Merrill Lynch & Co. Process Risk Management Program



Similar documents
Operational Risk Management - The Next Frontier The Risk Management Association (RMA)

Operational Risk Management Program Version 1.0 October 2013

D. E. Shaw & Co. (London), LLP Pillar 3 Disclosure

Best Practices for Credit Risk Management. Rules Notice Guidance Notice Dealer Member Rules

Basel Committee on Banking Supervision

Consultative report. Committee on Payment and Settlement Systems. Board of the International Organization of Securities Commissions

How To Manage Risk At Atb Financial

How To Assess A Critical Service Provider

B o a r d of Governors of the Federal Reserve System. Supplemental Policy Statement on the. Internal Audit Function and Its Outsourcing

Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age

Establishing a Quality Assurance and Improvement Program

[300] Accounting and internal control systems and audit risk assessments

Administrative Guidelines on the Internal Control Framework and Internal Audit Standards

CDC s Policy Analytical Framework. Centers for Disease Control and Prevention Office of the Associate Director for Policy

Operational Risk Management Table of Contents

FINANCIAL ASSESSMENT CRITERIA (The Assessment Criteria should be read in conjunction with OSFI s Supervisory Framework)

Pictet Asset Management Ltd

Supervisory Guidance on Operational Risk Advanced Measurement Approaches for Regulatory Capital

YEARENDED31DECEMBER2013 RISKMANAGEMENTDISCLOSURES

INTERAGENCY GUIDANCE ON THE ADVANCED MEASUREMENT APPROACHES FOR OPERATIONAL RISK. Date: June 3, 2011

Implementing an AMA for Operational Risk

FSB Principles for Sound Compensation Practices. Implementation Standards

Capital Adequacy: Advanced Measurement Approaches to Operational Risk

ORSA - The heart of Solvency II

GAO. Standards for Internal Control in the Federal Government. Internal Control. United States General Accounting Office.

Preparation of a Rail Safety Management System Guideline

How To Write A Bank

HOCH CAPITAL LTD PILLAR 3 DISCLOSURES As at 1 February 2015

Regulatory Solvency Assessment of Property/Casualty Insurance Companies in the United States

PCAOB Concept Release on Audit Quality Indicators Summary & Considerations for Stakeholder Comment

Frequently Asked Questions in Identifying and Assessing Prospective Risks

Risk Management Programme Guidelines

Basel Committee on Banking Supervision. Review of the Principles for the Sound Management of Operational Risk

ENTERPRISE RISK MANAGEMENT FRAMEWORK

Direct Line Insurance Group plc (the Company ) Board Risk Committee (the Committee ) Terms of Reference

Principles for An. Effective Risk Appetite Framework

Risk Committee Charter

The Role of the Board in Enterprise Risk Management

Risk Management Strategy and Guidelines

GUIDELINES ON RISK MANAGEMENT AND INTERNAL CONTROLS FOR INSURANCE AND REINSURANCE COMPANIES

STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES. ENTERPRISE RISK MANAGEMENT Framework

Appendix 3 (normative) High level structure, identical core text, common terms and core definitions

IIA Position Paper: THE THREE LINES OF DEFENSE IN EFFECTIVE RISK MANAGEMENT AND CONTROL

Positioning the internal audit function within the Solvency II framework Key challenges. Ludovic Bardon Senior Manager Audit Deloitte Luxembourg

Operational Risk Management Policy

Guideline. Operational Risk Management. Category: Sound Business and Financial Practices. No: E-21 Date: June 2016

Regulatory Compliance Management (RCM) (formerly Legislative Compliance Management (LCM))

FINANCIAL SERVICES FLASH REPORT

Standard 1. Governance for Safety and Quality in Health Service Organisations. Safety and Quality Improvement Guide

National Commission for Academic Accreditation & Assessment. Handbook for Quality Assurance and Accreditation in Saudi Arabia PART 1

GUIDELINE NO. 22 REGULATORY AUDITS OF ENERGY BUSINESSES

IMPLEMENTATION NOTE. Validating Risk Rating Systems at IRB Institutions

Advisory Guidelines of the Financial Supervisory Authority. Requirements regarding the arrangement of operational risk management

Risk Management Primer

PART I - PRELIMINARY...1 Objective...1 Applicability...2 Legal and Regulatory Provision...2

Bank of America NA Dublin Branch Market Discipline. Basel II - Disclosures

Risk Management for Fixed Income Portfolios

INTERNAL AUDIT FRAMEWORK

Chapter 11 ALLOWANCE FOR LOAN AND LEASE LOSSES TABLE OF CONTENTS

P3M3 Portfolio Management Self-Assessment

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

Internal Control - Integrated Framework

Guidance for Industry. Q10 Pharmaceutical Quality System

Basel Committee on Banking Supervision. Working Paper No. 17

An Overview of Basel II s Pillar 2

Fundamental Principles of Software Safety Assurance

Basel Committee on Banking Supervision. Consolidated KYC Risk Management

INTERNATIONAL STANDARD ON AUDITING 320 AUDIT MATERIALITY CONTENTS

Compliance Management Framework. Managing Compliance at the University

RISK MANAGEMENT REPORTING GUIDELINES AND MANUAL 2013/14. For North Simcoe Muskoka LHIN Health Service Providers

Industry Sound Practices for Financial and Accounting Controls at Financial Institutions

RISK MANAGEMENT GUIDANCE FOR GOVERNMENT DEPARTMENTS AND OFFICES

Jonathan Wilson. Sector Manager (Health & Safety)

PHARMACEUTICAL QUALITY SYSTEM Q10

Risk management systems of responsible entities

Brevan Howard Asset Management LLP Pillar 3 Disclosures. Brevan Howard (2014). All Rights Reserved.

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK

Information Technology

Committee on Payments and Market Infrastructures. Board of the International Organization of Securities Commissions

LIBA. Structured Products: Principles for Managing the Distributor- Individual Investor Relationship

A Risk-Based Audit Strategy November 2006 Internal Audit Department

Operational Risk Management Excellence Get to Strong Survey

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012

Internal Controls. A short presentation from Your Internal Audit Department

FRAMEWORK FOR THE EVALUATION OF INTERNAL CONTROL SYSTEMS

University of St. Gallen Law School Law and Economics Research Paper Series. Working Paper No June 2007

ZAG BANK BASEL II & III PILLAR 3 DISCLOSURES. December 31, 2014

Transcription:

Merrill Lynch & Co. Process Risk Management Program

The Process Risk Management function at Merrill Lynch is focused upon motivating two key management practices Learning from mistakes; and Assessing the adequacy of controls for the risks we take 1

These two simple practices have as their aim the reduction in losses from Process Risks defined as: The risk of loss resulting from inadequate or failed internal processes, people and systems or from external events 2

To the extent we compute and allocate risk capital for Process Risk (and we do), it is done purely as incentives to motivate these practices which is important in the context of this conference. The implication is that the key criteria in determining the methodology for allocating capital for Process Risk is that it provide the proper incentives for business units within the firm to adopt these management practices. 3

Learning from mistakes involves the following identifying and reporting process risk losses systematically conducting postmortems on losses to establish clearly the cause and corrective action implementing the corrective action 4

Assessing the adequacy of controls for the risks we take involves a risk self-assessment program in which managers map their processes, assess key linkages and risk of process failure and evaluate the effectiveness of compensating controls This essentially amounts to thinking clearly about the way in which we conduct business. 5

There are policies providing guidance on implementing these standards how loss events are recorded and escalated management actions required at different levels of materiality in losses formal reviews with management of the findings 6

Internal risk capital for Process Risk is allocated to business units using a method similar to the Loss Distribution Approach we have an internal data record of losses which provides frequency and severity estimates from this we estimate the level of loss associated with a given statistical confidence which is allocated based upon an assessment of internal controls conducted by control functions and business management 7

As a predictive model for potential loss for process risk, this is inherently imprecise. It is not subject to the sort of empirical verification that can be conducted upon market and credit risk models. The key criteria for developing the model for us has been how well it motivates managers to adopt the practices we have endorsed. The internal mechanics of the model are a secondary priority and become important only in so far as they influence behavior in the firm. 8

To this end, business units receive reductions in their risk capital allocations to the extent they engage in the practices prescribed by the program and for initiatives which result in demonstrated reductions in process risks. Conversely, failure to implement causes increases in allocated capital. 9

Given our view that it is behavior not quantitative modeling that is important in managing process risk, our comments on the Basle proposal are as follows: the objective of regulation should be to motivate management to create robust process risk controls and procedures this is consistent with the treatment of process risk as a Pillar II supervisory review issue the current proposal to capitalize process risk under Pillar I has framed Process Risk as a quantitative modeling problem not a management control problem perhaps an unintended consequence of this is that the message sent by the regulatory community to the industry is that process risk is adequately addressed by the computation of a capital figure as opposed to the creation of controls. 10

In summary, the key message is that management practices that oversee the effectiveness of controls critically determine the likelihood of losses and preparation for unanticipated external events. This should be the focus of regulators. The current regulatory focus on quantitative modeling risks framing the entire topic as a complex computational problem. Our recommendation is that you allow the industry to provide leadership in pioneering the management disciplines that prove effective at controlling process risk and then develop risk models that support the implementation of those disciplines. 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information