IS423 Financial Markets Processes and Technology. Operational Risk in Financial Institutions



Similar documents
DISASTER RECOVERY WITH AWS

SS&C Outsourcing Services: Beyond Hosting

INDUSTRY OVERVIEW THE STOCK MARKET IN HONG KONG. History of the Stock Exchange

Chinese University of Hong Kong Conference on HKEx and the Market Structure Revolution

COL FINANCIAL GROUP, INC. RISK MANAGEMENT SYSTEM

How to Choose a Cloud Backup Service Provider

The case for cloud-based disaster recovery

This white paper describes the three reasons why backup is a strategic element of your IT plan and why it is critical to your business that you plan

High Availability with Postgres Plus Advanced Server. An EnterpriseDB White Paper

Virtualizing disaster recovery using cloud computing

Everything You Need to Know About Network Failover

State of Missouri Active Directory & Consolidation Project Executive Summary

Red Hat Enterprise linux 5 Continuous Availability

Mastering Disaster A DATA CENTER CHECKLIST

How Do I know If I Need RCx HOW TO CHOOSE A MANAGED SERVICES PROVIDER.

Availability Digest. Singapore Bank Downed by IBM Error August 2010

Application / Hardware - Business Impact Analysis Template. MARC Configuration Requirements. Business Impact Analysis

Practical Considerations and Risks - Portfolio Trading, Index Arbitrage, and Dispersion Trading

Business Continuity and Disaster Survival Strategies for the Small and Mid Size Business.

IT Services. We re the IT in OrganIsaTion. Large Organisations

Institute for Development and Research in Banking Technology

IBM TotalStorage IBM TotalStorage Virtual Tape Server

Skelta BPM and High Availability

The Art of High Availability

Deltek First - The Business Case

White Paper. Managed IT Services as a Business Solution

DEFINITIONS. In this document, the following expressions have the following meanings, unless the context requires otherwise:

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

Active Directory & Consolidation Project. Category: Enterprise IT Management Initiatives. State of Missouri

Disaster Recovery Strategies

IBM PureFlex System. The infrastructure system with integrated expertise

AVANTGARD Hosting and Managed Services

The multi-bank, multi-instrument confirmation matching solution

Why Should Companies Take a Closer Look at Business Continuity Planning?

The Outsourced IT Hiring Guide

Financial Services Need More than Just Backup... But they don t need to spend more! axcient.com

The Benefits of Continuous Data Protection (CDP) for IBM i and AIX Environments

The Business Case for Cloud Backup

High-frequency trading, flash crashes & regulation Prof. Philip Treleaven

Reducing the Cost and Complexity of Business Continuity and Disaster Recovery for

Guardian365. Managed IT Support Services Suite

Making the Business and IT Case for Dedicated Hosting

AVANTGARD Private Cloud and Managed Services

Choosing a Server to Fit Your Business. A step-by-step guide to help businesses maximize the benefits of Intel. Xeon -based server solutions.

Cohesion Managed Services

ROI CASE STUDY MICROSOFT DYNAMICS CRM TRADESTATION

Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider

WHITE PAPER. Best Practices to Ensure SAP Availability. Software for Innovative Open Solutions. Abstract. What is high availability?

ACI ON DEMAND DELIVERS PEACE OF MIND

WHY CLOUD BACKUP: TOP 10 REASONS

Vodafone Private Cloud

Cloud Computing Thunder and Lightning on Your Horizon?

Why it s time to move to online accounting software

INDUSTRY OVERVIEW COMMISSIONED REPORT FROM IPSOS

Your custodian of choice.

London Stock Exchange

Hosting JDE EnterpriseOne in the Cloud Hear how one company went to the cloud

Network Virtualization Platform (NVP) Incident Reports

A Best Practices Point of View from. Data Backup and Disaster Recovery Planning

SCHEDULE 1 SERVICE DESCRIPTION

Why cloud backup? Top 10 reasons

TO AN EFFECTIVE BUSINESS CONTINUITY PLAN

Automated Trading Platform for Institutional Customers

Get Your Out of Control SAP Database Under Control:

Statement of Guidance

Equities Dealing, Brokerage and Market Making

QUICK FACTS. Replicating Canada-based Database Support at a New Facility in the U.S. TEKSYSTEMS GLOBAL SERVICES CUSTOMER SUCCESS STORIES

Transcription:

IS423 Financial Markets Processes and Technology Operational Risk in Financial Institutions Kenken Lim Chang, Hua-Wei (Kevin)

Introduction, Definition, & History What is Op Risk? the danger of unexpected losses from a firm s operational activities, which includes internal procedures, people, and systems No industry-wide definition exists Each institution has its own operational setting Technology / IT systems Communications, IT security, Hard/software What s the background? Perhaps the oldest risk which financial industry faces 1999, Basel Committee on Banking Supervision Recognized as a legitimate issue by regulatory such risks (op risk) are too important not to be treated separately within the capital framework

What are the Issues & Problems? Even the technically-perfect IT systems can fail Lack of training, skills, and communication for users Island systems and solutions within an institution Systems are not standardized across regions and financial product lines Concern of cost limits IT systems improvement High costs and limited access to right skills / resources outweigh the benefits Complexity on managing and developing IT systems troublesome No core system backup Lead to system downtime & reduce system availability

What are the Issues & Problems? Nature of the financial markets Complex products, massive data volume, fast paced Result in complex IT environment & error-prone algorithms Lack of reassessment & stress tests on a regular basis Recurring mistakes plus new mistakes found lead to failure in real operation IT security & protection Firewall, access control, computer viruses, hackers (internal/external) May lead to monetary and reputational losses Financial sector s history of acquisitions and mergers Partial/temporary improvements & system integration lead to imperfect infrastructure Lack of detailed review of existing systems before integration for merger

Example #1: OM Gruppen & HKEx (2003) OM Gruppen: supplier and maintenance vendor for HKATS The bug Attempt to handle complex combinations of combo orders lead to an infinite loop in transaction disable HKATS Trading in HSI futures and options, MSCI China Free Index future and Dow Jones Industrial Average future contracts brought to a standstill Dead battery in back-up trading system was blamed for halt in future and options trading that lasted for an hour Implications Traders believe problem is rooted in the system s inability to support large volumes everytime we have a busy day the system crashes that s why we re not showing that much liquidity, because people just cannot trust the system head of equity derivatives at Fimat, HK Public believes HKEx should improve system with upgrades, added functionality, and the ability to handle large volumes

Example #2: LSE Breakdown (2007) London Stock Exchange Group The bug Infolect data delivery system interrupted disseminating data to the market failed prices were unreliable closing delayed for 90 mins Traders have to wait until the next morning to ask clients whether to settle trades Worldwide impact the Dow Jones industrial average closed down 360.90 points Implications Data transmission interruption shouldn t occur since basic contingency planning should include connectivity testing Failure impacted both primary and backup systems System s fault or management s fault?

What are the Solutions? Rigorous Stress Testing o For systems to be in place after merger o Streamlined & Integrated o IT migration o Well-planned testing procedure Automation o Increases throughput & decreases latency o Able to minimize manual tasks o Example: Time is essential in a bank. Staff will be able to handle other important tasks by not repeating steps to test a process. Communication o Business Analyst to work closely with IT team to avoid system failure.

What are the Solutions? Outsource o Outsource partner increases benefits from IT resilience and reduce time taken to achieve such goals o Make risk management more affordable o Sourcing from partner provides usage-based pricing o Access to advanced technology platforms, tools, testing environments, large pool of expertise, and end-to-end control o Allows the firm to focus on core activities & gain efficiency Disaster Recovery Plan o Companies invests millions for DR plan to tackle natural disaster issues to avoid large losses o Objective is to ensure that business still functions in case of system failure.

Example #1: IBM & Settlement House Outsourcing to IBM o For operational risk advice & service due to its reputation Illustrates how company collaborated with IBM to design, develop & manage IT applications/infrastructure that supports foreign exchange process Benefits & End Result: o Reduction in risk, led to Forex dealers operating with improved credit risks. o Reliable, enterprise-wide systems that significantly reduce costs

Example #2: CBOT & Disaster Recovery Chicago Board of Trade (CBOT) Preparation for disaster: o Separate data center in another building to provide redundancies & fail-over to critical systems. o Subscription with recovery provider for Prices, Wall displays and QVN in a limited Disaster Recovery capacity After 911 occurs: o Modified their Disaster Recovery Plan o Increases the stages taken to ensure systems can still work after disruptions o Created Risk Management Group

What is the Future? IBM - Project eliza o Multi-million long term & impressive project o Systems can heal themselves when there s a failure Self Configuration Self Optimizing Self Protecting o Able to function for decades without failing without human intervention

Bibliography & Readings Operational Risk in Financial Services Credit Suisse Group <www.credit-suisse.com/governance/.../operational_risk.pdf> Regulating and Supervising Operational Risk for Banks <www.isb.uzh.ch/publikationen/pdf/workingpapernr26.pdf> Systems Failure Analysis <http://www.jhberkandassociates.com/systems_failure_analysis.htm> Investopedia Operational Risk: A Must-Know For Investors http://www.investopedia.com/articles/professionaleducation/10/operational-risk.asp Five ways to manage operational risk in an even riskier world <www-07.ibm.com/nz/media/.../operational_risk.pdf> IBM- Operational Risk Management and IT: Implications for Financial Services <https://www-935.ibm.com/services/uk/gts/pdf/opriskmgmt-oct-06.pdf> OM system failure behind HKEx interruption <http://www.risk.net/risk-magazine/news/1504946/om-failure-hkex-interruption> London Stock Exchange (LSE) system failure stops trading <http://www.zdnet.com/blog/projectfailures/london-stock-exchange-lse-system-failure-stops-trading/472> Dealers in the dark after systems failure http://business.timesonline.co.uk/tol/business/markets/article2828050.ece Business Continuity & Disaster Recovery Planning at The Chicago Board of Trade <www.futuresindustry.org/downloads/audio/.../one-415b.ppt> Project eliza <http://www.zdnet.com/news/ibms-eliza-self-healing-it/297425> Operational Risk after merger <http://wiki.smu.edu.sg/1011t1isfs604/isfs604_operational_risk_event:_mizuho_financial_group_banking_syst em_failure_%28apr_2002%29>

Thank you! Q & A

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information