Response to consultation on Regulatory Technical Standards on operational risk loss
Question 1: Do you think that the granularity of and the distinction between the different Level 2 categories is clear enough? If not, please provide a rationale.
The granularity and distinction between different Level 2 categories are sufficiently clear if we apply a structured framework that quantifies non-financial risk exposures. Each category should be defined with specific parameters that align with standardized risk units (RUs), enabling precise measurement and comparison.
Risk accounting provides a structured framework for quantifying non-financial risk exposures using standardized risk units (RUs). By assigning specific RUs to each Level 2 category, institutions can achieve a granular and distinct measurement of risks. This method allows for precise quantification and comparison across different categories, ensuring clarity and consistency in risk reporting.
Question 2: Do you perceive the attribute “greenwashing risk” as an operational risk or as a reputational risk event? Please elaborate.
Greenwashing risk should be classified as an operational risk. This is due to the inherent processes and internal controls that fail, leading to misrepresentation. It should be mapped to categories that cover compliance breaches and reputational damage, as these often overlap in greenwashing scenarios.
Greenwashing risk can be effectively classified as an operational risk by incorporating it into the risk taxonomy. Risk accounting can measure the impact of greenwashing through RUs assigned to compliance breaches and reputational damage. This quantification helps institutions identify and manage the operational processes that lead to greenwashing, ensuring accurate risk assessment and mitigation.
Question 3: To which Level 1 event types and/or Level 2 categories would you map greenwashing losses? Please provide a rationale.
Greenwashing losses should be mapped to Level 1 categories related to compliance and reputational risk. Within Level 2, they should be associated with categories specifically tracking failures in internal controls and misrepresentation to external stakeholders.
By mapping greenwashing losses to Level 1 categories related to compliance and reputational risk, and to specific Level 2 categories tracking control failures, risk accounting enables precise measurement of these losses. RUs can be used to quantify the financial and operational impact of greenwashing, providing a standardized approach to track and report these risks.
Question 4: Is “Environmental – transition risk” an operational risk event? If yes, to which Level 2 categories should it be mapped? Please provide a rationale.
Environmental transition risk can be classified as an operational risk event. It should be mapped to Level 2 categories that deal with strategic risk and compliance, as these transitions often involve changes in policy and regulatory landscapes impacting operational processes.
Environmental transition risk, as an operational risk event, can be mapped to categories dealing with strategic risk and compliance. Risk accounting can quantify the impact of policy and regulatory changes through RUs, allowing institutions to measure and manage the operational risks associated with environmental transitions. This approach ensures comprehensive risk assessment and proactive management of transition-related risks.
Question 5: Which of these attributes do you think would be the most difficult to identify? Please elaborate.
Attributes related to future regulatory changes and their impact on operational processes are the most difficult to identify due to the uncertainty and lack of historical data. This uncertainty can be managed through scenario analysis and stress testing, quantifying potential impacts in RUs.
Attributes related to future regulatory changes and their operational impacts are challenging to identify. Risk accounting can manage this uncertainty through scenario analysis and stress testing, which quantify potential impacts in RUs. This method provides a structured approach to anticipate and prepare for regulatory changes, enhancing risk management practices.
Question 6: Do you agree with the inclusion of the attribute “Large loss event”? If not, please elaborate.
The inclusion of the attribute "Large loss event" is critical. Large loss events should be quantified using RUs to standardize the measurement across different scales and types of events, allowing for better aggregation and comparison of risk data.
Including "Large loss event" as an attribute is crucial for capturing significant risk exposures. Risk accounting can quantify these large loss events using RUs, standardizing the measurement, and enabling aggregation and comparison across different events. This approach ensures that large risk exposures are accurately captured and managed within the risk framework.
Question 7: Do you think that the granularity the proposed list of attributes is clear enough? Would you suggest any additional relevant attribute? Please elaborate your rationale.
The granularity of the proposed list of attributes is clear. However, an additional attribute capturing the frequency and severity of control failures across different processes would enhance the clarity. This attribute should also be measured in RUs to maintain consistency.
The proposed attributes are clear, but adding an attribute for the frequency and severity of control failures would enhance granularity. Risk accounting can measure these attributes in RUs, ensuring consistency and providing detailed insights into the effectiveness of internal controls. This approach supports comprehensive risk monitoring and management.
Question 8: Would it be disproportionate to also map the three years preceding the entry into force of these Draft RTS to Level 2 categories? If yes, what would be the main challenges?
Mapping the three years preceding the entry into force of these Draft RTS to Level 2 categories would be disproportionate due to the retroactive data alignment challenges. The main challenge is the inconsistency in historical data quality and format, which can be mitigated by focusing on forward-looking data collection and standardization.
Mapping historical data to Level 2 categories is challenging due to inconsistencies. Risk accounting can address this by focusing on forward-looking data collection and standardization. By using RUs, institutions can ensure that new data is consistently measured and reported, facilitating the transition and integration of historical data over time.
Question 9: Is the length of the waivers (three years and one year) for institutions that, post merger or acquisition fall into the EUR 750 million – EUR 1 billion band for the business indicator, sufficient to set up the calculation of the operational risk loss following a merger or acquisition? If not, please provide a rationale.
The length of the waivers (three years and one year) for institutions following a merger or acquisition is sufficient. This period allows for the stabilization of operational processes and accurate integration of loss data into the risk accounting framework, ensuring reliable risk measurement.
The waiver periods (three years and one year) are sufficient to stabilize operational processes post-merger or acquisition. Risk accounting can facilitate this integration by standardizing the measurement of risk exposures using RUs, ensuring reliable data integration and accurate risk assessment throughout the transitional period.
Question 10: Are there other cases where it should be considered to be unduly burdensome for institutions to calculate the annual operational risk loss?
Cases where institutions undergo significant organizational changes or face new regulatory requirements should be considered unduly burdensome for calculating the annual operational risk loss. These situations can be managed by implementing transitional arrangements and incremental data integration.
Significant organizational changes or new regulatory requirements can be burdensome for annual operational risk loss calculation. Risk accounting can manage these situations through transitional arrangements and incremental data integration. By measuring risks in RUs, institutions can maintain accurate risk assessments during periods of significant change.
Question 11: Which of the provisions of Article 317(7), as developed by the draft RTS on the development of the risk taxonomy, and Article 318 of the CRR would be most difficult to implement after a merger or acquisition for the reporting entity? Please elaborate.
The most difficult provisions to implement post-merger or acquisition are those requiring the immediate standardization and integration of loss data. These difficulties arise from disparate systems and inconsistent data quality. A phased approach to data integration, using standardized RUs, would alleviate these challenges.
The most challenging provisions post-merger or acquisition involve the immediate integration of loss data. Risk accounting can alleviate these challenges by implementing a phased approach to data integration, using RUs for consistent measurement. This method ensures that risk data from merged or acquired entities is accurately captured and integrated.
Question 12: In your experience, would the provisions of this article apply to most mergers and acquisitions, or would data usually be promptly implemented in the loss data set of the reporting institution?
In practice, the provisions of this article would apply to most mergers and acquisitions. Data integration is typically prompt if institutions follow a structured framework for data standardization and validation, facilitated by the use of RUs to ensure consistency.
In most mergers and acquisitions, data integration is prompt if institutions follow a structured framework for data standardization and validation. Risk accounting can support this process by using RUs to ensure that loss data is consistently measured and integrated, facilitating timely and accurate risk reporting.
Question 13: Are there other adjustments that should be considered in these draft RTS? If yes, please elaborate.
Additional adjustments should include provisions for continuous improvement of data quality and integration processes, ensuring that all operational risk data is consistently measured and reported using RUs. This approach would enhance the accuracy and reliability of risk assessments.
Additional adjustments should include continuous improvement of data quality and integration processes. Risk accounting can enhance these processes by ensuring that all operational risk data is measured and reported using RUs. This approach supports ongoing improvements in data accuracy and reliability, strengthening overall risk management.