Back Custom print Link Text Only Rich Text Print

  • OM-1.1 OM-1.1 Overview

    • OM-1.1.1

      This Module provides guidance and rules for operational risk and sets out requirements for an appropriate risk management environment, including outsourcing, electronic financing activities, business continuity and security measures.

      January 2014

    • OM-1.1.2

      Operational risk is defined as the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. This definition includes legal risk1, but excludes strategic and reputational risk.

      1 Legal risk includes, but is not limited to, exposure to fines, penalties, or punitive damages resulting from supervisory actions, as well as private settlements.

      January 2014

    • OM-1.1.3

      Operational risk is inherent in all types of licensees' transactions and activities, processes and systems, and the effective management of operational risk must be a fundamental element of a licensee's risk management programme. Sound operational risk governance relies upon three lines of defence:

      (a) Business line management;
      (b) An independent operational risk management function; and
      (c) Independent review functions
      January 2014