Operational risk has been defined by the Basel Committee on Banking Supervision as the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. This definition includes legal risk, but excludes strategic and reputational risk. This definition is based on the underlying causes of operational risk. It seeks to identify why a loss happened and at the broadest level includes the breakdown by four causes: people, processes, systems and external factors.
Two of the most common operational risks are –
Transaction Risk: (Errors & Omissions, and Frauds)
It is the risk arising from fraud, both internal and external, failed business processes and the inability to maintain business continuity and manage information.
| People | Processes | Systems |
| Error | Accounting error | Data quality |
| Fraud | Reporting error | Programming error |
| Lack of knowledge | Settlement / payment error | Security breach |
| Oversight | Valuation error | System failure |
| Loss of Key personnel | Transaction error | System capacity |
Compliance Risk:
It is the risk of legal or regulatory sanction, financial loss or reputation loss that a bank may suffer as a result of its failure to comply with any or all of the applicable laws, regulations, codes of conduct and standards of good practice. It is also called integrity risk since a bank’s reputation is closely linked to its adherence to principles of integrity and fair dealing.