|
|
|
|
|
|
Operational Risks & IP Governance |
|
Board of Directors
[Approves Information Security Program: GLBA 501(b)]
Setting The Tone At The Top | Duty of Care & Fiduciary Responsibilities |
| Internal Controls - Compliance with Federal and State Regulations - Measuring Effectiveness | IP Governance - Due Diligence Matrix | Operational Losses
(Basel II, International: Annex 9: BIS) | Operational Losses: Quantitative Impact Study 4 (QIS-4)
by Federal Reserve Bank of Boston
In aggregate, approximately 1.5 million losses were submitted, totaling $25.9 billion by 23 banks. Subtracting $9.1 billion losses from 3 banks for Enron and Worldcom is a 35% reduction netting $16.8 billion per 23 banks.
Retail Losses = 38% of Operational Losses, Net of Enron and Worldcom Losses ($9b) | Level 1 Frauds with ID Theft Losses = 88% of Retail Losses or approximately .41% of Total Assets. ID Theft Losses estimated to be 10% or .04% (4 basis points) of Total Assets in 2004. |
| Level 1 | Level 2 | Level 3
(Includes ID Theft Losses) | Internal Fraud | Theft and Fraud | Account take-over / impersonation / etc. | External Fraud | Systems, Security | Theft of Information (Monetary Loss); Hacking Damage | Clients, Products & Business Practices | Suitability, Disclosure & Fiduciary | Fiduciary breaches/guideline violations; Suitability/disclosure issues (KYC, etc.; Retail customer disclosure violations; Breach of privacy | Execution, Delivery, Process Management | Monitoring & Reporting | Failed mandatory reporting obligation; Inaccurate external report (loss incurred) |
|
| Operational Risks: (GLBA, Red Flag Rules and Basel II) | |
|
| | | | |
|
|
