Functional overview
The system is modular and is divided into five modules:
-
The loss data collection module supports the decentralized collection of operational risk events. User roles in the module were determined according to advanced banking practices, which support the data collection process more effectively and securely than the use of Excel spreadsheets.
-
The risk and control self-assessment module supports both the qualitative and quantitative evaluation of the bank's risks, along with the control mechanisms used to reduce those risks.
-
The key risk indicator module supports the definition of key risk indicators, the regular collection of values, and their aggregation to an institutional level.
-
The scenario analysis module supports the structured preparation of extreme, yet possible operational risk events (scenarios) (i.e. adequate coverage of the given risk profile), and the process of scenario creation using related information from other modules, according to the parameter estimation methodology set in the self-assessment module.
-
The capital calculation module supports all three possible capital calculation methods, but provides the most assistance to credit institutions using the advanced method of calculating internal or regulatory capital requirements with the aid of the integrated statistical analysis program.
The individual modules are closely interlinked: some information can be retrieved in multiple modules, and some modules use information content generated in the other modules. The integration was developed in a consistent and user-friendly way.
Each module includes a reporting menu item which contains pre-defined reports, which can however be customised by the user to some extent.
The first four modules of the system are clustered around the administration of central actions, as users can propose risk-lowering, control-increasing actions during loss data collection, self-assessment, KRI collection, or scenario analysis as well. The work of the risk manager (or other control departments) is greatly facilitated by the fact that proposals and decisions about implementation, as well as the actual implementation, can be found in a common register, together with deadlines and the persons responsible assigned by the designated decision-maker. The system tracks, displays (or even alerts, depending on the chosen settings), and reports actions completed and not completed, in order to facilitate reporting to senior executives. This feature makes it possible for the institution’s senior management and supervisory board to obtain a clear, comprehensive picture of the full spectrum of the institution’s risk.
User authorisations, roles
The system is equipped with advanced user access rights management that serves multiple purposes: it makes it possible for users to only use those functions and reports that they are authorised to access, and can only see the events and data of a specified segment of the database that fall within their responsibility, which significantly supports workflows. Depending on their roles, system users see a personalized main screen that contains their specific tasks along with their organizational unit, and which also provides useful information related to the specific module.