For banks with large capital market operations, rogue trading is one of the top three operational risks they face, alongside the threat of cyber-attack and payments fraud. While relatively infrequent, such events can bring enormous financial and reputational costs. So what can firms do to mitigate their operational risks?
Guarding against operational risk is especially crucial in the current environment, as the conditions are ripe for another painful incident:
- Traders will be eager to boost performance to qualify for whatever bonuses are available.
- Markets are moving quickly, exacerbating potential losses.
- Firms’ cost-cutting programmes are taking a toll on their overall control capabilities.
Moreover, regulators around the world are stepping up their scrutiny of the standards of operational risk control banks have in place. Various regulators have issued guidance – most notably the Committee of European Banking Supervisors’ CEBS 216, which stipulates banks should develop and maintain robust operational risk management frameworks.
Managing operational risk
In the past, operational risk management often relied on data-intensive analysis to assess areas of potential loss and calculate the amount of capital that should be set aside. On top of that, unwieldy infrastructures were used to collect and manage information on control effectiveness. These approaches have become more and more costly, and at the same time are seen as being less and less effective.
Increasingly, banks are recognising that a different approach is needed. Founded on scenario analysis –considering which of a range of scenarios would incur the largest operational risks - banks can determine the controls needed to detect the underlying events and prevent them from happening.
For example, mechanisms to combat rogue trading should include employing desk-level supervision of traders’ daily activities, and effective detective controls that focus on trade booking, internal accounts and discrepancies between funding patterns and the risks being run.
Ultimately, the goal is to achieve a coherent front-to-back control framework for each major product set, so that every part of the organisation – from the front office through to the various operational and finance functions – understands their role and how to work together to spot emerging operational risks and tackle them.
For more on combating the behaviours that give rise to rogue trading activities see the accompanying article, Changing behaviours in the battle to prevent rogue trades.