Operational Risk


Operational Risk is the uncertainty of loss resulting from insufficient, incompetent and failed internal process, people and system or from any external environment events. It includes legal risks, human error,  intentional frauds, technical errors, gap in operation etc.

 Operational Risks are the least cared and understood and most challenging  risk to measure,  handle and monitor. Banking saw an increase in the number of operational risk events that severely impacted both business prospects and profitability. Some of the operational risk events are:

  1. Internal Process Risk
  2. People Risk
  3. System Risk
  4. External Risk
  5. Legal Risk

Internal Process Risk

Internal Process Risk is one of the operational risks associated with the inability in the firms managing the process and procedure. It is about ineffectiveness in the firm’s daytoday operation. Corporate regulations include the controlling factors to ensure that the customers receive the desired services. Some of the internal process risk include:

  1. Lack of controls
  2. Marketing errors
  3. Money Laundering
  4. Documentation or Reporting error
  5. Transaction Error
  6. Internal Fraud

People Risk

People Risk is associated with the human error made in the firm. People Risk is one of the most prevalent risks in any firm as people are some of the integral  acting parts in the firm. People are prone to show irrational behaviour and have interest in conflict. Some of the people risks in the firms are:

  1. High staff turnover
  2. Poor management policy and practices
  3. Poor staff  training
  4. Over Reliance on key staff

System Risk

System Risk is associated with the technology related issues. All the firms heavily rely on technology, computers and computer systems to support day-today activities This dependency over systems can make firms vulnerable and more prone to technology related risks. Some of the system risks are:

  1. Data Corruption
  2. Inadequate Project Control
  3. Programming Error
  4. Over reliance on ‘Black Box’ technology
  5. Service interruptions
  6. System security problems
  7. System suitability

External Risk

It is the risk associated with the external environment of the firm i.e. events that cannot be in direct control of the bank. External risk is far more risky and has a significant impact on banks operation and performance. Some of such risk associated events are:

  • Events in external firms which impact the industry they are operating.
  • External Fraud and Theft
  • Terrorist Attack
  • Natural Disasters and calamities
  • Any market disruption political and non-political

Legal Risk is the risk associated with the changes or uncertainty in the framework or application or  interpretation of contract, laws, or regulation. Legal risk varies from firm to firm and country to country. Issues such as money laundering, antiterrorism, dumping, data breach etc. all complies to some kinds of legal actions.

Operational Risk Management

Operational Risk Management aims to reduce or minimize the operational risks which a firm considers. Operational Risk Management process will manage the overall risk level to acceptable frame as per required by top level management and regulatory bodies. Some of the fundamental steps in Operational Risk Management process are:

  1. Identification
  2. Assessment
  3. Measurement
  4. Mitigation and Control
  5. Monitoring and Reporting


  • Apostolik, R., Donohue, C., & Went, P. (2009). An Overview of Banking, Banking Risks and Risk-Based Banking Regulation . Hoboken, New Jersey: John Wiley & Sons, Inc.
  • Fimarket

Leave a Comment