Operational risk is generally defined as a risk arising from direct or indirect loss to the firm due to inadequate or failed internal process, people and systems. Besides internally occurring events, the people, process and systems failure could also occur due to external events. Operational risk does not include business risk and strategic risk.
The components of operational risk includes transaction processing risk, information security risk, legal risk, compliance risk and risk occurring due to the functioning of human resources (i.e. people risk) of the bank.
Process risk arises on account of faulty reporting of important market developments to the management, or errors in entry of data for subsequent computations. Non-monitoring of exposure positions also result in process risks for the firm. Besides, firm may also require/supply needed funds in currencies that may lead to a loss for the firm due to the currency rate fluctuations. When the firm creates new products without proper consideration of its long-term implications it may encounter process risk.
Systems risk involves losses due to systems failure, lack of security for the information requirements of the firm, inadequate investments made in terms of technology requirements, issues with implementation of systems, inadequate systems capacity or failure in systems developments.
People risk arises from lack of trained key personnel, tampering of records, unauthorized access to dealing rooms and collusion between front and back end offices.
Risk on account of external factors arises due to legal and regulatory changes, outsourcing risk, supplier risk, political risk and Government policy risk. Firms are expected to function in a specific infrastructure setup created in the economy such as fund transfer mechanisms. The failure of such infrastructure leads to risk to the firm through external factors.
Operational losses are large losses arising from operations which may be in the form of payments made to third parties on law suits, tax penalties, non-compliance with regulations and damage to assets.
Compensation paid to customers, theft, frauds including rogue trading and late settlement or settlement to the wrong counterparty is the major types of operational loss that are incurred by financial institutions.