Operational Risk: Frameworks, Loss Data, and Model Risk
Basel definitions, loss event categories, the AMA approach, key risk indicators, and the growing importance of model risk as a subset of operational risk.
Study depth
5
structured sections
Exam lens
20%
topic blueprint weight
Access
Premium
visual summary included
Concept visual
Operational Loss Frequency Versus Severity
Low-frequency, high-severity events behave very differently from routine control breaks.
Why it matters
Operational risk frameworks need both incident capture for common events and scenario analysis for tail events.
Operational Risk: Frameworks, Loss Data, and Model Risk
What Is Operational Risk?
Basel defines operational risk as: "The risk of loss resulting from inadequate or failed internal processes, people, and systems, or from external events."
This definition includes legal risk but excludes strategic risk and reputational risk (though these often follow operational failures).
Examples
- A rogue trader bypasses controls and accumulates unauthorized positions
- A cyberattack compromises customer data and triggers regulatory fines
- A software error causes incorrect trade execution for three hours
- A natural disaster destroys a data center, halting operations
Basel Event Types
Basel categorizes operational losses into seven event types:
| # | Event Type | Examples |
|---|---|---|
| 1 | Internal Fraud | Unauthorized trading, embezzlement, intentional mismarking |
| 2 | External Fraud | Robbery, phishing, identity theft, hacking |
| 3 | Employment Practices | Discrimination lawsuits, workplace safety violations |
| 4 | Clients, Products & Business Practices | Mis-selling, fiduciary breaches, market manipulation |
| 5 | Damage to Physical Assets | Natural disa |
...
Premium Library Access Required
The first two study notes stay free. The remaining 11 notes are reserved for premium members, with full reading access, charts, and deeper exam guidance.
Unlock Premium Notes