Operational Risk
Black Diamond Risk Enterprises (BDRE) provides operational risk consulting services where operational risk refers to potential losses resulting from inadequate systems, management failure, faulty controls, fraud, human error and so on.
We also work with organizations to reduce fraud, and control technology risk. Examples of fraud are numerous and include employees who intentionally falsify and/or misrepresent the risks incurred in a transaction. Technology risk, principally computer systems risk, also falls into the operational risk category.
We also work with organizations to reduce human factor risk. It relates to the losses that may result from human errors, such as pushing the wrong button on a computer, inadvertently destroying a file, or entering the wrong value for the parameter input of a model.
- Active Operational Risk Portfolio Management
- Basel II & III
- Benford's Law
- Business Continuity Planning (BCP)
- Business Process Management (BPM)
- Capital Management
- Cyber Risk
- Disaster Recovery
- Legal and Regulatory
Compliance Risk - Liquidity Management
- Performance Measurement & Compensation
- Rating Agency Review
- Risk Management Information Systems (RMIS)
- Stress Testing
- Subject Matter Expertise / Testimony
- Supply Chain Optimization
- Value at Risk (VaR)
- Vendor Selection
Basel III
International Regulatory Framework For Banks
Highlights:
- Basel III: Capital(June 2011)
- Basel III: Liquidity(January 2013)
“Basel III” is a comprehensive set of reform measures, developed by the Basel Committee on Banking Supervision, to strengthen the regulation, supervision and risk management of the banking sector. These measures aim to:
• Improve the banking sector’s ability to absorb shocks arising from financial and economic stress, whatever the source
• Improve risk management and governance
• Strengthen banks’ transparency and disclosures.
The reforms target:
• Bank-level, or micro-prudential regulation, which will help raise the resilience of individual banking institutions to periods of stress.
• Macro-prudential, system wide risks that can build up across the banking sector as well as the procyclical amplification of these risks over time.
These two approaches to supervision are complementary as greater resilience at the individual bank level reduces the risk of system wide shocks
Basel III phase-in arrangements:
Basel III overview table:
Regulatory Capital—Basel III the Standardized and Advanced Approach
“Regulatory Capital Rules: Regulatory Capital, Implementation of Basel III, Minimum Regulatory Capital Ratios, Capital Adequacy, and Transition Provisions” (Basel III), agencies are proposing to revise their risk-based and leverage capital requirements consistent with agreements reached by the Basel Committee on Banking Supervision (Basel III). Basel III applies to all national banks and federal savings associations, collectively, banks. The Basel III proposes a new common equity tier 1 minimum capital requirement, a higher minimum tier 1 capital requirement, and, for banks subject to the advanced approaches capital rules, a supplementary leverage ratio that incorporates off-balance-sheet exposures. Additionally, consistent with Basel III, the agencies propose to apply limits on a bank’s capital distributions and certain discretionary bonus payments if the bank does not hold a specified “buffer” of common equity tier 1 capital in addition to the minimum risk-based capital requirements. The revisions set forth are consistent with section 171 of the Dodd–Frank Wall Street Reform and Consumer Protection Act of 2010 (Dodd–Frank), which requires the agencies to establish minimum risk-based and leverage capital requirements.
“Regulatory Capital Rules: Standardized Approach for Risk-Weighted Assets; Market Discipline and Disclosure Requirements” (Standardized Approach), agencies propose to revise and harmonize rules for calculating risk-weighted assets to enhance risk sensitivity and address weaknesses identified over recent years. Revisions include incorporating aspects of the Basel II standardized framework and alternatives to credit ratings, consistent with section 939A of Dodd–Frank. The revisions also include methods for determining risk-weighted assets for residential mortgages, securitization exposures, and counterparty credit risk. The Standardized Approach introduces disclosure requirements that would apply to U.S. bank holding companies with $50 billion or more in total assets.
“Regulatory Capital Rules: Advanced Approaches Risk-Based Capital Rule; Market Risk Capital Rule” (Advanced Approaches and Market Risk), proposes to revise the advanced approaches risk-based capital rules consistent with Basel III and other changes to the Basel Committee’s capital standards. The agencies also propose revising the advanced approaches risk-based capital rules to be consistent with section 939A and section 171 of Dodd–Frank. Additionally in this NPR, the OCC, the FDIC, and the Board propose to expand the scope of the market risk rule to apply it to federal and state savings associations and savings and loan holding companies with significant trading activity. Generally, the advanced approaches rules would continue to apply to national banks and FSAs with $250 billion or more in consolidated assets or $10 billion or more in foreign exposure.
The Basel III and Standardized Approach include addenda that provide a summary of the proposed rules that are more relevant for community banks. The agencies intend for these addendums to act as a guide for community bankers, helping them to navigate the proposed rules and identify the changes most relevant for their institution. The addenda do not, however, by themselves provide a complete understanding of the proposed rules and the agencies expect and encourage all banks to review the proposed rules in their entirety.
Benford’s Law
A phenomenological law also called the first digit law, first digit phenomenon, or leading digit phenomenon. Benford’s law states that in listings, tables of statistics, etc., the digit 1 tends to occur with probability 
, much greater than the expected 11.1% (i.e., one digit out of 9). Benford’s law can be observed, for instance, by examining tables of logarithms and noting that the first pages are much more worn and smudged than later pages (Newcomb 1881). While Benford’s law unquestionably applies to many situations in the real world, a satisfactory explanation has been given only recently through the work of Hill (1998).
Benford’s law was used by the character Charlie Eppes as an analogy to help solve a series of high burglaries in the Season 2 “The Running Man” episode (2006) of the television crime drama NUMB3RS.
Benford’s law applies to data that are not dimensionless, so the numerical values of the data depend on the units. If there exists a universal probability distribution 
over such numbers, then it must be invariant under a change of scale, so
 |
(1)
|
If 
, then 
, and normalization implies 
. Differentiating with respect to 
and setting 
gives
 |
(2)
|
having solution 
. Although this is not a proper probability distribution (since it diverges), both the laws of physics and human convention impose cutoffs. For example, randomly selected street addresses obey something close to Benford’s law.
If many powers of 10 lie between the cutoffs, then the probability that the first (decimal) digit is 
is given by a logarithmic distribution
 |
(3)
|
for 
, …, 9, illustrated above and tabulated below.
 |
 |
 |
 |
| 1 | 0.30103 | 6 | 0.0669468 |
| 2 | 0.176091 | 7 | 0.0579919 |
| 3 | 0.124939 | 8 | 0.0511525 |
| 4 | 0.09691 | 9 | 0.0457575 |
| 5 | 0.0791812 |
However, Benford’s law applies not only to scale-invariant data, but also to numbers chosen from a variety of different sources. Explaining this fact requires a more rigorous investigation of central limit-like theorems for the mantissas of random variables under multiplication. As the number of variables increases, the density function approaches that of the above logarithmic distribution. Hill (1998) rigorously demonstrated that the “distribution of distributions” given by random samples taken from a variety of different distributions is, in fact, Benford’s law (Matthews).
One striking example of Benford’s law is given by the 54 million real constants in Plouffe’s “Inverse Symbolic Calculator” database, 30% of which begin with the digit 1. Taking data from several disparate sources, the table below shows the distribution of first digits as compiled by Benford (1938) in his original paper.
| col. | title | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | samples |
| A | Rivers, Area | 31.0 | 16.4 | 10.7 | 11.3 | 7.2 | 8.6 | 5.5 | 4.2 | 5.1 | 335 |
| B | Population | 33.9 | 20.4 | 14.2 | 8.1 | 7.2 | 6.2 | 4.1 | 3.7 | 2.2 | 3259 |
| C | Constants | 41.3 | 14.4 | 4.8 | 8.6 | 10.6 | 5.8 | 1.0 | 2.9 | 10.6 | 104 |
| D | Newspapers | 30.0 | 18.0 | 12.0 | 10.0 | 8.0 | 6.0 | 6.0 | 5.0 | 5.0 | 100 |
| E | Specific Heat | 24.0 | 18.4 | 16.2 | 14.6 | 10.6 | 4.1 | 3.2 | 4.8 | 4.1 | 1389 |
| F | Pressure | 29.6 | 18.3 | 12.8 | 9.8 | 8.3 | 6.4 | 5.7 | 4.4 | 4.7 | 703 |
| G | H.P. Lost | 30.0 | 18.4 | 11.9 | 10.8 | 8.1 | 7.0 | 5.1 | 5.1 | 3.6 | 690 |
| H | Mol. Wgt. | 26.7 | 25.2 | 15.4 | 10.8 | 6.7 | 5.1 | 4.1 | 2.8 | 3.2 | 1800 |
| I | Drainage | 27.1 | 23.9 | 13.8 | 12.6 | 8.2 | 5.0 | 5.0 | 2.5 | 1.9 | 159 |
| J | Atomic Wgt. | 47.2 | 18.7 | 5.5 | 4.4 | 6.6 | 4.4 | 3.3 | 4.4 | 5.5 | 91 |
| K |  ,  |
25.7 | 20.3 | 9.7 | 6.8 | 6.6 | 6.8 | 7.2 | 8.0 | 8.9 | 5000 |
| L | Design | 26.8 | 14.8 | 14.3 | 7.5 | 8.3 | 8.4 | 7.0 | 7.3 | 5.6 | 560 |
| M | Reader’s Digest | 33.4 | 18.5 | 12.4 | 7.5 | 7.1 | 6.5 | 5.5 | 4.9 | 4.2 | 308 |
| N | Cost Data | 32.4 | 18.8 | 10.1 | 10.1 | 9.8 | 5.5 | 4.7 | 5.5 | 3.1 | 741 |
| O | X-Ray Volts | 27.9 | 17.5 | 14.4 | 9.0 | 8.1 | 7.4 | 5.1 | 5.8 | 4.8 | 707 |
| P | Am. League | 32.7 | 17.6 | 12.6 | 9.8 | 7.4 | 6.4 | 4.9 | 5.6 | 3.0 | 1458 |
| Q | Blackbody | 31.0 | 17.3 | 14.1 | 8.7 | 6.6 | 7.0 | 5.2 | 4.7 | 5.4 | 1165 |
| R | Addresses | 28.9 | 19.2 | 12.6 | 8.8 | 8.5 | 6.4 | 5.6 | 5.0 | 5.0 | 342 |
| S |  ,  |
25.3 | 16.0 | 12.0 | 10.0 | 8.5 | 8.8 | 6.8 | 7.1 | 5.5 | 900 |
| T | Death Rate | 27.0 | 18.6 | 15.7 | 9.4 | 6.7 | 6.5 | 7.2 | 4.8 | 4.1 | 418 |
| Average | 30.6 | 18.5 | 12.4 | 9.4 | 8.0 | 6.4 | 5.1 | 4.9 | 4.7 | 1011 | |
| Probable Error |  |
 |
 |
 |
 |
 |
 |
 |
The following table gives the distribution of the first digit of the mantissa following Benford’s Law using a number of different methods.
| method | Sloane | sequence |
| Sainte-Lague | A055439 | 1, 2, 3, 1, 4, 5, 6, 1, 2, 7, 8, 9, … |
| d’Hondt | A055440 | 1, 2, 1, 3, 1, 4, 2, 5, 1, 6, 3, 1, … |
| largest remainder, Hare quotas | A055441 | 1, 2, 3, 4, 1, 5, 6, 7, 1, 2, 8, 1, … |
| largest remainder, Droop quotas | A055442 | 1, 2, 3, 1, 4, 5, 6, 1, 2, 7, 8, 1, … |
Cyber Risk
Challenge: Managing acceptable cost of cyber risk.
Solution: Construct Likelihood and Frequency measures
Legal and Regulatory Compliance Risk
Challenge: Managing acceptable cost legal and regulatory compliance risk.
Solution : Construct Likelihood and Frequency measures
Performance Measurement and Incentive Compensation
Black Diamond Risk Enterprises (BDRE) works with firms to implement sophisticated performance measurement systems. Once risk capital has been calculated it can be plugged into risk-based capital attribution systems, often grouped under the acronyms RAPM (Risk Adjusted Performance Measurement), or RAROC (Risk Adjusted Return on Capital).
RAROC numbers can be used as input in compensation calculations for senior management of business lines and/or operational groups for their contribution to shareholder value.
These systems provide a uniform risk-adjusted measure of performance that both management and external stakeholders can use to determine economic profitability (as opposed to accounting profitability).
Performance Measurements & Compensation is a part of the following services:
Stress Testing and Scenario Analysis
Black Diamond Risk Enterprises (BDRE) works with firms to help upgrade their approach to Stress testing. Stress Testing and Scenario Analysis are used to determine the size of potential losses related to specific extreme events that lie outside of normal market conditions.
Challenge: Managing Risk in Stress Markets
Solution: Construct Relevant Stress Scenarios
Example: Historical Stress Test (2007/2009 Financial Crises)
Supervisory Stress Testing of Bank Holding Companies
Dodd-Frank Act Stress Test :Supervisory Stress Test Methodology
The Federal Reserve expects large, complex bank holding companies (BHCs) to hold sufficient capital to continue lending to support real economic activity, even under adverse economic conditions. Stress testing is one tool that helps bank supervisors to measure whether a BHC has enough capital to support its operations throughout periods of stress.
In the wake of the financial crisis, the Congress enacted the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act), which requires the Federal Reserve to conduct an annual stress test of large BHCs and all nonbank financial companies designated by the Financial Stability Oversight Council (FSOC) for Federal Reserve supervision to evaluate whether they have sufficient capital to absorb losses resulting from adverse economic conditions. The Dodd-Frank Act also requires BHCs and other financial companies supervised by the Federal Reserve to conduct their own stress tests. The Federal Reserve adopted rules implementing these requirements in October 2012.
The Dodd-Frank Act requires the Federal Reserve to conduct an annual supervisory stress test of BHCs with $50 billion or more in total consolidated assets and nonbank financial companies designated by the FSOC for Federal Reserve supervision (collectively, “covered companies”). The Dodd-Frank Act also requires covered companies to conduct their own stress tests (company-run stress tests) semiannually. Together, the Dodd-Frank Act supervisory stress tests and the company-run stress tests are intended to provide BHC management and boards of directors, the public, and supervisors with forward-looking information to help identify downside risks and the potential effect of adverse conditions on capital adequacy of these large banking organizations. The Federal Reserve adopted rules implementing these requirements in October 2012.
Under the Dodd-Frank Act stress test rules, the Federal Reserve conducts annual supervisory stress tests to evaluate whether a covered company has the capital, on a total consolidated basis, necessary to absorb losses and continue its operations by maintaining ready access to funding, meeting its obligations to creditors and other counterparties, and continuing to serve as a credit intermediary under adverse economic and financial conditions. As part of this supervisory stress test for each covered company, the Federal Reserve projects revenue, expenses, losses, and resulting post-stress capital levels, regulatory capital ratios, and the tier 1 common ratio under three scenarios (baseline, adverse, and severely adverse).
The Federal Reserve generally uses a common set of scenarios for all covered companies in the supervisory stress test. However, the Federal Reserve may use additional scenarios or components of scenarios for all or a subset of the covered companies to capture salient sources of risk, and these scenarios may use data from dates other than the end of the third quarter. In DFAST 2013, large, complex BHCs with significant trading activities are subject to a global market shock that reflects general market stress and heightened uncertainty, which affects trading positions and elevates counterparty credit risk.
The Dodd-Frank Act codified the Federal Reserve’s practice of disclosing a summary of the results of its supervisory stress test.
Company-Run Stress Tests
As required by the Dodd-Frank Act, the Federal Reserve’s stress test rules require covered companies to conduct two company-run stress tests each year. In conducting the “annual” test, a covered company uses data as of September 30 and reports its stress test results to the Federal Reserve by January 5. In addition, a covered company must conduct a “midcycle” test and report the results to the Federal Reserve by July 5. The Dodd-Frank Act stress test rules align the timing of annual company-run stress tests with the annual supervisory stress tests of covered companies.
In their annual stress tests, covered companies subject to the Dodd-Frank Act stress test rules must use the scenarios provided by the Federal Reserve. Each year, the Federal Reserve will provide at least three scenarios—baseline, adverse, and severely adverse—that are identical to the scenarios the Federal Reserve uses in the annual supervisory stress tests of covered companies.
By providing a common set of scenarios to all firms, the results of company-run and supervisory stress tests will be based on comparable underlying assumptions. To further enhance comparability, the supervisory stress tests and company-run stress tests conducted under the Dodd-Frank stress test rules use the same set of capital action assumptions. According to these assumptions, over the nine-quarter planning horizon, each BHC maintains its common stock dividend payments at the same level as the previous year; scheduled dividend, interest or principal payments on any other capital instrument eligible for inclusion in the numerator of a regulatory capital ratio are assumed to be paid; but repurchases of such capital instruments and issuance of stock is assumed to be zero.
Finally, each covered company must publicly disclose a summary of the results of its company-run stress test under the severely adverse scenario provided by the Federal Reserve.
Value at Risk (VaR)
Black Diamond Risk Enterprises (BDRE) provides Operational Risk Value at Risk (VaR) services in many forms. We define Operational VaR as the worst case loss that might be expected from a portfolio of exposures over a given period of time at a specified level of probability. As such,Operational VaR offers a probability statement about the potential change in the value resulting from a change in risk factors over a specified period of time.
