CP10 (Full Document) - European Banking Authority
CP10 (Full Document) - European Banking Authority
CP10 (Full Document) - European Banking Authority
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Principles and examples<br />
1. The purpose and use of the operational risk measurement<br />
system should not be limited to regulatory purposes.<br />
Evidence of meeting the use test could include, but is not limited to:<br />
· Demonstrating that the risk measurement system is used to manage<br />
operational risk exposures across different business lines within the<br />
organisation structure.<br />
· Demonstrating how inputs, estimations, predictions, or outputs from<br />
the risk measurement system are used in the decisionmaking<br />
process, for example as an element in strategic and tactical decisionmaking.<br />
2. The operational risk measurement system should evolve<br />
continually as the institution gains experience with risk<br />
management techniques and solutions.<br />
Evidence of meeting the use test could include, but is not limited to:<br />
· Demonstrating how the institution ensures that the nature and<br />
balance of inputs into the risk measurement system are relevant and<br />
fully reflect the nature of the business.<br />
· Demonstrating how the risk measurement system becomes more<br />
responsive and robust.<br />
3. The operationalrisk framework should support and enhance the<br />
management of operational risk within the organisation.<br />
Evidence of meeting the use test could include, but is not limited to:<br />
· Demonstrating how decisions for improving processes and controls<br />
are made.<br />
· Demonstrating that operational management objectives and<br />
activities are communicated within the organisation.<br />
4. The use of an operational risk measurement system should<br />
provide benefits to the organisation in the management and<br />
control of operational risk.<br />
Evidence of meeting the use test could include, but is not limited to:<br />
· Demonstrating that management has considered action on its receipt<br />
of information from the riskmeasurement system.<br />
· Demonstrating that the operational risk measurement system<br />
increases transparency, risk awareness, and operationalrisk<br />
management expertise, and creates incentives to improve the<br />
management of operational risk throughout the organisation.<br />
Page 103 of 123