Using Internal Loss Data to Mitigate Operational Risks
The modern approaches to risk management are data-driven. There are four basic steps to this approach which we will study later in this module. The first step contains information about how data related to internal losses suffered by an organization needs to be collected and studied in order to better mitigate risks in the future. Loss data also needs to be collected from external sources such as peers and industry members. However, we will study the external loss data analysis in the next article.
In this article, we will focus on what internal loss is, how a system can be created to collect internal loss data and how such data can be utilized to manage operational risks more effectively.
What is Internal Loss?
Internal losses are losses that have arisen due to failed processes or incompetent people within the organization. The losses which occur may be financial or non-financial in nature. The objective of analyzing internal loss is:
- to categorize the operational losses by functions such as technology, human resources, marketing, etc
- to categorize operational risks by product categories, locations, and even by manager
- to identify and categorize risks that may come into play if the company decides to outsource some of its internal processes
- to create a priority list of all the internal risks so that appropriate risk mitigation mechanisms can be employed.
Collection of Internal Loss Data
Before data regarding internal loss is collected from the various parts of the organization, it is essential to generate buy-in from the different stakeholders. This is because organizations are by nature forward-looking. If the management asks for extensive data collection about past events, it is likely that they may face some resistance. Loss data collection is an exhaustive process. When implemented, it becomes part of the daily duty of every employee across the organization and a part of the daily business and usual functioning.
The objectives of loss data collection and the benefits that will be derived from it must be explained to all stakeholders in order to avoid issues later on.
- The first step is to create a procedure for identifying and booking internal losses. This means that a system has to be created using which losses can be identified, approved, and then booked i.e. recorded
- Subject matter experts have to be developed so that they are able to recognize internal losses and categorize them correctly before booking. The ideal process is that the front-line employee initiates the process by suggesting a loss that needs to be booked. This loss is then evaluated by an expert and then finally booked
- Separate accounts must be in place to book these expenses. These accounts can then be used to identify patterns in the internal losses or collect information about their drivers. Separate accounts also make it easy to identify the quantum of money that is being lost due to internal losses
- The process needs to have controls, checks, and balances in place. This means that there should be appropriate governance measures in place to prevent wrong data from being collected. The stakeholders of this process should continuously liaise with the compliance and audit partners in order to make sure that their process is functioning at the optimal level
- In recent years, the emphasis has been on the removal of manual processes and the implementation of automatic workflow-based processes. This makes it easier to capture data and ensure consistency across the process at different times.
Shortcomings of Internal Loss Data
There are several obvious benefits to internal loss data collection. However, there are several shortcomings as well. Some of them have been mentioned below:
- Firstly, the internal loss collection process is too expensive and time-consuming. Basel norms specify that at least three years of data need to be collected in order to ensure that the organization is compliant with the norms. This leads to a lot of resources being deployed in order to meet these needs. These resources could have been used for other more productive purposes
- Another problem with the approach is that it always looks backward. It is a known fact that the future may not necessarily be like the past. However, the collection of internal loss data makes managers fixated with previous losses. This leads to improper risk management and mitigation.
- Also, the internal loss collection framework has no mechanism for collecting data on potential losses or near misses i.e. losses that almost occurred. Hence, even if the organization may be susceptible to the same risks in the future, the data is not collected since an actual loss has not occurred! Hence, it can be said that the approach is reactive and not proactive.
- In some organizations, the definition of loss changes over a period of time. This creates a new set of challenges. This is because the data from previous years can no longer be compared to the present before modifying it to nullify the effect of the change in definition.
The bottom line is that the collection of internal loss data is an integral part of the operational risk management process. The end result of this data collection is the creation of a loss database that can be used to better predict and mitigate future risks. This is the reason why this approach is suggested in the Basel II norms and is likely to be implemented in major organizations all across the world.
|❮❮ Previous||Next ❯❯|
Authorship/Referencing - About the Author(s)
The article is Written By Prachi Juneja and Reviewed By Management Study Guide Content Team. MSG Content Team comprises experienced Faculty Member, Professionals and Subject Matter Experts. We are a ISO 2001:2015 Certified Education Provider. To Know more, click on About Us. The use of this material is free for learning and education purpose. Please reference authorship of content used, including link(s) to ManagementStudyGuide.com and the content page url.
- Risk Management - Introduction
- Benefits of Risk Management
- Principles of Risk Management
- Risk Management Process
- Risk Identification and Assessment
- Aspects of Risk Management
- Steps in Risk Management Process
- Approaches to Risk Management
- Risk Management Policy
- Commonly Used Measures of Risk
- Risk Management Plan
- Evaluation of Risk Management Plan
- Risk Treatment
- Role of HRD in Risk Management
- Enterprise Risk Management
- Implementing ERM
- Risk Management and Stock Market
- Outsourcing Risk Management Program
- Risk Management as a Profession
- Anticipating and Mitigating Organizational Risks in the Digital Age
- Challenges Facing the Australian Economy
- The Economic Costs of MeToo
- Automated Claims Processing
- Challenges in Global Insurance And International Claims
- Conflicts of Interest in the Insurance Business
- The Cost Structure in the Insurance Industry
- How Drones Will Impact the Insurance Industry?
- How Is Health Insurance Funded?
- How Self Driving Cars Impact Insurance?
- How Stock Market Volatility Affects Insurance Companies?
- Insurance Agents vs. Insurance Brokers
- The ABCs of Insurance Fraud in India
- Technological Advances in the Insurance Industry
- The Basics of Unemployment Insurance
- The Pros and Cons of Unemployment Assistance and Why it Matters in the Present Times
- The Role of Insurance In #MeToo Movement
- Why the Flood Insurance Market should be Privatized?
- Basics of Pet Insurance
- Cannabis Insurance
- Challenges Facing Cryptocurrency Insurance
- Evolution of Insurance Regulation
- Food Delivery Apps and Insurance
- How Does Captive Insurance Work?
- On-Demand Insurance
- Reinsurance vs. Double Insurance
- Solvency Regulations in the Insurance Industry
- Terrorism and Insurance
- The Basics of Microinsurance
- The Basics of Reinsurance
- Types of Captive Insurance Companies
- What is P2P Insurance?
- How Risks Affect Companies Providing Financial Services
- Risk Management Information System
- Disadvantages of Risk Management Information Systems
- The Known-Unknown Classification of Risk
- Operational Risk: Definition and Drivers
- How Regulations Have Affected Operational Risk?
- Identification of Operational Risks
- How to Identify Operational Risks
- Using Internal Loss Data to Mitigate Operational Risks
- External Loss Data in Operational Risk Management
- Risk Control Self Assessment (RCSA)
- Scenario Analysis in Risk Management
- Key Risk Indicators
- Basel Approaches in Operational Risk Management
- The Basel Risk Categories
- Cause Categories in Operational Risk Management
- Loss Distribution Approach
- The COSO Framework for Internal Control
- Mistakes to be Avoided While Building a Risk Management System
- Credit Rating Terminology
- Types of Exposures to Determine Credit Limit
- Types of Credit Events
- Active Credit Portfolio Risk Management
- Metrics to Measure Credit Risk
- Credit Derivatives: An Introduction
- Credit Linked Note
- How do Credit Default Swaps Work?
- Why are Credit Default Swaps Dangerous?
- Total Returns Swap
- What are Collateralized Debt Obligations and How do they Work?
- Collateralized Debt Obligations: Advantages and Disadvantages
- Mark To Market Accounting
- What are Recovery Rates? - Different Types of Recovery Rates
- Netting, Close Out, and Acceleration
- Expected Default Frequency (EDF)
- Expected Default Frequency: Advantages and Disadvantages
- Altmans Z Score Model
- Unexpected Loss and Economic Capital Buffer
- Stress Testing in Credit Risk Management
- Provisioning in Credit Risk Management
- How Corporate Governance Impacts Credit Risk
- Exit Strategies In Credit Risk Management
- What is Market Risk? - How its Measured and Sources of Market Risk
- Why is Market Risk Management Important?
- Introduction to Value At Risk (VaR)
- The Three Types of Value at Risk (VaR)
- Marginal, Incremental and Component Value at Risk (VAR)
- How Value at Risk (VaR) is Implemented?
- Backtesting Value at Risk (VaR)
- Advantages of Using Value at Risk (VaR) Model
- Disadvantages of Using the Value at Risk (VaR) Model
- How Margins Are Calculated Using Value at Risk (VaR)
- Market Risk Limits
- Tail Risk
- The Upside of Market Volatility
- Relationship between Volatility and Risk
- Importance of Data Quality in Risk Management
- Impact of Using Poor Quality Data and Metrics to Measure Data Quality
- Enterprise Risk Management (ERM) vs Traditional Risk Management
- Benefits of Enterprise Risk Management
- Corporate Risk Governance
- International Risk Governance Committee (IRGC) Framework
- Failure of Market Risk Management
- Mistakes to Avoid in Risk Management