文档文库
手机版
投诉建议
热门搜索: 心得体会 演讲稿 思想汇报
首页 > 商业银行操作风险管理指引英文

商业银行操作风险管理指引英文

发布时间:   来源:文档文库   
字号:
手机查看
GuidelinesonOperationalRiskManagementofCommercial
Banks

ChapterIGeneralProvisions

Article1PursuanttotheLawofthePeople’sRepublicofChinaonBankingRegulationandSupervision,theLawofthePeople’sRepublicofChinaonCommercialBanksaswellasotherapplicablelawsandregulations,theGuidelinesareformulatedsoastoenhancethe
operationalriskmanagementofcommercialbanks.

Article2TheGuidelinesapplytodomesticcommercialbanks,wholly
foreign-fundedbanksandChinese-foreignjointventurebanksincorporatedwithintheterritoryofthePeople’sRepublicofChina.

Article3TheoperationalriskintheGuidelinesreferstotheriskoflossresultingfrominadequateorfailedinternalprocesses,peopleandITsystem,orfromexternalevents.Itincludeslegalriskbutexcludesstrategicandreputationalrisk.

Article4TheChinaBankingRegulatoryCommission(hereinafterreferredtoasthe“CBRC”supervisesandregulatestheoperational

riskmanagementofcommercialbanksandevaluatesthe
effectivenessthereofunderitsauthoritybylaw.

ChapterIIOperationalRiskManagement

Article5Commercialbanksshould,inlinewiththeGuidelines,setupanoperationalriskmanagementsystemsuitabletotheirownbusinessnature,scaleandcomplexitytoeffectivelyidentify,assess,monitorandcontrol/mitigateoperationalrisk.Thissystemcanbeinanyform,butshouldcompriseatleastthefollowingbasicelements:

1oversightandcontrolbytheboardofdirectors;2rolesandresponsibilitiesofseniormanagement;
3appropriateorganizationalstructure;
4operationalriskmanagementpolicies,methods,andprocedures;
and
5requirementsonmakingcapitalprovisionsforoperationalrisk.

Article6Theboardofdirectorsinacommercialbankshouldtreatoperationalriskasamajorriskandchargetheultimateresponsibilityformonitoringtheeffectivenessofoperationalriskmanagement.The
responsibilitiesoftheboardshallinclude:


1developingstrategiesandgeneralpoliciesforbank-wideoperationalriskmanagementthatarealignedwiththebank’s
strategicgoals;
2reviewingandapprovingtheseniormanagement’sfunctions,
authorizationandreportingarrangementwithregardtooperationalriskmanagementsoastoensuretheeffectivenessof
thebank’sdecision-makingsysteminoperationalriskmanagementandensurethattheoperationalriskfacingthebank’soperationsiscontrolledwithinitsendurancecapacity;3reviewingregularlytheoperationalriskreportssubmittedbythe
seniormanagement;fullyunderstandingthebank’soveralloperationalriskmanagementandtheeffectivenessoftheseniormanagementinhandlingmaterialoperationalriskevents;andmonitoringandevaluatingtheeffectivenessofdailyoperational
riskmanagement;
4ensuringthattheseniormanagementtakesnecessarymeasures
toeffectivelyidentify,assess,monitorandcontrol/mitigate
operationalrisk;
5ensuringthatthebank’soperationalriskmanagementsystemis
effectivelyauditedandoverseenbyinternalauditdepartment;
and

6havinginplaceanappropriatereward-punishmentsystemsoas
toeffectivelypromotethedevelopmentofoperationalrisk
managementsysteminthebankasawhole.

Article7Theseniormanagementinacommercialbankisresponsibleforimplementingtheoperationalriskmanagementstrategies,generalpoliciesandrunningthesystemapprovedbythe
board.Itshall:

1beultimatelyresponsibletotheboardregardingdailyoperational
riskmanagement;
2layoutandregularlyreviewtheoperationalriskmanagementpolicies,proceduresanddetailedprocessesinaccordancewiththestrategiesandgeneralpoliciesdevelopedbytheboard,andoverseetheimplementationthereof,andsubmittingtotheboardreportsonoveralloperationalriskmanagementinaregular
manner;
3sufficientlyunderstandtheoverallsituationofthebank’soperationalriskmanagement,particularlytheeventsorprograms
withmaterialoperationalrisk;
4Clearlydefineeachdepartment’sresponsibilitiesinoperational
riskmanagementaswellasthereportingline,frequencyand

contents;urgeeachdepartmenttoreallychargeitsresponsibilitiesinabidtoensurethesoundperformanceofthe
operationalriskmanagementsystem;
5equipoperationalriskmanagementwithappropriateresources,includingbutnotlimitedtoprovidingnecessaryfunds,settingupnecessarypositionswitheligiblestaff,offeringtrainingcoursestooperationalriskmanagementpersonnel,delegatingauthorizaion
tothesaidpersonneltofulfilltheirduties,etc.;and
6makepromptlychecksandrevisionontheoperationalriskmanagementsystemsoastoeffectivelyrespondtooperationalriskeventsbroughtaboutbythechangesofinternalprocedures,products,businessactivities,ITsystem,staff,externaleventsor
otherfactors.

Article8Commercialbanksshoulddesignateacertaindepartment
toberesponsiblefortheconstructionandimplementationofoperationalriskmanagementsystem.Thisdepartmentshouldbeindependentfromothersinordertoensurethesystem’sconsistency
andeffectiveness.Itsresponsibilitiesshallmainlyinclude:


1draftingoperationalriskmanagementpolicies,proceduresandspecificprocessesandsubmittingthemtotheseniormanagement
andtheboardforreviewandapproval;
2assistingotherdepartmentstoidentify,assess,monitorand
control/mitigateoperationalrisk;
3workingoutmethodstoidentify,assess,mitigate(including
internalcontrolsandmonitoroperationalrisks,formulatingbank-widereportingprocessesofoperationalriskandorganizing
theimplementationthereof;
4puttinginplacebasiccriteriaforoperationalriskcontroloverthe
bank,andguidingandcoordinatingtheoperationalrisk
management;
5providingeachdepartmentwithtrainingsonoperationalrisk
management,andhelpingthemimproveoperationalrisk
managementcapacityandfulfilltheirownduties;
6regularlycheckingandanalyzingthepracticesofoperationalrisk
managementinbusinessdepartmentsandotherdepartments;7regularlysubmittingoperationalriskreportstosenior
management;and
8ensuringthattheoperationalriskmanagementsystemand
measuresareobserved.


Article9Therelevantdepartmentsinacommercialbankshouldbe
directlyresponsibleforoperationalriskmanagement.Major
responsibilitiesinclude:

1appointingdesignatedstafftotakechargeofoperationalriskmanagement,includingobservingoperationalriskmanagement
policies,proceduresandspecificprocesses;
2followingtheassessmentmethodsforoperationalriskmanagementtoidentifyandassesstheoperationalrisksinthedepartments,andtohaveinplaceaneffectiveon-goingproceduretomonitor,control/mitigateandreportoperationalrisks,then
organizetheimplementationthereof;
3fullyconsideringtherequirementsonoperationalriskmanagementandinternalcontrolwhenmakingdepartmentspecificbusinessprocessesandrelatedbusinesspolicies,withaviewtoensuringoperationalriskmanagementpersonnelatalllevelsparticipateinthecourseofreviewingandapprovingimportantprocedures,controlsandpolicies,thusmakingthese
alignedwiththebank’sgeneralpolicyonoperationalrisk
management;and
4monitoringkeyriskindicatorsandregularlyreportingtheirown
department’soperationalriskmanagementsituationtothe

departmentwhichtakeschargeofortaketheleadingrolein
operationalriskmanagementofthewholebank.

Article10Thelegaloffice,complianceoffice,IToffice,securityoffice,andhumanresourceofficeinacommercialbankshould,besidesproperlymanagingtheirownoperationalrisks,providerelevantresourcesandassistancewithintheirstrengthandrespectiveresponsibilitiestootherdepartmentsforthepurposeofoperational
riskmanagement.

Article11Theinternalauditdepartmentinacommercialbankdoesnotdirectlytakechargeoforparticipateinotherdepartments’operationalriskmanagement,butitshouldregularlycheckandevaluatehowwellthebank’soperationalriskmanagementsystem
operates,supervisetheimplementationofoperationalriskmanagementpolicies,independentlyevaluatethebank’snewoperationalriskmanagementpolicies,processesandspecificprocedures,andreporttotheboardofdirectorstheevaluationresults
ofoperationalriskmanagementsystem.


Acommercialbankwithhighbusinesscomplexityandlargescaleisencouragedtoentrustintermediaryagenciestoauditandevaluateits
operationalriskmanagementsystemonaregularbasis.

Article12Acommercialbankshouldhaveinplacebank-wideoperationalriskmanagementpoliciesthatarecommensuratewithitsnature,scale,complexityandriskprofile.Maincontentsinclude:

1definitionofoperationalrisk;
2appropriateorganizationalstructure,authorizationandresponsibilitieswithregardtooperationalriskmanagement;3procedurestoidentify,assess,monitorandcontrol/mitigate
operationalrisks;
4reportingproceduresofoperationalrisk,includingreporting
responsibilities,pathandfrequency,andotherspecific
requirementsonotherdepartments;and
5requirementsonpromptlyassessingoperationalrisksassociated
withexistingandnewly-developedimportantproducts,businesspractices,procedures,ITsystem,humanresourcemanagement,
externalfactorsandchangesthereof.


Article13Acommercialbankshouldchooseappropriateapproachestomanageoperationalrisks,whichmayinclude:assessmentofoperationalriskandinternalcontrol,losseventreportinganddata
collection,monitoringofkeyriskindicators,riskassessmentregardingnewproductsandbusinesspractices,testingandauditof
internalcontrol,andoperationalriskreporting.

Article14Acommercialbankwithhighbusinesscomplexityandlargescaleshouldadoptmoresophisticatedriskmanagementmethods(e.g.quantitativemethodstoassesseachdepartment’soperationalrisk,collectoperationalrisklossdata,andmakearrangementsaccordingtothecharacteristicsofoperationalrisk
associatedwitheachlineofbusiness.

Article15Acommercialbankshoulddevelopeffectiveprocessestoregularlymonitorandreportoperationalriskstatusandmateriallosses.Astoriskswithincreasinglosspotential,early-warningsystemofoperationalriskshouldbeputinplacesoastotaketimelycontrolstomitigateriskandreducetheoccurrenceandseverityof
lossevents.


Article16Materialoperationalriskeventsshouldbereportedtotheboard,seniormanagementandappropriatemanagementpersonnelaccordingtothebank’soperationalriskmanagementpolicies.

Article17Acommercialbankshouldenhanceinternalcontrolforeffectiveoperationalriskmanagement.Relatedinternalcontrols
shouldatleastinclude:

1clearlydefiningtherolesandresponsibilitiesofeachdepartment
andmakingproperseparationamongrelevantfunctionssoasto
avoidpotentialconflictsofinterests;
2closelywatchinghowwellspecifiedrisklimitorauthorizationis
observed;
3monitoringtherecordsofaccesstoanduseofthebank’sassets;4ensuringthestaffareappropriatelytrainedandeligiblefortheir
positions;
5identifyingthebusinessactivitiesorproductsthatdonotgenerate
reasonableprospectivereturnsorthatcontainpotentialrisks;6regularlyreviewingandcheckinguptransactionsandaccounts;7puttinginplaceasystemfortheheadsandthestaffinkeypositionstohavejobrotationandcompulsoryleavesandsetting
upamechanismofoff-jobauditingaswell;

8workingoutacodeofconducttoregulateon-jobandoff-job
behaviorparticularlyforthestaffinimportantpositionsorat
sensitivelinks;
9establishinganincentiveandprotectionsystemtoencourage
stafftoreportviolationsonareal-namebasis;
10settingupadual-appraisalsystemtoinvestigateandsolvebank
fraudulentcasesaswellasmakepunishmentsinatimelyand
propermanner;
11havinginplaceaninformationdisclosuresystemforthebank
caseinvestigation;and
12establishinganincentive-restrictivemechanismwithregardtothe
managementandcontrolofoperationalriskatfrontline.

Article18Acommercialbankshouldestablishandgraduallyimprovetheoperationalriskmanagementinformationsystem(MISsoastoeffectivelyidentify,assess,monitor,controlandreportoperationalrisks.Thesystemshouldatleastrecordandstorethedateaboutoperationalrisklossesandevents,supportself-assessmentonoperationalriskandcontrolmeasures,monitorkeyriskindicators,andproviderelevantinformationcontainedinoperationalrisk
reports.


Article19Toensurebusinesscontinuation,acommercialbankshould
developaschemeforemergencyresponsethatmatchestheirbusinessscaleandcomplexity,makeaback-uparrangementforservicerecovery,andregularlycheckandtestthecatastropherecoveryfunctionandbusinesscontinuationmechanismsoastomakesurethattheseactionscangoinoperationproperlyintheevent
ofcatastropheandseverebusinessdisruption.

Article20Acommercialbankshoulddevelopriskmanagementpolicieswithregardtooutsourcingpracticesinordertomakesure
thatoutsourcingissubjecttorigorouscontractsandserviceagreementswhichclearlyspecifytheobligationsofinvolvedparties.

Article21Acommercialbankmaypurchaseinsuranceandenterinto
contractwithathirdparty,andconsideritawaytomitigateoperationalrisk.Buttheyshouldbynomeansneglecttheimportance
ofcontrols.

Acommercialbankthatmitigatesoperationalrisksbymeansofinsuranceshouldformulatewrittenpoliciesandprocedures
accordingly.


Article22AcommercialbankshouldmakeadequatecapitalprovisionsfortheoperationalriskitundertakesaspertherequirementsofCBRConcapitaladequacyofcommercialbanks.

ChapterIII
SupervisionofOperationalRisk

Article23CommercialbanksshouldsubmittotheCBRCtheiroperationalriskmanagementpoliciesandprocessesforfiling.TheyshouldsubmitoperationalriskrelatedreportstotheCBRCoritslocalofficesasperregulations.Banksthatentrustintermediaryagenciestoaudittheiroperationalriskmanagementsystemshouldalsosubmit
auditreportstotheCBRCoritslocaloffices.

Article24CommercialbanksshouldpromptlyreporttotheCBRCoritslocalofficesaboutthefollowingmaterialoperationalriskeventsif
any:
1bankingcrimesinwhichmorethanRMB300,000isrobbedfroma
commercialbankorcashtruckorstolenfromabankingfinancialinstitution;bankfraudorothercasesinvolvinganamountofmore
thanRMB10million;

2eventsthatresultinseriousdamageorlossofthebank’simportantdata,books,blankvouchers,orbusinessdisruptionfor
overthreehoursintwoormoreprovinces(autonomousregions/municipalities,orbusinessdisruptionforoversixhoursinoneprovince(autonomousregion/municipalityandseverely
affectthebank’snormaloperations;
3confidentialinformationbeingstolen,sold,leakedorlostthatmay
affectfinancialstabilityandleadtoeconomicdisorder;4seniorexecutivesseverelyviolatingapplicableregulations;5accidentornaturalcatastrophecausedbyforcemajeure,resulting
inimmediateeconomiclossofmorethanRMB10million;
6otheroperationalriskeventsthatmayresultinalossofmorethan
1‰ofthebank’snetcapital;and
7othermaterialeventsasspecifiedbytheCBRC.

Article25TheCBRCshouldregularlycheckandassesstheoperationalriskmanagementpolicies,processesandpracticesofcommercial
banks.Mainitemstobecheckedandassessedinclude:

1effectivenessofthebank’soperationalriskmanagement
processes;

2thebank’sapproachestomonitorandreportoperationalrisks,includingkeyoperationalriskindicatorsandoperationalriskloss
data;
3thebank’smeasurestotimelyandeffectivelyhandleoperational
riskeventsandweaklinks;
4thebank’sproceduresofinternalcontrol,reviewingandauditing
withinitsoperationalriskmanagementprocesses;
5thequalityandcomprehensivenessofthebank’scatastrophe
recoveryandbusinesscontinuationplans;
6adequacylevelofcapitalprovisionsforoperationalrisks;and
7otheraspectsofoperationalriskmanagement.

Article26AstotheoperationalriskmanagementproblemsdiscoveredbytheCBRCduringsupervision,thecommercialbankshouldsubmitcorrectionplanandtakecorrectionactionswithinthe
specifiedtimelimit.

Whenamaterialoperationalriskeventoccurs,ifthecommercialbankfailstoadopteffectivecorrectionmeasureswithinthespecifiedtimelimit,theCBRCshouldtakeappropriateregulatoryactionsinlinewith
lawsandregulations.


ChapterIVSupplementaryProvisions

Article27ThisGuidelinesmayapplytootherbankinginstitutionsincludingpolicybanks,financialassetmanagementcompanies,urbancreditcooperatives,ruralcreditcooperatives,ruralcooperativebanks,trustandinvestmentcompanies,financefirms,financialleasingcompanies,automobilefinancialcompanies,moneybrokers,andpost
savingsinstitutions.

Article28Bankinginstitutionswithouttheboardofdirectorsshould
havetheiroperatingdecision-makingbodiesperformtheresponsibilitiesoftheboardwithregardtooperationalrisk
managementspecifiedherein.

Article29BranchessetupbyforeignbankswithintheterritoryofPeople’sRepublicofChinashouldfollowtheoperationalriskmanagementpoliciesandprocessesdevelopedbytheirheadoffices,reporttotheCBRCoritslocalofficesaboutmaterialoperationalriskevents,andacceptthesupervisionoftheCBRC.Wheretheirheadofficesdonotlayoutoperationalriskmanagementpoliciesandprocesses,suchbranchesshouldcomplywiththeGuidelines.


Article30Relevanttermsmentionedhereinaredefinedinthe
Appendix.

Article31TheGuidelinesshallbecomeeffectiveasofthedateof
promulgation.

Appendix:DefinitionsofRelevantTerms

1.Operationalriskevents

Operationalriskeventsrefertotheoperationaleventsresultingfrominadequateorfailedinternalprocesses,peopleandITsystem,orfromexternalfactors,whichbringaboutfinanciallossesoraffectthebank’sreputation,clientsandstaff.Specificeventsinclude:internalfraud,externalfraud,employmentpracticesandworkplacesafety,clients,products&businesspractices,damagestophysicalassets,businessdisruptionandsystemfailures,execution,delivery&processmanagement(seeAnnex7DetailedLossEventTypeClassificationofTheInternationalConvergenceofCapitalMeasurementandCapitalStandards:ARevisedFrameworkortheNewBaselCapitalAccord.


2.self-assessmentonrisk,keyriskindicators

Toolsusedbycommercialbankstoidentifyandassessoperational
risks.
1self-assessmentonrisk
Self-assessmentonriskisatoolforoperationalriskmanagementbycommercialbankstoidentifyandassessthecontrolmeasuresandappropriatenessandeffectivenessthereofwithregardtopotential
operationalriskandtheirownbusinesspractices.

2KeyRiskIndicator

Keyriskindicatorsrefertothestatisticalindicatorsthatrepresentthechangesinacertainareaofriskandcanbemonitoredonaregularbasis.Theseindicatorscanbeusedtomonitorvariousrisksandcontrolmeasuresthatmayresultinlosseventsandtofunctionasearly-warningindicatorsforriskchanges(sothatseniormanagementcantaketimelyactionsaccordingly.Examplesofspecificindicators:lossratioperRMB100millionasset,numberofbankingcrimesper10,000people,ratioofthecaseswitheachinvolvingacashvalueofRMB1million,numberoftransactionsunconfirmedbeyondacertain

timelimit,percentageoffailedtransactions,staffturnover,numberofclientcomplaints,frequencyandseverityoferrorsandomissions,etc.

3.LegalRisk

Legalriskincludes,butisnotlimitedto,thefollowing:1thecontract
signedbyacommercialbankviolatinglawsoradministrativeregulationsandthereforebeingprobablycancelledorconfirmedinvalidaccordingtolaw;2thebankbeingsuedorinarbitrationbecauseofitsbreachofcontract,infringementorotherreasonsandheldliableforcompensationaccordingtolaw;3thebank’sbusinesspracticesviolatinglawsoradministrativeregulationsandtherefore
beingheldliableadministrativelyorcriminally.


本文来源:https://www.2haoxitong.net/k/doc/2501f092504de518964bcf84b9d528ea80c72f1d.html

《商业银行操作风险管理指引英文.doc》
将本文的Word文档下载到电脑,方便收藏和打印
推荐度:
点击下载文档

文档为doc格式

相关推荐

推荐内容

雪花啤酒合同 雪花啤酒合同 RPG游戏策划书示例 带然字的成语 2011年加拿大留学人数将持续上升 请问带有然字的四字成语有哪些 含然的的四字成语 然字成语 2021年××司法所“六五”普法规划 描写含有然字的四字词语
网站内容来自网络,如有侵权请联系我们,立即删除! Copyright © 范文写作网京ICP备16605803号