Financial Risk Management Operational Risk Framework 3

Question 1

What is the 'three lines of defense' model in operational risk governance?

Accepted Answer

A governance framework where business units (1st line) own risk, risk management functions (2nd line) oversee it, and internal audit (3rd line) independently assesses it

Answer

Three separate risk databases: internal, external, and scenario data

Answer

Three levels of regulatory oversight: local, national, and international

Answer

Three approval layers required before any new financial product can be launched

Question 2

What is a 'model risk' and why is it considered an operational risk?

Accepted Answer

The risk that a mathematical model used in pricing or risk measurement is incorrect or misapplied, leading to wrong decisions or misstated risk

Answer

The risk that a bank's business model becomes obsolete due to competition

Answer

The risk of errors in financial statements filed with regulators

Answer

The risk that an economic model used for forecasting produces inaccurate GDP predictions

Question 3

Under Basel II/III, the 'boundary' between the banking book and trading book matters primarily for which risk type?

Accepted Answer

Market risk — trading book positions are subject to market risk capital while banking book positions are subject to credit risk capital

Answer

Operational risk — banking book losses are excluded from AMA

Answer

Liquidity risk — banking book assets have longer liquidity horizons than trading book

Answer

Operational risk — each book requires a separate loss database

Question 4

What is 'reputational risk' in the context of financial risk management?

Accepted Answer

The risk of loss resulting from negative public perception damaging a firm's business relationships, revenue, or funding access, often triggered by an operational or conduct failure

Answer

An operational risk sub-category explicitly covered by Basel capital requirements

Answer

A market risk arising from changes in brand value as reflected in stock prices

Answer

A credit risk arising from a firm's reputation affecting its borrowing costs

Question 5

Which of the following is an example of 'execution, delivery, and process management' as an operational risk event type?

Accepted Answer

A back-office employee entering the wrong counterparty on a trade ticket causing a settlement fail

Answer

A trader executing unauthorized trades to inflate his bonus

Answer

A hurricane destroying a branch office

Answer

A customer suing the bank for discriminatory lending practices

Question 6

What is 'concentration risk' in the context of operational risk?

Accepted Answer

Over-reliance on a single vendor, system, process, or person such that its failure could cause outsized operational disruption

Answer

Having too many assets in one geographic region

Answer

Concentrating all operational risk capital in the highest-risk business lines

Answer

The risk that a single counterparty accounts for more than 25% of a credit portfolio