• No se han encontrado resultados

BASES QUE HAN DE REGIR LA CONVOCATÒRIA PER A LA PROVISIÓ DE DOTZE PLACES DE SER-

Comissió d’Hisenda i Pressupostos

BASES QUE HAN DE REGIR LA CONVOCATÒRIA PER A LA PROVISIÓ DE DOTZE PLACES DE SER-

Operational risk is the risk of loss resulting from shortcomings or failure in internal procedures, human error, information systems or external events. It includes legal risk but not strategic or reputational risk.

I. Objectives and policy

The operational risk system, adjusted to each Group entity, comprises the following components common to the entire Group:

• governance of the operational risk management function: supervision of the system by the Executive

Management (via the Operational Risk Committee or the operational risk unit of the Internal Control Committee), role of Risk Management and Permanent Controls officers (Crédit Agricole S.A. and entities) in system oversight and co-ordination, responsibilities of entities in controlling their risks through the network of Operational Risk Managers;

• identification and qualitative assessment of risks through risk mapping, and the use of indicators to

monitor the most sensitive processes;

• collection of operational loss data and an early-warning system to report significant incidents, which are consolidated in a database used to measure and monitor the risk-related costs;

• calculation and allocation of regulatory capital for operational risks at consolidated and entity level;

• periodic production of an operational risk scorecard at entity level, plus aGroup summary.

II. Risk management: organisation and supervision system

The organisation of operational risk management forms part of the overall Risk Management and Permanent Controls function: Operational risk officers, most of whom now cover permanent risk monitoring, report to the heads of Risk Management and Permanent Controls in the various entities.

Crédit Agricole Group uses an operational risk scorecard covering most of its business lines. This scorecard shows the main sources of risk affecting most business lines, along with exposure profiles differentiated by subsidiary and business line: recurring risk, mainly arising from external fraud involving payment systems in retail banking or stockmarket errors in asset management, higher risk in corporate and investment banking (counterparty litigation and capital markets) and factoring (external fraud).

It also reflects the effect of action plans designed to reduce the impact of exceptional risks (i.e. by strengthening information systems and controls when encountering high unit losses primarily affecting asset management and factoring operations) and to reduce the frequency of recurring risks (electronic banking fraud and heightened monitoring of external fraud in the consumer finance businesses).

Initiatives taken to counter internal fraud in 2007, in particular at Calyon, have been extended through implementation of a system to bring the risk thereof under further control. Measures include reviewing authorisation procedures, strengthening early-warning systems and creating an anti-fraud unit in the Compliance function.

In 2008, following an audit by the Commission Bancaire on the use of the advanced measurement approach (AMA), “Appendix II” differences were resolved so as to adhere to the planned schedule. The work involved in resolving these differences was then audited by the Crédit Agricole S.A. Group’s General Inspection, as part of Basel II tracking.

Concerning the part involving identification and qualitative assessment of risk, a new risk mapping campaign

was initiated. In collaboration with the Group’s legal function, legal risks were mapped in addition to operational and compliance risks. The results of these risk mapping efforts will be analysed in the first half of 2009.

To improve operational risk tools even further and promote overall consistency in the Risk Management and Permanent Controls function, an Intranet-based mapping tool was made available to the entities. This tool is closely integrated with the SCOPE permanent controls tool (they share the same framework, there is overlap in reporting, etc.), making it possible to confirm the choices of methodology in the link between risk mapping

and risk management (permanent controls, action plans, etc.). Similarly, the current loss compilation tool will be migrated to an Intranet tool in 2009.

Lastly, concerning calculation and allocation of regulatory capital, the application chain was secured and

automated.

The AMA model will be backtested every six months during a specific Committee, so as to analyse the model’s sensitivity to changes in the risk profile of the entities.

III. Methodology

The principal entities of the Crédit Agricole group use the advanced measurement approach: Calyon, CAAM, LCL, Sofinco, Finaref and all of the Regional Banks.

The scope of entities using the AMA calculation method is increasing. Agos, the Italian subsidiary of Sofinco, will adopt AMA in the first half of 2009, and work has begun on integrating Cariparma into the system in 2010.

The other group entities will adopt AMA between 2009 and 2012.

AMA regulatory capital requirements calculation

The advanced measurement approach for calculating capital requirements with respect to operational risk has the following objectives:

• increase control over the cost of operational risk, and prevent exceptional risks across the Group’s various entities;

• determine the level of capital corresponding to the risks measured, which may be lower than that calculated using the standard approach;

• promote improvements in permanent controls through the monitoring of action plans.

The systems implemented within the Group aim for compliance with all qualitative criteria (making risk measurement an integral part of day-to-day management, independence of the risk function, periodic disclosure of operational risk exposures etc.) and Basel II quantitative criteria (99.9% confidence interval over a 1-year period; incorporation of internal data, external data and analyses of scenarios and factors reflecting the operating environment; incorporation of risk factors that influence the statistical distribution, etc.).

The AMA model for calculating capital requirements is based on a “Loss Distribution Approach” actuarial model, which is unique to the Group. The largest entities handle their own capital allocation based on centrally defined principles.

Internal factors (change in the entity’s risk profile) are taken into account depending on: • the entity’s organisational changes;

• changes in risk mapping;

• an analysis of the history of internal losses and the quality of the risk management system, in particular via the permanent controls function.

Concerning external factors, the ORX consortium database, which catalogues losses at 50 or so banks throughout the world including Crédit Agricole, is analysed so as to track incidents at other institutions. Depending on the results of this analysis, the stress tests developed in the various Group entities are adjusted.

The model was designed and developed according to the following principles: • it must form an integral part of the risk policy;

• it must be pragmatic, i.e. the methodology must be applicable to real operating conditions;

• it must have educational value, in order to encourage appropriation by the Executive Management and business lines;

IV. Insurance and coverage of operational risks

Crédit Agricole S.A.:

The Crédit Agricole S.A. Group has obtained insurance coverage for its operational risks to protect its assets and profits. For high-intensity risks, Crédit Agricole S.A. has taken out Group policies from major insurance companies. These policies harmonise the way in which personal and property risks are transferred and the implementation of specific professional civil liability and fraud insurance programmes for each business line. Business-line subsidiaries are responsible for managing lower intensity risks themselves.

In France, insurance of operating assets (property and IT equipment) includes third-party liability cover for buildings with the highest exposure to the risk of damage. This insurance is supplemented by special guarantee lines for civil operating liability.

Crédit Agricole S.A. has renewed its insurance policies for operating loss, fraud and securities risks, Group professional civil liability, and civil liability for executive officers.

Basel II eligible policies contribute to reducing the amount of capital that must be held against operational risks (within the 20% authorised limit).

High-frequency and low-intensity risks that cannot be insured on satisfactory financial terms are retained in the form of deductibles or are mutualised within the Crédit Agricole S.A. Group by its captive reinsurance subsidiary, whose aggregate exposure does not exceed 6% of the above risks.

Regional Banks:

Almost all insurance policies covering global banking risks (misappropriation, fraud, safe deposit boxes etc.), property damage and personal injury for the Regional Banks, such as comprehensive office insurance and financial damage, individual and motor policies, are taken out with CAMCA. Insurance relating to the Regional Banks' buildings covers reconstruction costs. Coverage amounts are determined by an analysis of each member's requirements.

As part of their activities selling insurance products, particularly those of Pacifica and Predica, the Regional Banks also insure their brokerage liability with CAMCA.

Since 1995, each Regional Bank has been given the opportunity to take out banking professional liability cover. This programme also covers corporate officers.

All insurance policies provided by CAMCA are protected through reinsurance programmes, with top-quality reinsurers.

Documento similar