1. This Chapter includes the detailed Rules and associated guidance in respect of a firm's obligation to manage effectively its Exposures to Operational Risk. Operational Risk refers to the risk of incurring losses due to the failure of systems, processes, and personnel to perform expected tasks. Operational Risk losses also include losses arising out of legal risk. This Chapter aims to ensure that an Authorised Person has a robust Operational Risk management framework commensurate with the nature, scale and complexity of its operations and that it holds sufficient regulatory capital against Operational Risk Exposures.
2. This Chapter requires an Authorised Person to:
a. design and implement an effective Operational Risk management system complete with appropriate systems and controls;
b. calculate the Operational Risk Capital Requirement and hold the same; and
c. hold adequate professional indemnity insurance cover.
3. This Chapter includes, among others, specific Operational Risk management requirements relating to IT systems, information security, outsourcing, business continuity and disaster recovery and the management of Operational Risks in trading rooms.
provides the detailed requirements, parameters, calculation methodologies and formulae for calculating the Operational Risk Capital Requirement specified in Chapter 6