Operational Risk now OCC’s top concern

Operational risk has eclipsed credit risk as national banks’ chief safety and soundness challenge, Comptroller of Currency Thomas Curry told the Exchequer Club in Washington, D.C., last week.

Operational risk – the risk of loss due to failures of people, processes, systems and external events – is “high and increasing,” Curry said.  He cited flawed risk models, lack of adequate controls over third party vendors and anti-money laundering efficiencies as some examples of operational risk.

“[A]s banks and thrifts face greater resource constraints and higher compliance costs, they may feel greater pressure to economize on systems and processes in order to enhance their income and operating economies …,” Curry said. “All institutions … must resist the temptation to under-invest in the systems and controls they need to prevent greater risk and larger losses in the future.”

He emphasized the risk of operational failure is embedded in every activity and product – from a bank’s processing, accounting and information systems to the implementation of its credit risk management procedures.

“No issues look larger today than operational risk in all its dimensions, the manner in which all risks interact, and the importance of managing those risks in an integrated fashion across the entire enterprise,” Curry said. “These themes are a supervisory priority for us at the OCC today and they should similarly command the attention of the industry.”

reprinted from the Oklahoma Bankers Association Weekly Update, May 21, 2012


2010 Cost of a Data Breach

The Ponemon Institute presents the 2010 U.S. Cost of a Data Breach, the sixth annual study about the cost of data breach incidents for U.S.-based companies sponsored by Symantec Corporation. The average organizational cost of a data breach increased to $7.2 million and cost companies an average of $214 per compromised record, markedly higher when compared to $204 in 2009. The study also found that for the second straight year organizations’ need to respond rapidly to data breaches drove the associated costs higher. The sixth annual Ponemon Cost of a Data Breach report based on the real data breach experiences of 51 U.S. companies from 15 different industry sectors. Here’s their 2010 slide share.