IT sabotage, reputational damage and fraud are among the chief risks seen affecting financial firms' operations in the coming year.
operational risk
The largest single economic uncertainty facing the world – and, not coincidentally, one of the largest potential sources of operational risk – remains, as it was a year ago, the eurozone debt crisis. The November agreement on aid to Greece and the €37 billion deal to restructure Spain’s debt-laden banking sector are signs of hope, but the crisis is far from over and a break-up of the eurozone has still not been definitively averted.
2012 saw leading banks in the spotlight, accused of negligently or wilfully breaking anti-money laundering (AML) rules or international economic sanctions. Standard Chartered Bank, accused of breaches of US sanctions on Iran by the New York Department of Financial Services, was forced to pay a $340 million settlement. HSBC, accused of overlooking money laundering from Mexico into the US, predicted in November that the total fines could be more than $1.5 billion.
Emerging market operating risks
Regulators and financial institutions have long recognised that rapid economic growth in emerging markets will draw in not only investors but also the companies that serve them. Earlier this year, Vedat Akgiray, chairman of the Turkish Capital Markets Board and the emerging markets committee of the International Organisation of Securities Commissions (Iosco), called on his fellow regulators to follow the trend: “Proper securities regulation in today’s emerging markets is tantamount to “proper” regulation of tomorrow’s developed markets. Therefore, emerging markets within Iosco and the global financial system are much more important than they were in the past.”
Business continuity and disaster recovery
Unusually low rates of disaster losses in the first half of the year were followed by the severe damage done by Hurricane Sandy to the Caribbean nations and the eastern US. The US suffered estimated direct damage of $20 billion, rising to $50 billion once interruptions to business are taken into account.
Failure to enforce internal controls
Under much recent legislation – the 2010 UK Bribery Act, for example – companies can use the existence of adequate controls as a defence, even when an offence has actually taken place. But the recent trial of UBS rogue trader Kweku Adoboli highlighted that adequate internal controls are useless if they are not maintained and monitored properly.
This article was first published on Risk
