Synopsis
The Reserve Bank of India (RBI) updated its “guidance note” on operational risk management for the financial sector, extending it to include NBFCs and housing finance companies. The note highlights that operational disruptions can threaten the viability of regulated entities, impacting customers and financial stability. It covers various causes of disruptions, including man-made, IT threats, frauds, and natural causes. The updated note aligns with Basel Committee on Banking Supervision (BCBS) Principles and aims to enhance operational resilience and risk management in the financial system
The Reserve Bank of India on Tuesday updated its “guidance note” on operational risk management for the financial sector, and also extended it to the NBFCs, including housing finance companies. The 2005 ‘Guidance Note on Management of Operational Risk’ covered only commercial banks.
The Reserve Bank of India (RBI) said an operational disruption can threaten the viability of a regulated entity (RE), impact its customers and other market participants, and ultimately have an impact on financial stability.
It can result from man-made causes, Information Technology (IT) threats, geopolitical conflicts, business disruptions, internal/external frauds, execution/delivery errors, dependencies, or natural causes.
The latest ‘Guidance Note on Operational Risk Management and Operational Resilience’ aligns with the RBI’s regulatory guidance with the Basel Committee on Banking Supervision (BCBS) Principles, the central bank said.
The guidance note intends to promote and further improve the effectiveness of operational risk management of the REs, and enhance their operational resilience given the interconnections and inter dependencies, within the financial system, that result from the complex and dynamic environment in which the REs operate.
The 2005 guidance note, which has now been repealed, was applicable to only scheduled commercial banks.
The new note explicates the “three lines of defence model” wherein business unit forms the first line of defence, organisational operational risk management function forms the second line, and audit function forms the third line of defence.
It has separate principles for mapping of internal and external interconnections and interdependencies, incident management, ICT, and disclosures.
The note also introduces separate principles on “lessons learned exercise” and continuous feedback mechanism.
Until recently, the predominant operational risks that REs faced emanated from vulnerabilities related to increasing dependence and rapid adoption of technology for provision of financial services and inter mediation.
However, the financial sector’s growing reliance on third-party providers exacerbated by the Covid-19 pandemic with greater reliance on virtual working arrangements, has highlighted the increasing importance of operational risk management and operational resilience.
Courtesy : https://economictimes.indiatimes.com/news/economy/policy/rbi-updates-guidance-note-on-operational-risk-management-extends-it-to-nbfcs/articleshow/109732651.cms?from=mdr