3 - Operational Risk and Resiliency

Question 1

Describe the three lines of defense in the Basel model for operational risk governance.

Answer 1

.

Question 2

Summarize the fundamental principles of operational risk management as suggested by the Basel Committee.

Answer 2

.

Question 3

Explain guidelines for strong governance of operational risk and evaluate the role of the board of directors, senior management, and supervisors in implementing an effective operational risk framework.

Answer 3

.

Question 4

Describe tools and processes that can be used to Identify and assess operational risk.

Answer 4

.

Question 5

Describe features of an effective control environment and Identify specific controls that should be in place to address operational risk.

Answer 5

.

Question 6

Explain the Basel Committee’s suggestions for managing technology risk and outsourcing risk.

Answer 6

.

Question 7

Define enterprise risk management (ERM) and explain how implementing ERM practices and policies can create shareholder value, both at the macro and the micro level.

Answer 7

.

Question 8

Explain how a company can determine its optimal amount of risk through the use of credit rating targets.

Answer 8

.

Question 9

Describe the development and implementation of an ERM system, as well as challenges to the implementation of an ERM system.

Answer 9

.

Question 10

Describe the role of and issues with correlation in risk aggregation and describe typical properties of a firm’s market risk, credit risk, and operational risk distributions.

Answer 10

.

Question 11

Distinguish between regulatory and economic capital and explain the use of economic capital in the corporate decision-making process.

Answer 11

.

Question 12

Describe Enterprise Risk Management (ERM) and compare and contrast differing definitions of ERM.

Answer 12

.

Question 13

Compare the benefits and costs of ERM and describe the motivations for a firm to adopt an ERM initiative.

Answer 13

.

Question 14

Describe the role and responsibilities of a chief risk officer (CRO) and assess how the CRO should interact with other senior management.

Answer 14

.

Question 15

Describe the key components of an ERM program.

Answer 15

.

Question 16

Describe best practices for the implementation and communication of a risk appetite framework (RAF) at a firm.

Answer 16

.

Question 17

Explain key challenges to the implementation of an RAF and describe how a firm can overcome each challenge.

Answer 17

.

Question 18

Assess the role of stress testing within an RAF and describe challenges in aggregating firm-wide risk exposures.

Answer 18

.

Question 19

Explain lessons learned in the implementation of an RAF through the presented case studies.

Answer 19

.

Question 20

Describe challenges faced by banks with respect to conduct and culture and explain motivations for banks to improve their conduct and culture.

Answer 20

.

Question 21

Explain methods by which a bank can improve its corporate culture and assess the progress made by banks in this area.

Answer 21

.

Question 22

Assess the role of regulators in encouraging strong conduct and culture at banks, and provide examples of regulatory initiatives in this area.

Answer 22

.

Question 23

Describe best practices and lessons learned in managing a bank’s corporate culture.

Answer 23

.

Question 24

Compare risk culture and corporate culture and explain how they interact.

Answer 24

.

Question 25

Explain factors that influence a firm’s corporate culture and its risk culture.

Answer 25

.

Question 26

Describe methods by which corporate culture and risk culture can be measured.

Answer 26

.

Question 27

Describe characteristics of a strong risk culture and challenges to the implementation of an effective risk culture.

Answer 27

.

Question 28

Assess the relationship between risk culture and business performance.

Answer 28

.

Question 29

Describe the seven Basel II event risk categories and identify examples of operational risk events in each category.

Answer 29

.

Question 30

Summarize the process of collecting and reporting internal operational loss data, including the selection of thresholds, the timeframe for recoveries, and reporting expected operational losses.

Answer 30

.

Question 31

Explain the use of a risk control self-assessment (RCSA) and key risk indicators (KRIs) in identifying, controlling, and assessing, operational risk exposures.

Answer 31

.

Question 32

Describe and assess the use of scenario analysis in managing operational risk and identify the biases and challenges that can arise when using scenario analysis.

Answer 32

.

Question 33

Compare the typical operational risk profiles of firms in different financial sectors.

Answer 33

.

Question 34

Explain the role of operational risk governance and how a firm’s organizational structure can impact risk governance.

Answer 34

.

Question 35

Describe model risk and explain how it can arise in the implementation of a model.

Answer 35

.

Question 36

Describe elements of an effective model risk management process.

Answer 36

.

Question 37

Explain best practices for the development and implementation of models.

Answer 37

.

Question 38

Describe elements of a strong model validation process and challenges to an effective validation process.

Answer 38

.

Question 39

Identify the most common issues that result in data errors.

Answer 39

.

Question 40

Explain how a firm can set expectations for its data quality and describe some key dimensions of data quality used in this process.

Answer 40

.

Question 41

Describe the operational data governance process, including the use of scorecards in managing information risk.

Answer 41

.

Question 42

Explain the process of model validation and describe best practices for the roles of internal organizational units in the validation process.

Answer 42

.

Question 43

Compare qualitative and quantitative processes for validating internal ratings and describe elements of each process.

Answer 43

.

Question 44

Describe challenges related to data quality and explain steps that can be taken to validate a model’s data quality.

Answer 44

.

Question 45

Explain how to validate the calibration and the discriminatory power of a rating model.

Answer 45

.

Question 46

Describe ways that errors can be introduced into models.

Answer 46

.

Question 47

Explain how model risk and variability can arise through the implementation of VaR models and the mapping of risk factors to portfolio positions.

Answer 47

.

Question 48

Identify reasons for the failure of the long-equity tranche, short-mezzanine credit trade in 2005 and describe how such modeling errors could have been avoided.

Answer 48

.

Question 49

Explain major defects in model assumptions that led to the underestimation of systematic risk for residential mortgage backed securities (RMBS) during the 2007-2009 financial crisis.

Answer 49

.

Question 50

Define, compare, and contrast risk capital, economic capital, and regulatory capital, and explain methods and motivations for using economic capital approaches to allocate risk capital.

Answer 50

.

Question 51

Describe the risk-adjusted return on capital (RAROC) methodology and its use in capital budgeting.

Answer 51

.

Question 52

Compute and Interpret the RAROC for a project, loan, or loan portfolio and use RAROC to compare business unit performance.

Answer 52

.

Question 53

Explain challenges that arise when using RAROC for performance measurement, including choosing a time horizon, measuring default probability, and choosing a confidence level.

Answer 53

.

Question 54

Calculate the hurdle rate and apply this rate in making business decisions using RAROC.

Answer 54

.

Question 55

Compute the adjusted RAROC for a project to determine its viability.

Answer 55

.

Question 56

Explain challenges in modeling diversification benefits, including aggregating a firm’s risk capital and allocating economic capital to different business lines.

Answer 56

.

Question 57

Explain best practices in implementing an approach that uses RAROC to allocate economic capital.

Answer 57

.

Question 58

Within the economic capital implementation framework, describe the challenges that appear in: - Defining and calculating risk measures - Risk aggregation - Validation of models - Dependency modeling in credit risk - Evaluating counterparty credit risk - Assessing interest rate risk in the banking book

Answer 58

.

Question 59

Describe the recommendations by the Bank of International Settlements (BIS) that supervisors should consider making effective use of internal risk measures, such as economic capital, that are not designed for regulatory purposes.

Answer 59

.

Question 60

Explain benefits and impacts of using an economic capital framework within the following areas: - Credit portfolio management - Risk-based pricing - Customer profitability analysis - Management incentives

Answer 60

.

Question 61

Describe best practices and assess key concerns for the governance of an economic capital framework.

Answer 61

.

Question 62

Describe the Federal Reserve’s Capital Plan Rule and explain the seven principles of an effective capital adequacy process for bank holding companies (BHCs) subject to the Capital Plan Rule.

Answer 62

.

Question 63

Describe practices that can result in a strong and effective capital adequacy process for a BHC in the following areas: - Risk identification - Internal controls, including model review and validation - Corporate governance - Capital policy, including setting of goals and targets and contingency planning - Stress testing and stress scenario design - Estimating losses, revenues, and expenses, including quantitative and qualitative methodologies - Assessing the impact of capital adequacy, including risk-weighted asset (RWA) and balance sheet projections

Answer 63

.

Question 64

Describe the evolution of the stress testing process and compare the methodologies of historical European Banking Association (EBA), Comprehensive Capital Analysis and Review (CCAR), and Supervisory Capital Assessment Program (SCAP) stress tests.

Answer 64

.

Question 65

Explain challenges in designing stress test scenarios, including the problem of coherence in modeling risk factors.

Answer 65

.

Question 66

Explain challenges in modeling a bank’s revenues, losses, and its balance sheet over a stress test horizon period.

Answer 66

.

Question 67

Explain how risks can arise through outsourcing activities to third-party service providers and describe elements of an effective program to manage outsourcing risk.

Answer 67

.

Question 68

Explain how financial institutions should perform due diligence on third-party service providers.

Answer 68

.

Question 69

Describe topics and provisions that should be addressed in a contract with a third-party service provider.

Answer 69

.

Question 70

Explain best practices recommended for the assessment, management, mitigation, and monitoring of money laundering and financial terrorism (ML/FT) risks.

Answer 70

.

Question 71

Summarize the clearing process in OTC derivatives markets.

Answer 71

.

Question 72

Describe changes to the regulation of OTC derivatives which took place after the 2007-2009 financial crisis and explain the impact of these changes.

Answer 72

.

Question 73

Explain the motivations for introducing the Basel regulations, including key risk exposures addressed, and explain the reasons for revisions to Basel regulations over time.

Answer 73

.

Question 74

Explain the calculation of risk-weighted assets and the capital requirement per the original Basel I guidelines.

Answer 74

.

Question 75

Describe measures introduced in the 1995 and 1996 amendments, including guidelines for netting of credit exposures and methods for calculating market risk capital for assets in the trading book.

Answer 75

.

Question 76

Describe changes to the Basel regulations made as part of Basel II, including the three pillars.

Answer 76

.

Question 77

Compare the standardized internal ratings-based (IRB) approach, the foundation IRB approach, and the advanced IRB approach for the calculation of credit risk capital under Basel II.

Answer 77

.

Question 78

Calculate credit risk capital under Basel II utilizing the IRB approach.

Answer 78

.

Question 79

Compare the basic indicator approach, the standardized approach, and the advanced measurement approach for the calculation of operational risk capital under Basel II.

Answer 79

.

Question 80

Summarize elements of the Solvency II capital framework for insurance companies.

Answer 80

.

Question 81

Describe and calculate the stressed VaR introduced in Basel 2.5 and calculate the market risk capital charge.

Answer 81

.

Question 82

Explain the process of calculating the incremental risk capital charge for positions held in a bank’s trading book.

Answer 82

.

Question 83

Describe the comprehensive risk (CR) capital charge for portfolios of positions that are sensitive to correlations between default risks.

Answer 83

.

Question 84

# Define in the context of Basel III and calculate where appropriate: - Tier 1 capital and its components - Tier 2 capital and its components - Required Tier 1 equity capital, total Tier 1 capital, and total capital

Answer 84

.

Question 85

Describe the motivations for and calculate the capital conservation buffer and the countercyclical buffer, including special rules for globally systemically important banks (G-SIBs).

Answer 85

.

Question 86

Describe and calculate ratios intended to improve the management of liquidity risk, including the required leverage ratio, the liquidity coverage ratio, and the net stable funding ratio.

Answer 86

.

Question 87

Describe the mechanics of contingent convertible bonds (CoCos) and explain the motivations for banks to issue them.

Answer 87

.

Question 88

Explain motivations for “gold plating” of regulations and provide examples of legislative and regulatory reforms that were introduced after the 2007-2009 financial crisis.

Answer 88

.

Question 89

Explain the motivations for revising the Basel III framework and the goals and impacts of the December 2017 reforms to the Basel III framework.

Answer 89

.

Question 90

Summarize the December 2017 revisions to the Basel III framework in the following areas: - The standardized approach to credit risk - The internal ratings-based (IRB) approaches for credit risk - The CVA risk framework - The operational risk framework - The leverage ratio framework

Answer 90

.

Question 91

Describe the revised output floor introduced as part of the Basel III reforms and approaches to be used when calculating the output floor.

Answer 91

.

Question 92

Explain the elements of the new standardized approach to measure operational risk capital, including the business indicator, internal loss multiplier, and loss component, and calculate the operational risk capital requirement for a bank using this approach.

Answer 92

.

Question 93

Compare the Standardized Measurement Approach (SMA) to earlier methods of calculating operational risk capital, including the Advanced Measurement Approaches (AMA).

Answer 93

.

Question 94

Describe general and specific criteria recommended by the Basel Committee for the identification, collection, and treatment of operational loss data.

Answer 94

.

Question 95

Describe elements of an effective cyber-resilience framework and explain ways that an organization can become more cyber-resilient.

Answer 95

.

Question 96

Explain resilient security approaches that can be used to increase a firm’s cyber resilience and describe challenges to their implementation.

Answer 96

.

Question 97

Explain methods that can be used to assess the financial impact of a potential cyber attack and explain ways to increase a firm’s financial resilience.

Answer 97

.

Question 98

Define cyber resilience and compare recent regulatory initiatives in the area of cyber resilience.

Answer 98

.

Question 99

Describe current practices by banks and supervisors in the governance of a cyber-risk-management framework, including roles and responsibilities.

Answer 99

.

Question 100

Explain methods for supervising cyber resilience, testing and incident response approaches, and cybersecurity and resilience metrics.

Answer 100

.

Question 101

Explain and assess current practices for the sharing of cybersecurity information between different types of institutions.

Answer 101

.

Question 102

Describe practices for the governance of risks of interconnected third-party service providers.

Answer 102

.

Question 103

Describe an impact tolerance; explain best practices and potential benefits for establishing the impact tolerance for a business service.

Answer 103

.

Question 104

Provide examples of important business services and explain criteria that firms should use to determine their important business services.

Answer 104

.

Question 105

Explain tools and processes, including mapping and scenario testing, that financial institutions should use to improve their operational resilience and remain within their impact tolerance.

Answer 105

.

Question 106

Describe the governance of an operational resilience policy, including the relationships between operational resilience and a firm’s risk appetite, impact tolerance, continuity planning, and outsourcing to third-party providers.

Answer 106

.

Question 107

Define and describe operational resilience and explain essential elements of operational resilience.

Answer 107

.

Question 108

Explain recommended principles that banks should follow to implement an effective operational resilience approach.

Answer 108

.

Question 109

Describe elements of an effective operational resilience framework and its potential benefits.

Answer 109

.