Operational risks refer to the risk of loss due to incorrect or non-appropriate internal processes and procedures, human errors, incorrect systems or external events, including legal and Information and Communication and Technology (ICT) risks.
Operational risks include the following main categories of risk:
The Group manages operational risks, for example, by applying a risk management framework that includes measures for risk identification, assessment, training, control and reporting operational risks. Focus is on managing significant risks by analysing and documenting processes and procedures and by applying risk-mitigating measures. The Group’s processes have been mapped with controls to ensure that identified risks are managed and monitored effectively.
The Group has a procedure for approving new or significant changes in existing products/services, markets, processes or other major changes in the business. The purpose of the process is for the bank to efficiently and effectively manage the risks that may arise in connection with, for example, new or significantly changed products/services.