It is interesting to note that external and internal fraud are both nearly evenly matched when it comes to the number of risk events occurring. In contrast, internal fraud accounts for over twice as much of losses by amount as external fraud. This is not particularly surprising since internal members of a bank are far more likely to have access to opportunities and information they can exploit. However, this raises the question about how manageable internal fraud might be for a bank. Can internal fraud be significantly minimized by changes in employee training and hiring practices or implementing stronger internal controls?
My first question is why “Clients, Products & Business Practices” dominates the loss amount.Is this because of a few very large cases, or many smaller issues?I would also ask whether the numbers reflect inherent exposure, or weaknesses in our controls or processes.
We learned that understanding exposure vs. controls is key, so I’d want to know which part is actually driving the losses.
Curious how this ORP would shift if mapped to the six-exposure MECE framework instead of the Basel 7 buckets. Would the loss concentration look cleaner, or would it reveal gaps the Basel categories hide?
What stood out to me from this chart is how misleading an ORP can be if we don’t build it properly.Before Class 3, I would have assumed this chart was the “truth” about the bank’s risks. Now I catch myself asking: Are we missing exposures we haven’t experienced yet? Are external losses incorporated? Have we blended causes and exposures?
Class 3 made me realize the ORP is something we construct, not just something we receive.
Its interesting to note how we can use our OP risk profile along with our competitors risk profile (which can be difficult to access) to re-assess our exposures to build relevant and appropriate controls around them.
It is interesting to note that external and internal fraud are both nearly evenly matched when it comes to the number of risk events occurring. In contrast, internal fraud accounts for over twice as much of losses by amount as external fraud. This is not particularly surprising since internal members of a bank are far more likely to have access to opportunities and information they can exploit. However, this raises the question about how manageable internal fraud might be for a bank. Can internal fraud be significantly minimized by changes in employee training and hiring practices or implementing stronger internal controls?
My first question is why “Clients, Products & Business Practices” dominates the loss amount.Is this because of a few very large cases, or many smaller issues?I would also ask whether the numbers reflect inherent exposure, or weaknesses in our controls or processes.
We learned that understanding exposure vs. controls is key, so I’d want to know which part is actually driving the losses.
Curious how this ORP would shift if mapped to the six-exposure MECE framework instead of the Basel 7 buckets. Would the loss concentration look cleaner, or would it reveal gaps the Basel categories hide?
What stood out to me from this chart is how misleading an ORP can be if we don’t build it properly.Before Class 3, I would have assumed this chart was the “truth” about the bank’s risks. Now I catch myself asking: Are we missing exposures we haven’t experienced yet? Are external losses incorporated? Have we blended causes and exposures?
Class 3 made me realize the ORP is something we construct, not just something we receive.
Its interesting to note how we can use our OP risk profile along with our competitors risk profile (which can be difficult to access) to re-assess our exposures to build relevant and appropriate controls around them.