of an independent auditor, C. Cox (2008) director of the Securities and Exchange Commission (SEC) agreed that “his agency failed to act for nearly a decade on credible allegations about Bernard Madoff, whose fraudulent internal controls allowed a Ponzi scheme that cost hedge fund investors as much as $50 billion” The goal of these auditors is to check the financial statements, records, transactions, and transactions of a structure by an external party to express an opinion on the financial statements of the IMF. However, Markus Leippold (2003) doubts on the notion of managing risk and more particularly on “finding a reasonable notion of diversification” but also on the evaluation and quantification of the benefits from altering value chains and work flow structures” For George S. Oldfield and Anthony M. Santomero (1997) “the level of effort focused on reducing these risks can be communicated to shareholders and cost-justified”. To conclude, for Leippold and Vanini (2003), the operation risk occurs at low frequency but it has a high impact. Usually it comes from of human behaviors. In 2001, the Basel committee realized a survey on 89 international banks, “a bank has been affected by an average of 528 instances of operational risks, mainly on retail banking, generating an average loss per unit average of 10 000 A¢”šA¬. It follows a gross loss average of 90 million A¢”šA¬ per institution”. For Jeffery Atik (2010) “Not all risks can be anticipated.

Indeed, it is difficult to manage risks that cannot be imagined (those that are outside of experience) although experience teaches that unanticipated and unimagined events do occur” in reference to those crises. So we can see the difficulties to understand and limit the impact of the operational risks. Lots of things have been done from the past events on how to calculate the operational risks with the Value At Risk (VaR) but almost nothing has been done yet to limit the impact of operational risks on the financial sector after the recent past events of these last four years. From what we saw, risk management has been studies on its definition or on the calculation on the VaR few years ago. However, the risk management is still quite new on the financial sector and even more for operating risks on the way how to manage it. Thanks to the past, it has to be re-studies to improve its management to avoid to repeat mistake and to find of the possible risks that it could occur. From few examples, when one problem occurs it costs a lot for the bank but it is quite surprising that it can still happen nowadays.

With the crises and recent frauds, it was obvious that nothing has been done on this topic. The Basel committee is working on Basel III thus the operation risks will be more controlled and highlighted. Like that, the banks would less suffer of the impact of a bad management of operating risks. Besides, after all the crisis and scandals like as seen earlier for Soci©t© G©n©rale’s case in 2008 or even for Barings in 1995, Calyon in 2006 or famous internal frauds like JP Morgan Chase in 2006, Bank of China in 2007 or commercial litigation in 2006 with the Deutsche Bank or fire in the headquarter of the Credit Lyonnais in 1996, these scandals do not give a positive image of the bank. The press uses to relay it in the headline for few days or months. Clients, customers read it and after the word of mouth begin.

This external communication cannot be controlled by the bank. Generally, this is the worse for a company.

The employees and managers suffer also of that so training has to be done to surpass the impact of the event and be able to give an answer to all the attack they have from the family and clients. This impact of the management of operation risks has never been studied in term of figures for the bank and from the human side. The intangible assets are a very important notion than operating risks affect for years like the brand name, the image, the reputation. Even external events affect banks like attacks because citizens do not trust in institutions, fear appearA¢â‚¬A¦ During the crises, the bankrupt of a bank or a scandal like Madoff’s system was able to affect the entire sector and by definition all the others banks, which lead that clients wanted to withdraw their economies. So it would be important to see what the impact of the management is in all those cases of systemic crisis. Ethic is a bad word in finance so it has to change by re-establishing a good image of the finance sector, in what way a new culture. The change has to be done from the top of the management i.e. operational risks could be avoided if a good management, a day to day management for example, would be implementing and if the employees would care about their banks. In this globalized world, people have to be reassured; the confidence is one of key word and important data that everybody forgot because the goal was to make money without any respect and trust toward the counterparty. The aim of the management of operational risks is to reinforce transparency and restore confidence.

That goal always existed but events, scandals have updated it. Operating problems majority come from an error from the machines or an error from the human. Thus to avoid it, it could be possible to implement very strict strategies to eliminate it by capitalizing the mistakes whether voluntary or not. The banks should, as what has been done before control and audit from a restrictive point of view but also train employees. A bonus could be given if the employee reacts in a good way, do not try to fraud and promote its company simply is a “good employee”. In my previous company i.e. a broker, there were a risk manager and all the employees received at the beginning a training to face to potential problems. This should be compulsory because it permits to go through all the problems with clients but also in intern with the crash of the trading platformA¢â‚¬A¦ In France, it is coming but not in this way, they oblige the employees to pass an internal exam to be apt to face to it, some companies ask to pass the AMF (French Market Authorities) certification. However it has to become compulsory to everybody, like that when employees know what they can or cannot do for an internal or external situation, they won’t try to cheat, hide or fraud because they will be aware of the damage that it can cost for them, for the department, for the company and at the end for the clients. Besides, different departments are involved in the management of operating risks, like the general inspection, IT, back office, communication, customer services, investors relationsA¢â‚¬A¦so all those employees has to be trained to face to it hereby one of the solutions is to reinforce the corporate culture, like that, employees will be involved in their job but also in the improvement of their company.

Sometimes, board of directors and managers are not also in the best position for that, because they can have strange behaviors and reactions i.e. panic of the management of Kerviel case. They can forget the common sense and act as individual careerists. It would be interesting to study the impact of training in time of crisis and how to react to those cases, like that companies would control the situation. Nevertheless to rebuild a good relationship with the clients, the big famous banks created online bank with less fees and more attractive contracts, products and new names than their mother societies. Those brokers were not impacted by the crises and by the bad image of the banker. The reason why, is because there are new companies with no background like the major banks where most of population believe that they are not clear, corrupted and use to make a lot of speculation.

Clients built this bad image on operating risks that occurs for banks. The managers didn’t get the important of those risks so it would be nice to study it by getting information from clients, employees and managers to understand the importance of the operating risk, the management that they do, how they prevent, avoid and communicate on it from an old and traditional but also from a broker point of view. To conclude, the impact of a non-management has to be measured recently, the BIS wrote in 1998 a document on the management of operational risks. It has not been done since the crises and the internal events, fraud that occurred these last 5 years. Clients, customers, prospects, employees, directors are suffering of the non-management of operations risks and it has to be studied with the help of the stakeholders to find a compromise and begin to solve it. 71930056 p327 Si l’©valuation quantitative du risque a ©t© le premier exercice r©alis© par les banques (Lamarque et Maurer, 2009), en t©moignent les nombreuses recherches qui se sont orient©es vers une approche quantitative (Frachot et alii, 2003 ; Klugman et alii, 1998 ; King, 2001), le rôle de la composante humaine dans le risque lui même et dans son processus d’identification rend particulièrement int©ressante toute approche de nature qualitative. Comme le soulignent Lamarque et Maurer (2009), l’approche quantitative du risque op©rationnel, compte tenu de sa difficile pr©visibilit©, est A« insuffisante pour maîtriser ces risques et la gravit© des ©vènements exceptionnels est extrêmement difficile à ©valuer A». C’est g©n©ralement l’apparition même du risque qui permet de le connaître et donc de le g©rer de manière efficace, c’est-à-dire a posteriori. Si l’organisation se caract©rise par sa diversit© et sa complexit© (Weick, 1995), celles-ci constituent un frein à l’identification pr©cise du risque futur. Sources : https://www.bis.org/bcbs Arnold M., Larsen P. T., Hollinger P., O’Doherty J. and Milne R. (2008) “The outsider: How Kerviel exposed lax controls at Soci©t© G©n©rale”, In The Financial Times, February 7th, London. Atik, Jeffery, (2010) “Basel II and Extreme Risk Analysis”. Loyola-LA Legal Studies Paper No. 2010-40. Available at SSRN: https://ssrn.com/abstract=1677682 Balestra A., (2006) “Quantification of Operational Risk”, Mohassaba S.A., Geneva. Basel committee (2006), “International Convergence of Capital Measurement and Capital Standards”, A Revised Framework, Comprehensive Version of the compilation of the June 2004 Basel II Framework Bon-Michel, B 2011, ‘La cartographie des risques : de la rationalisation du futur à l’apprentissage du risque. Cas de l’identification du risque op©rationnel au sein d’un ©tablissement de cr©dit. (French)’, Revue Management Et Avenir, 48, pp. 326-341 Capco White Paper (2003) “Understanding and Mitigating Operational Risk in Hedge Fund InvestmentsA A» Carter L. F. (2011) “MANAGING RISK IN OPERATIONS” Academy of Information and Management Sciences Journal, Volume 14, Number 2 Chernobai A., Jorion P., Yu F. (2011) “The Determinants of Operational Risk in U.S. Financial Institutions” Journal Of Financial And Quantitative Analysis Vol. 46, No. 6, Dec. 2011, pp. 1683- 1725 Control sur le comit© de Bale (1998), ” Gestion du risque op©rationnel” Cox C. (2008) Director of the Securities and Exchange Commission (SEC) “SEC Press Release” 2008-297 Giraud J.R (2004) “The Management of Hedge Funds’Operational Risks” EDHEC RISK AND ASSET MANAGEMENT RESEARCH CENTER Jarrow, RA 2008, ‘Operational risk’, Journal Of Banking & Finance, 32, 5, pp. 870-879, Business Source Complete, EBSCO. Jobst, AA 2007, ‘The treatment of operational risk under the New Basel framework: Critical issues’, Journal Of Banking Regulation, 8, 4, pp. 316-352, Business Source Complete, EBSCO. Leippoldy M., Vaniniz P. (2003) “The Quantification of Operational Risk ” Vanini P. (2003) Operational Risk: A Practitioner’s View Journal of Risk, Vol. 5, No. 3, pp. 1-16, 2003 A«A LES HEDGE FUNDS FACE AU RISQUE OPÉRATIONNELA A» 2009, Revue Banque/Banque Magazine, 714, pp. 71-73 Weiss A., and Nikitin G. (2004), “Foreign Portfolio Investment Improves Performance: Evidence from the Czech Republic”, Topics in Economic Analysis and Policy, 48, 817-38 Power M. (2005), A« The invention of operational risk A», Review of International Political Economy, 12(4), p. 577-599. Taleb N.-N. (2009), “Errors, Robustness, and the Fourth Quadrant”, International Journal of Forecasting theory and research, Englewood Cliffs, Prenctice-Hall, p. 10-37.

Cite this page