若您想從他人的操作風(fēng)險(xiǎn)錯(cuò)誤中吸取教訓(xùn)，同時(shí)防控可能嚴(yán)重影響您公司聲譽(yù)和底線的風(fēng)險(xiǎn)事件，那么案例研究是您較好的選擇。有效的操作風(fēng)險(xiǎn)案例研究需要詢問(wèn)正確的問(wèn)題，詳細(xì)說(shuō)明事件的后果，并提供建議避免類似事故。

　　當(dāng)考慮操作風(fēng)險(xiǎn)時(shí)，我們可能會(huì)首先想到欺詐和信息技術(shù)故障，但簡(jiǎn)單的人為錯(cuò)誤也是其中的一部分。去年三星證券的“烏龍指”事件正是一個(gè)很好的例子，研究該案例我們能夠了解到人為錯(cuò)誤、監(jiān)管不力和系統(tǒng)缺陷的風(fēng)險(xiǎn)。

　　三星證券是韓國(guó)最大的經(jīng)紀(jì)公司之一。2018年4月6日，三星證券意外地向員工發(fā)放了價(jià)值1050億美元的股票。根據(jù)該公司的股權(quán)計(jì)劃，它本來(lái)應(yīng)該向約2,000名員工支付價(jià)值28億韓元(260萬(wàn)美元)的股息。但三星證券的一名員工錯(cuò)誤地將“股票(shares)”而不是“韓元 (won, 韓國(guó)的貨幣)”輸入系統(tǒng)，導(dǎo)致實(shí)際上發(fā)行了28億股票，這個(gè)數(shù)字超過(guò)該公司已發(fā)行股票數(shù)量的30倍。

　　三星證券在37分鐘后就發(fā)現(xiàn)了該錯(cuò)誤，并通知受影響的員工該股票是被錯(cuò)誤發(fā)放的。盡管公司發(fā)出了警告，部分員工已經(jīng)拋售了股票。

　　三星證券出了什么問(wèn)題呢?很多問(wèn)題。讓我們根據(jù)案例研究模型將該事件庖丁解牛，以了解該事件涉及了哪些風(fēng)險(xiǎn)因素，后果如何，以及我們能夠從中吸取哪些教訓(xùn)。

　　蝴蝶結(jié)模型

　　Good case studies can either be outsourced or written internally, based on public resources. One of the most popular and effective approaches to operational risk case studies is the bow-tie model, which (1) explains the underlying causes, motives, opportunities and means that are at the basis of the incident; (2) thoroughly describes the incident itself; and (3) breaks down the consequences, including direct and indirect loss amounts.

　　The bow-tie model can certainly help us understand what happened at Samsung Securities, and can also yield ideas on preventing similar incidents from unfolding in the future. The “fat finger” incident happened in just a fraction of a second – an errant keystroke resulting in the issuance of an extremely costly and grossly erroneous dividend. The underlying causes include poor supervision, ineffective internal controls and inadequate regulatory monitoring.

　　The model also yields a series of probing questions about the incident: Why was one person allowed to initiate and authorize this transaction? Why did there appear to be no segregation of duties? Why didn't the IT system block the issuance and distribution of an extraordinary number of shares? And why wasn't the naked short-selling immediately prevented?

　　The consequences of this blunder were manifold.Analysts criticized the firm for having neither a filtering system for preventing human errors nor a warning system that could have stopped the issuance of more shares than actually existed.

　　The Financial Supervisory Service, South Korea's financial watchdog, found that 21 employees of Samsung Securities had either sold or attempted to sell the mistakenly-issued shares. All 21 lost their jobs, and several are facing criminal charges.

　　The National Pension Service, South Korea's biggest pension fund, stopped using Samsung Securities to trade stock almost immediately after the incident. Roughly seven weeks later, South Korean prosecutors raided the broker's head office, which precipitated the partial suspension of its brokerage services and the resignation of its CEO.

　　相關(guān)閱讀 “蝴蝶結(jié)”模型：將業(yè)務(wù)連續(xù)性與風(fēng)險(xiǎn)管理相結(jié)合

　　獨(dú)特的挑戰(zhàn)

　　Operational risk is different from – and I think more difficult to manage than – credit risk and market risk. One reason is that it can arise anywhere in the organization – from commercial units, to brick-and-mortar bank shops, to support functions and IT systems.

　　Its impact, moreover, is difficult to quantify. Keep in mind that the advanced modeling approach to measuring operational risk has been eliminated, while the new benchmark – the standardized measurement approach – has drawbacks of its own.

　　While banks use databases to collect and store data on operational risk incidents, it is difficult, in practice, to extrapolate from these past occurrences – particularly with respect to quantifying losses.

　　Indeed, a bank's own incident database provides only a very limited view of its current operational risk exposure. The incident data that is collected is typically the result of a stochastic process, and therefore not necessarily commensurate with a firm's operational risk exposure to specific event types.

　　The operational risk case study is the go-to methodology for overcoming this randomness bias. It expands the experience from learning from one's own errors to learning from errors made by others. While reading detailed accounts of incidents that happened elsewhere, operational risk managers may very well ask themselves questions that will help them avoid similar mistakes: Could this happen at our firm? If it does, what would I do? And what specific steps can our organization take to prevent this from happening?

　　一些其他思考

　　Case studies are among the biggest assets in the operational risk manager's toolkit. When we analyze the case study of the Samsung Securities “fat finger” incident, important questions are triggered. A more fundamental question relates to the irresponsible behavior of the 21 employees who attempted, illegally, to benefit from the “fat finger” blunder.

　　How would your employees behave under a similar scenario? Case studies provide the answers every firm needs to avoid being the next poster child for operational risk disaster.

學(xué)金融找金程，對(duì)于FRM有疑問(wèn)可撥打400-700-9596免費(fèi)咨詢老師。

FRM百題課程詳情在線咨詢

相關(guān)推薦：FRM報(bào)名 FRM是什么考試 FRM成績(jī) FRM考點(diǎn)

2019年FRM備考群 835405115 FRM資訊&資料隨時(shí)分享，與眾多FRM持證人交流考試經(jīng)驗(yàn)。

返回首頁(yè)