The purpose of this paper, prepared by the Risk Management Group of the Basel Committee on Banking Supervision, is to outline a set of principles that provide a framework for the effective management and supervision of operational risk, for use by banks and supervisory authorities when evaluating operational risk management policies and practices.
The Committee recognises that the exact approach for operational risk management chosen by an individual bank will depend on a range of factors, including its size and sophistication and the nature and complexity of its activities. However, despite these differences, clear strategies and oversight by the board of directors and senior management, a strong operational risk culture and internal control culture (including, among other things, clear lines of responsibility and segregation of duties), effective internal reporting, and contingency planning are all crucial elements of an effective operational risk management framework for banks of any size and scope.
The Sound Practices paper was published for a second period of consultation in July 2002. The Committee is grateful for the many insightful comments received from institutions, industry associations, supervisory authorities, and others, and notes that these comments have played a substantial role in the finalisation of this paper.