Op. Risk Standardized Measurement Approach (SMA) is Weak!
In December 2017, Basel 3; finalizing post-crisis reforms, was issued, and included dramatical changes in calculating capital charge for operational risks management. To recognize the changes, let’s summarize the “old” approaches; Basic Indicator (BIA), Standardized (SA) and Advanced Measurement (AMA) Approaches, which were introduced in Basel 2, which was published in 2004, and the “new” approach, which is Standardized Measurement Approach (SMA).?
In Basel 2, operational risk management capital was calculated based on one of the following 3 approaches:
?? Basic Indicator Approach (BIA): 15 % of the average annual gross income over the past three years. Indeed, such approach was easy to calculate. It depended on financial data only and disregarded loss incidents. It is believed the methodology granted the highest degree of conservatism, but it was the most expensive capital charge.
?
?? Standardized Approach (SA): it is like BIA, but different multipliers are applied to gross income from different business lines. At the end of the day, the capital in BIA is as same as in SA.
?
?? Advanced Measurement Approach (AMA): ?According to Basel: “This approach allows a bank to calculate its regulatory capital charge using internal models, based on internal risk variables and profiles, and not on exposure proxies such as gross income (i.e. BIA and SA). This is the only risk-sensitive approach for operational risk allowed and described in Basel II.”
?
o?? Regarding AMA, it is worth to mention the following:
§? The used internal model was subject to supervisory validation.
§? AMA was the most sophisticated method, since complex models should be used to estimate op. risk capital, which should be accurate (confidence level) 99.9%.
§? Yet, AMA’s allocated capital was smaller than BIA and SA.
?
AMA Op. risk capital was determined while using the following:
§? Internal Loss Database (ILD): banks should record incidents in a database.
§? External Loss Database (ELD): banks should include other banks losses (i.e. through subscribing to a consortium (i.e. ORX), etc.).
§? Scenario analysis: banks should seek experts’ opinion through scenario analysis.
领英推荐
§? Business environment and Internal Control Factor (BECIF): banks shall practice and monitor risks through, KRIs, RCSA, etc.
§? Then, according to the generated data, banks measured operational risk capital based on 99.9% confidence level by using different models.
Why did Basel committee remove AMA?
Since, AMA was too complex, and banks could not reach the best practice/standardized methodology to calculate op. risk capital while using statistical models.
Therefore, Basel committee has introduced a new approach. Basel defined SMA as “a single non-model-based method for the estimation of operational risk capital. It incorporates the risk sensitivity of an advanced approach by combining in a standardized fashion the use of a bank’s financial statement information and its internal loss experience.”
Therefore, the article will elaborate the weakness points of SMA through comparing between AMA and SMA as they both consider risk sensitivity while measuring operational risk capital. On the other hand, since BIA and SA relied on financial data only therefore, they will be disregarded.
Weakness of SMA:
First, in AMA approach, it encouraged to use External Loss Database (ELD) and Scenario Analysis (SCA) and emphasized their importance through integrating their results in operational risk capital charge. The main aim of using ELD and SA was to supplement the bank with scarce type of losses/incidents, which are high severity and low frequency incidents, to build an adequate capital. Does SMA supplement its data with high severity and low frequency incidents? No! it just relied on 10- or 5-years historical data, which may include few of such catastrophic events, therefore, the allocated capital would not be robust.
Second, in AMA approach enriches its risk measures through considering BEICF results. The most recognizable tools in BECIF are KRIs and RCSA. The nature of such measures is being pro-active. It helps to identify the new and forthcoming risks and events. While SMA does not consider BEICF. SMA’s capital is was allocated based on historical losses only. It neglects one of operational risk management assets.
Third, AMA capital is dynamic as it depends on diversified risk information and data to establish a robust operational risk capital (i.e. ELD, Scenario analysis, BEICF etc.). While SMA merely depends on single source information of data (historical incidents) and let’s agree on this, at certain point of time, such historical losses would be obsolete and old. While managing different types of risks, banks should not allocate capital based on outdated risk data. Moreover, Risk professional do not agree with “History repeats itself” statement. Let’s assume a bank calculates op. risk capital in 2023 by using SMA, and the bank was not exposed to cybersecurity attack. ?would it allocate capital and consider an event like cybersecurity incident? (Hint: Cybersecurity risk is always ranked among top 10 risks).
Fourth, let’s assume that an ABC bank in XYZ country was exposed to cyberattack and its data was leaked. Of course, such incident will have a negative impact on all banks, financial system and the economy in XYZ country. So, what do you think? Which approach will consider such incident immediately and include it in operational risk capital calculation? The one which depends on previous 10 years historical database! Definitely not.
Fifth, SMA will suffer from Ghost effect. For example, let’s assume Société Générale (SG) bank prepare op. risk capital charge based on SMA in 2023. The scope of data will range from 2013 till 2022. Do you know what does it mean? In 2008, a rouge trading incident, which took place in SG has been disregarded, since it was not within 10 years scope! Add insult to injury, the consequences of such incident had a negative impact till today. Check share price of SG in April 2007 prior the incident, it reached EUR 138.14, but today the share price does not exceed EUR 26! It is believed AMA will consider such incident through its diversified tools.
Sixth, according to findings above, the SMA capital would be weak and may underestimate risks while allocating capital. It is not sensitive to the current events & surroundings. Also, AMA is not the perfect solution. There is no standard guidelines how to allocate capital based on AMA approach, but it is believed AMA offered the highest standards and practices of operational risk management.
So what do you think? please post comments :)
Avid Learner | Investor | Risk Management (Banking and Insurance)
1 年Nice article sir. I will be sure to repost.
Data-Driven Risk Strategist | Fraud Management Specialist | Optimizing Risk Mitigation through Data Analytics and Visual Insights | Empowering Strategic Decisions ?? | Instructor
1 年I'm truly impressed by your thorough breakdown of the transition from AMA to SMA for operational risk management. Your comparison between the two approaches showcases a clear grasp of their pros and cons. Your insights into potential challenges and benefits offer valuable guidance for anyone navigating this evolving landscape. Fantastic job!