Practitioner analysis: Reaping the advantages of Basel II
David Stone of Zions Bancorporation describes how the US bank plans to underpin its enterprise-wide risk management by implementing the Basel II accord’s advanced approaches to measuring operational risk.
Many firms have pursued enterprise-wide risk assessment, with varying levels of success. The challenge has been to align risk assessments with business objectives and to integrate risk assessment and analysis into day-to-day operations.
The purpose of enterprise risk assessment was to create a standard means of assessing risk across an organisation. The main goal of this approach was to aggregate different types of risk, such as operations, compliance, credit, market, strategic and reputation, into an organisational ‘risk profile’. Therefore, whatever the type of organisation - bank, hospital or government agency - one could view key exposures and then drill down to specific control issues and action plans. Another goal was to create a more risk-focused culture, where business groups had greater ownership of risk and could more effectively manage its identification, measurement, monitoring, and control. Banking regulators expressed their support, stating that they would rely on a bank’s risk assessments where they had confidence those assessments fairly reflected the bank’s risk profile.
Initially, enterprise risk assessment created a paperwork nightmare. Businesses completed paper documents that had to be manually combined into reports to view risks across departments, and at a corporate level. Because of the complexity of this process, risk assessment was basically limited to an annual activity that did not significantly impact corporate culture or business line behaviour.
This challenge was somewhat alleviated in the late 1990s as firms worked to create automated solutions for risk assessment. Several systems based on Microsoft Access, Lotus Notes or more advanced platforms, were developed to enable the user to enter risk information locally, and electronically integrate these results with others across the organisation.
Improved systems have helped firms deploy risk assessment, but a number of important challenges remain. Those challenges, detailed below, include software design issues, deployment depth, sustainability, data integrity, and validation:
• Risk assessment systems that support the Basel II bank capital adequacy accord guidelines on operational risk and integrate various risk tools, such as risk assessment, key risk indicators and loss history, are scarce.
• Reporting capabilities can be limited, making it difficult for executive management, business lines or assurance groups to use risk data in day-to-day operations.
• Screen designs can be cumbersome and can require significant training.
• Systems lack robust project management/workflow capabilities, making it difficult to know the status of risks and thus making risk assessment more difficult to deploy, update and sustain.
• Audit interfaces can be limited, making validation more complex.
Several banks have deferred conducting risk assessments in their business lines because of these challenges. Instead of deploying business risk assessment, several have pursued an almost exclusively quantitative approach to identifying and managing operational risk. Unfortunately, the reliance on quantitative data alone has not fully advanced the risk management cause. In many cases, data quality and availability are inadequate, making it difficult to create a reliable risk profile. Results have provided more of a ‘back-test’ of exposure than a future projection of risk.
Many businesses are reluctant to base their capital allocations or risk improvement efforts exclusively on loss data, as confidence in the data is questionable. While all agree that collecting and analysing loss data is an important component of operational risk management, reliance on loss data alone has not fostered the ‘cultural’ change to a more risk and customer-focused environment that industry executives and regulators seek.
Renewed interest in risk assessment - Basel II
The Basel II accord, designed by the global banking regulators of the Basel Committee on Banking Supervision, offers significant opportunities for banks in terms of lower capital charges when they demonstrate effective operational risk management consistent with the Advanced Measurement Approach (AMA) guidelines of the accord.
The Basel Committee’s December 2001 paper on Sound Practices for the Management and Supervision of Operational Risk lists risk self-assessment as an approach that can be used to support internal capital allocation. The paper lists risk assessment and key risk indicators as more "forward-looking" determinants of a company’s risk profile than exclusively quantitative approaches that rely on historical loss data.
Specifically, the December 2001 statement asks banks to:
• Implement an on-going system to identify, measure, monitor and control risk across all key business lines, processes, and products.
• Provide risk reporting at all levels, from the Board to senior and line management.
• Ensure internal audit’s independence to validate risk management processes and levels.
• Publicly disclose operational risk management practices and results.
The Basel II framework proposes that fixed regulatory capital guidelines will be replaced with economic capital calculations based on a bank’s assessment of its risks. US regulators indicate they will insist that the nation’s large, internationally active banks comply with Basel’s AMA guidelines, but leave the option open for other banks to decide for themselves.
Zions Bancorporation, based in Salt Lake City, Utah, does little business outside the US, but does have a strong focus on risk management and intends to adopt the Basel II AMA rules.
To calculate the potential impact at Zions, we must review current figures and draw on industry projections. On December 31, 2001, Zions had $2.3 billion in total regulatory capital. Let us project that when Basel II goes into effect, Zions’ total economic capital stays at $2.3 billion, and its operational risk capital is 12% of that figure or $276 million (Basel II asks banks to target approximately 12% of their total economic capital for operational risk purposes).
If Zions can demonstrate effective operational risk management, the bank could reduce its op risk capital by 25% or more.
A 25% reduction would equate to $69 million ($2.3 billion x 0.12 x 0.25). Assuming no other binding capital constraints, Zions could then return that capital to shareholders in the form of dividends or stock buy-backs, or it could reinvest it in its businesses. Assuming an after-tax return on capital of 12%, Zions could earn $8.3 million on those funds.
Zions’ approach
Zions wanted to create an enterprise risk assessment system that would reinforce and strengthen operational and other risk management practices across its subsidiaries. The goal is to encourage business and support groups to think more proactively about risk. Zions wanted to enhance its risk culture by helping teams better identify, measure and manage risk issues to enable them to serve their customers more effectively and compete in the market. To accomplish this goal, the firm needed a risk management system that could be easily deployed so that it could act as a management tool for analysis and decision-making, rather than an annual survey that would have only marginal impact on business line thought and behaviour.
Zions’ risk assessment solution is an important element in building a more robust risk culture. The system will help management assess and control risk, and will facilitate healthy discussion between business lines and assurance groups via the system’s workflow technology, described below. The system will also facilitate Zions’ compliance with Basel II’s AMA guidelines for operational risk.
Zions began deploying its risk system in August 2002. While simple for users, it has powerful analytic and reporting capabilities so staff, line managers and board members can easily obtain relevant information. In designing the system, Zions assembled a team from business and support areas to define system workflow and function. Lexign, based in Nashua, New Hampshire was selected to develop the system. Lexign is a leader in data capture, business process automation, digital signing and document management technology. It has over a decade of experience designing systems for clients throughout the US and Europe.
The following sections summarise key features from Zions’ risk assessment system.
• Ease of use
The system is designed to be easy to use. Screens and data fields are aligned in a ‘straight-through’ process to quickly gather information. The design aids users in identifying business objectives, the risks to those objectives, controls and actions. Users do not need to flip between screen views. For example, once risk information is entered, they simply move to the ‘Control’ screen to enter control-related information. Data is entered once and easily recalled when needed.
• Balance of qualitative and quantitative data
Zions’ risk assessment system provides both qualitative and quantitative information to generate a balanced risk profile that can be independently validated. For example, instead of listing vague business objectives, users are asked to enter a numeric goal to indicate achievement of an objective and their current status against that goal. Users are then asked to electronically attach a chart or document that validates their entries. The reinforcement of qualitative statements with quantitative data occurs throughout the risk assessment application.
In the ‘Risk’ and ‘Control’ screens, users are asked to attach measures that indicate whether risk levels are increasing or decreasing and to substantiate claims on control effectiveness. For example, in an assessment of wire risk, risk-level measures include the number and amount of wires. Control effectiveness measures include internal control accounts outstanding, end-of-day balance exceptions and the timeliness of wire turnaround. An important goal for Zions is to select measures that are risk and customer-focused so the company continues to both manage risk effectively and ensure consistent, excellent service for customers.
The balance of qualitative and quantitative data encourages business groups truly to think about their risks and how to best measure and monitor them. Zions’ approach contrasts with other systems that do not encourage the same level of thought. For instance, there are those that simply ask a user to rate a risk ‘high’, ‘medium’ or ‘low’ without asking the user for a rationale or attachment to substantiate that rating. Without that substantiation, it is almost impossible for assurance groups to validate risk assessments independently.
"The mix of qualitative and quantitative data creates a risk assessment system with greater integrity that can be used for Management decision-making," comments Gary Helme, executive vice-president, Wealth Management, Zions Bancorporation.
• Audit validation
Zions’ risk assessment system includes an ‘Audit’ view that enables Internal Audit to comment on business risk assessments. Audit teams can enter independent ratings and comments on risk levels, controls and action plans online. They can generate an audit score on a specific risk assessment and roll that rating into an overall audit score for a business. Audit teams can also use the system to comment on issues that may not have been raised in the risk assessments.
The system instantly notifies internal audit and other appropriate groups when risks are added or when residual risk exposures change. Thus, Audit can more swiftly work with business lines to address key issues. Other groups can also quickly get to relevant data. For example, when a risk is entered into the system, an alert goes to the relevant department.
Figure 1, illustrates this message flow. Once a business manager submits a risk, the system instantly notifies risk management, Internal Audit, and Corporate Insurance and then other relevant groups based on risk type. The outcome is a system that enhances communication and accountability, and enables assurance groups across the company to support business lines more proactively, help shape decision-making and strengthen controls.
• Loss database
Zions’ risk system includes a field in the ‘Risk’ view to capture loss history. Loss data can be entered online or uploaded from a spreadsheet, data file, or system feed. Losses can then be tracked by risk category, sub-category, process, subsidiary or business unit. This gives management a more complete view of losses, and enables them to analyse and track those losses and fortify controls more comprehensively. Because Zions’ system integrates a variety of risk tools, losses can also be correlated against residual risk scores, key risk indicators and audit ratings.
• Insurance interface
Zions’ risk assessment solution contains an interface to Corporate Insurance. As mentioned above, Insurance, like Internal Audit, is alerted whenever a new risk is entered into the system, or when residual risk ratings change. Thus, the system can help Insurance become more quickly and better informed on business risk issues and may present opportunities for them to underwrite exposures more cost-effectively.
• Enterprise sustainability
Lexign’s technology makes Zions’ risk assessment system easier to deploy and maintain. Without the right technology, enterprise risk management systems can be cumbersome. There can be hundreds of risk issues and action items to track and follow-up. Many issues can get lost, forgotten, and go unresolved.
Lexign’s workflow alert and status tracking technology overcomes these problems by enabling business managers and assurance users to know who has done what on the system and when. Business managers are alerted when staff enter risk data, so they can review, approve, and submit it. Users receive alerts via e-mail and via the risk system home page.
The home page has four quadrants designed to help users assess their risk status and take action. The first quadrant lists residual risk ratings for a business or group of businesses. The second lists those risks that need to be reviewed and approved. The third lists action items that are past due or will be due in the near future. The fourth contains important notices about the system. The home page, therefore, creates a dashboard of risk issues to facilitate information flow and expedite action resolution.
With respect to actions, when one is entered into the system, an alert is sent to the person responsible for that action, whether or not the person is a user in the risk system. For example, the recipient of an action would receive relevant information on the risk and a contact number for the person who owns the risk. The system’s workflow alert technology transforms it into a management tool that businesses can use to ensure issues are addressed and resolved in a timely manner.
• Dynamic reporting
Zions has designed its risk assessment system with a powerful Web-based reporting tool. The technology offers an online suite of standard and customisable ad-hoc reports with detailed graphics and drill-down capability. The flexibility of reporting makes it possible for any level of an organisation to use the data for analysis and decision-making.
Users from the board level to the line can choose what they want to report on. For example, an executive may want to see the top 10 residual risks for the corporation, for a business line or a risk category and then view those risks against their cumulative losses and/or action plan status. Or a retail banking officer may want to see all accepted risks that have increasing risk directions, less than effective audit scores and are in the consumer lending process.
Reporting and analysis is a critical component of effective risk management and is a focal point of Basel II. The December op risk paper notes "the results of any operational risk measurement methodology should form an integral part of the day-to-day risk management activities of the bank". Zions’ reporting system accomplishes this by enabling groups to access easily and quickly the information they need to make decisions.
• Capital allocation
Zions’ risk assessment system will contain a module to support the allocation of op risk capital consistent with Basel’s AMA guidelines. The module is based on a scorecard approach of residual risk, audit scores and loss history. Feedback from businesses is positive. Many are interested in receiving lower capital allocations when they demonstrate effective op risk management. The outcome will be better identification, measurement, monitoring, and control of risk across all key business lines, processes and products, and better allocation of risk capital. We expect these results to translate into more consistent returns for shareholders.
• Deployment
Many units throughout the company have begun using risk assessments. Now, Zions will bring them together in a new, standardised, Web-based approach. "Zions has always had a strong focus on risk management. Now we have the technology to deploy risk assessment in an exciting new way. The technology and the approach will help us strengthen our risk management practices and better serve our customers and our shareholders," notes Harris Simmons, chief executive officer and chairman, Zions Bancorporation.
Conclusion
At Zions we are committed to better managing risk and to serving our customers and shareholders. The risk assessment solution will play an important role in helping create an environment where risks are appropriately identified and assessed and where controls are steadily improved. It will help our teams strengthen customer service levels and compete in the market. It is also positioned to help us meet Basel’s AMA approach to op risk, which when implemented should enable us to benefit from regulatory capital incentives. In the end, our customers and shareholders will tell us whether or not we have succeeded. Effectively serving their needs is our primary objective and is the driving force behind Zions’ risk management efforts.
Sound Practices for the Management and Supervision of Operational Risk, December 2001, Basel Committee on Banking Supervision is available from the Bank for International Settlements’ website: www.bis.org
David Stone (e-mail: dstone@zionsbank.com) is vice-president, risk management at Zions Bancorporation in Salt Lake City, Utah.
Operational Risk
The purpose of enterprise risk assessment was to create a standard means of assessing risk across an organisation. The main goal of this approach was to aggregate different types of risk, such as operations, compliance, credit, market, strategic and reputation, into an organisational ‘risk profile’. Therefore, whatever the type of organisation - bank, hospital or government agency - one could view key exposures and then drill down to specific control issues and action plans. Another goal was to create a more risk-focused culture, where business groups had greater ownership of risk and could more effectively manage its identification, measurement, monitoring, and control. Banking regulators expressed their support, stating that they would rely on a bank’s risk assessments where they had confidence those assessments fairly reflected the bank’s risk profile.
Initially, enterprise risk assessment created a paperwork nightmare. Businesses completed paper documents that had to be manually combined into reports to view risks across departments, and at a corporate level. Because of the complexity of this process, risk assessment was basically limited to an annual activity that did not significantly impact corporate culture or business line behaviour.
This challenge was somewhat alleviated in the late 1990s as firms worked to create automated solutions for risk assessment. Several systems based on Microsoft Access, Lotus Notes or more advanced platforms, were developed to enable the user to enter risk information locally, and electronically integrate these results with others across the organisation.
Improved systems have helped firms deploy risk assessment, but a number of important challenges remain. Those challenges, detailed below, include software design issues, deployment depth, sustainability, data integrity, and validation:
• Risk assessment systems that support the Basel II bank capital adequacy accord guidelines on operational risk and integrate various risk tools, such as risk assessment, key risk indicators and loss history, are scarce.
• Reporting capabilities can be limited, making it difficult for executive management, business lines or assurance groups to use risk data in day-to-day operations.
• Screen designs can be cumbersome and can require significant training.
• Systems lack robust project management/workflow capabilities, making it difficult to know the status of risks and thus making risk assessment more difficult to deploy, update and sustain.
• Audit interfaces can be limited, making validation more complex.
Several banks have deferred conducting risk assessments in their business lines because of these challenges. Instead of deploying business risk assessment, several have pursued an almost exclusively quantitative approach to identifying and managing operational risk. Unfortunately, the reliance on quantitative data alone has not fully advanced the risk management cause. In many cases, data quality and availability are inadequate, making it difficult to create a reliable risk profile. Results have provided more of a ‘back-test’ of exposure than a future projection of risk.
Many businesses are reluctant to base their capital allocations or risk improvement efforts exclusively on loss data, as confidence in the data is questionable. While all agree that collecting and analysing loss data is an important component of operational risk management, reliance on loss data alone has not fostered the ‘cultural’ change to a more risk and customer-focused environment that industry executives and regulators seek.
Renewed interest in risk assessment - Basel II
The Basel II accord, designed by the global banking regulators of the Basel Committee on Banking Supervision, offers significant opportunities for banks in terms of lower capital charges when they demonstrate effective operational risk management consistent with the Advanced Measurement Approach (AMA) guidelines of the accord.
The Basel Committee’s December 2001 paper on Sound Practices for the Management and Supervision of Operational Risk lists risk self-assessment as an approach that can be used to support internal capital allocation. The paper lists risk assessment and key risk indicators as more "forward-looking" determinants of a company’s risk profile than exclusively quantitative approaches that rely on historical loss data.
Specifically, the December 2001 statement asks banks to:
• Implement an on-going system to identify, measure, monitor and control risk across all key business lines, processes, and products.
• Provide risk reporting at all levels, from the Board to senior and line management.
• Ensure internal audit’s independence to validate risk management processes and levels.
• Publicly disclose operational risk management practices and results.
The Basel II framework proposes that fixed regulatory capital guidelines will be replaced with economic capital calculations based on a bank’s assessment of its risks. US regulators indicate they will insist that the nation’s large, internationally active banks comply with Basel’s AMA guidelines, but leave the option open for other banks to decide for themselves.
Zions Bancorporation, based in Salt Lake City, Utah, does little business outside the US, but does have a strong focus on risk management and intends to adopt the Basel II AMA rules.
To calculate the potential impact at Zions, we must review current figures and draw on industry projections. On December 31, 2001, Zions had $2.3 billion in total regulatory capital. Let us project that when Basel II goes into effect, Zions’ total economic capital stays at $2.3 billion, and its operational risk capital is 12% of that figure or $276 million (Basel II asks banks to target approximately 12% of their total economic capital for operational risk purposes).
If Zions can demonstrate effective operational risk management, the bank could reduce its op risk capital by 25% or more.
A 25% reduction would equate to $69 million ($2.3 billion x 0.12 x 0.25). Assuming no other binding capital constraints, Zions could then return that capital to shareholders in the form of dividends or stock buy-backs, or it could reinvest it in its businesses. Assuming an after-tax return on capital of 12%, Zions could earn $8.3 million on those funds.
Zions’ approach
Zions wanted to create an enterprise risk assessment system that would reinforce and strengthen operational and other risk management practices across its subsidiaries. The goal is to encourage business and support groups to think more proactively about risk. Zions wanted to enhance its risk culture by helping teams better identify, measure and manage risk issues to enable them to serve their customers more effectively and compete in the market. To accomplish this goal, the firm needed a risk management system that could be easily deployed so that it could act as a management tool for analysis and decision-making, rather than an annual survey that would have only marginal impact on business line thought and behaviour.
Zions’ risk assessment solution is an important element in building a more robust risk culture. The system will help management assess and control risk, and will facilitate healthy discussion between business lines and assurance groups via the system’s workflow technology, described below. The system will also facilitate Zions’ compliance with Basel II’s AMA guidelines for operational risk.
Zions began deploying its risk system in August 2002. While simple for users, it has powerful analytic and reporting capabilities so staff, line managers and board members can easily obtain relevant information. In designing the system, Zions assembled a team from business and support areas to define system workflow and function. Lexign, based in Nashua, New Hampshire was selected to develop the system. Lexign is a leader in data capture, business process automation, digital signing and document management technology. It has over a decade of experience designing systems for clients throughout the US and Europe.
The following sections summarise key features from Zions’ risk assessment system.
• Ease of use
The system is designed to be easy to use. Screens and data fields are aligned in a ‘straight-through’ process to quickly gather information. The design aids users in identifying business objectives, the risks to those objectives, controls and actions. Users do not need to flip between screen views. For example, once risk information is entered, they simply move to the ‘Control’ screen to enter control-related information. Data is entered once and easily recalled when needed.
• Balance of qualitative and quantitative data
Zions’ risk assessment system provides both qualitative and quantitative information to generate a balanced risk profile that can be independently validated. For example, instead of listing vague business objectives, users are asked to enter a numeric goal to indicate achievement of an objective and their current status against that goal. Users are then asked to electronically attach a chart or document that validates their entries. The reinforcement of qualitative statements with quantitative data occurs throughout the risk assessment application.
In the ‘Risk’ and ‘Control’ screens, users are asked to attach measures that indicate whether risk levels are increasing or decreasing and to substantiate claims on control effectiveness. For example, in an assessment of wire risk, risk-level measures include the number and amount of wires. Control effectiveness measures include internal control accounts outstanding, end-of-day balance exceptions and the timeliness of wire turnaround. An important goal for Zions is to select measures that are risk and customer-focused so the company continues to both manage risk effectively and ensure consistent, excellent service for customers.
The balance of qualitative and quantitative data encourages business groups truly to think about their risks and how to best measure and monitor them. Zions’ approach contrasts with other systems that do not encourage the same level of thought. For instance, there are those that simply ask a user to rate a risk ‘high’, ‘medium’ or ‘low’ without asking the user for a rationale or attachment to substantiate that rating. Without that substantiation, it is almost impossible for assurance groups to validate risk assessments independently.
"The mix of qualitative and quantitative data creates a risk assessment system with greater integrity that can be used for Management decision-making," comments Gary Helme, executive vice-president, Wealth Management, Zions Bancorporation.
• Audit validation
Zions’ risk assessment system includes an ‘Audit’ view that enables Internal Audit to comment on business risk assessments. Audit teams can enter independent ratings and comments on risk levels, controls and action plans online. They can generate an audit score on a specific risk assessment and roll that rating into an overall audit score for a business. Audit teams can also use the system to comment on issues that may not have been raised in the risk assessments.
The system instantly notifies internal audit and other appropriate groups when risks are added or when residual risk exposures change. Thus, Audit can more swiftly work with business lines to address key issues. Other groups can also quickly get to relevant data. For example, when a risk is entered into the system, an alert goes to the relevant department.
Figure 1, illustrates this message flow. Once a business manager submits a risk, the system instantly notifies risk management, Internal Audit, and Corporate Insurance and then other relevant groups based on risk type. The outcome is a system that enhances communication and accountability, and enables assurance groups across the company to support business lines more proactively, help shape decision-making and strengthen controls.
• Loss database
Zions’ risk system includes a field in the ‘Risk’ view to capture loss history. Loss data can be entered online or uploaded from a spreadsheet, data file, or system feed. Losses can then be tracked by risk category, sub-category, process, subsidiary or business unit. This gives management a more complete view of losses, and enables them to analyse and track those losses and fortify controls more comprehensively. Because Zions’ system integrates a variety of risk tools, losses can also be correlated against residual risk scores, key risk indicators and audit ratings.
• Insurance interface
Zions’ risk assessment solution contains an interface to Corporate Insurance. As mentioned above, Insurance, like Internal Audit, is alerted whenever a new risk is entered into the system, or when residual risk ratings change. Thus, the system can help Insurance become more quickly and better informed on business risk issues and may present opportunities for them to underwrite exposures more cost-effectively.
• Enterprise sustainability
Lexign’s technology makes Zions’ risk assessment system easier to deploy and maintain. Without the right technology, enterprise risk management systems can be cumbersome. There can be hundreds of risk issues and action items to track and follow-up. Many issues can get lost, forgotten, and go unresolved.
Lexign’s workflow alert and status tracking technology overcomes these problems by enabling business managers and assurance users to know who has done what on the system and when. Business managers are alerted when staff enter risk data, so they can review, approve, and submit it. Users receive alerts via e-mail and via the risk system home page.
The home page has four quadrants designed to help users assess their risk status and take action. The first quadrant lists residual risk ratings for a business or group of businesses. The second lists those risks that need to be reviewed and approved. The third lists action items that are past due or will be due in the near future. The fourth contains important notices about the system. The home page, therefore, creates a dashboard of risk issues to facilitate information flow and expedite action resolution.
With respect to actions, when one is entered into the system, an alert is sent to the person responsible for that action, whether or not the person is a user in the risk system. For example, the recipient of an action would receive relevant information on the risk and a contact number for the person who owns the risk. The system’s workflow alert technology transforms it into a management tool that businesses can use to ensure issues are addressed and resolved in a timely manner.
• Dynamic reporting
Zions has designed its risk assessment system with a powerful Web-based reporting tool. The technology offers an online suite of standard and customisable ad-hoc reports with detailed graphics and drill-down capability. The flexibility of reporting makes it possible for any level of an organisation to use the data for analysis and decision-making.
Users from the board level to the line can choose what they want to report on. For example, an executive may want to see the top 10 residual risks for the corporation, for a business line or a risk category and then view those risks against their cumulative losses and/or action plan status. Or a retail banking officer may want to see all accepted risks that have increasing risk directions, less than effective audit scores and are in the consumer lending process.
Reporting and analysis is a critical component of effective risk management and is a focal point of Basel II. The December op risk paper notes "the results of any operational risk measurement methodology should form an integral part of the day-to-day risk management activities of the bank". Zions’ reporting system accomplishes this by enabling groups to access easily and quickly the information they need to make decisions.
• Capital allocation
Zions’ risk assessment system will contain a module to support the allocation of op risk capital consistent with Basel’s AMA guidelines. The module is based on a scorecard approach of residual risk, audit scores and loss history. Feedback from businesses is positive. Many are interested in receiving lower capital allocations when they demonstrate effective op risk management. The outcome will be better identification, measurement, monitoring, and control of risk across all key business lines, processes and products, and better allocation of risk capital. We expect these results to translate into more consistent returns for shareholders.
• Deployment
Many units throughout the company have begun using risk assessments. Now, Zions will bring them together in a new, standardised, Web-based approach. "Zions has always had a strong focus on risk management. Now we have the technology to deploy risk assessment in an exciting new way. The technology and the approach will help us strengthen our risk management practices and better serve our customers and our shareholders," notes Harris Simmons, chief executive officer and chairman, Zions Bancorporation.
Conclusion
At Zions we are committed to better managing risk and to serving our customers and shareholders. The risk assessment solution will play an important role in helping create an environment where risks are appropriately identified and assessed and where controls are steadily improved. It will help our teams strengthen customer service levels and compete in the market. It is also positioned to help us meet Basel’s AMA approach to op risk, which when implemented should enable us to benefit from regulatory capital incentives. In the end, our customers and shareholders will tell us whether or not we have succeeded. Effectively serving their needs is our primary objective and is the driving force behind Zions’ risk management efforts.
Sound Practices for the Management and Supervision of Operational Risk, December 2001, Basel Committee on Banking Supervision is available from the Bank for International Settlements’ website: www.bis.org
David Stone (e-mail: dstone@zionsbank.com) is vice-president, risk management at Zions Bancorporation in Salt Lake City, Utah.
Operational Risk
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@risk.net to find out more.
You are currently unable to copy this content. Please contact info@risk.net to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@risk.net
More on Structured products
A guide to home equity investments: the untapped real estate asset class
This report covers the investment opportunity in untapped home equity and the growth of HEIs, and outlines why the current macroeconomic environment presents a unique inflection point for credit-oriented investors to invest in HEIs
Podcast: Claudio Albanese on how bad models survive
Darwin’s theory of natural selection could help quants detect flawed models and strategies
Range accruals under spotlight as Taiwan prepares for FRTB
Taiwanese banks review viability of products offering options on long-dated rates
Structured products gain favour among Chinese enterprises
The Chinese government’s flagship national strategy for the advancement of regional connectivity – the Belt and Road Initiative – continues to encourage the outward expansion of Chinese state-owned enterprises (SOEs). Here, Guotai Junan International…
Structured notes – Transforming risk into opportunities
Global markets have experienced a period of extreme volatility in response to acute concerns over the economic impact of the Covid‑19 pandemic. Numerix explores what this means for traders, issuers, risk managers and investors as the structured products…
Structured products – Transforming risk into opportunities
The structured product market is one of the most dynamic and complex of all, offering a multitude of benefits to investors. But increased regulation, intense competition and heightened volatility have become the new normal in financial markets, creating…
Increased adoption and innovation are driving the structured products market
To help better understand the challenges and opportunities a range of firms face when operating in this business, the current trends and future of structured products, and how the digital evolution is impacting the market, Numerix’s Ilja Faerman, senior…
Structured products – The ART of risk transfer
Exploring the risk thrown up by autocallables has created a new family of structured products, offering diversification to investors while allowing their manufacturers room to extend their portfolios, writes Manvir Nijhar, co-head of equities and equity…
Most read
- Breaking out of the cells: banks’ long goodbye to spreadsheets
- Basel Committee reviewing design of liquidity ratios
- Too soon to say good riddance to banks’ public enemy number one
Back to Top