12 CFR § 1240.101 - Definitions.

§ 1240.101 Definitions.

(a) Terms that are set forth in § 1240.2 and used in this subpart have the definitions assigned thereto in § 1240.2.

(b) For the purposes of this subpart, the following terms are defined as follows:

Advanced internal ratings-based (IRB) systems means an Enterprise's internal risk rating and segmentation system; risk parameter quantification system; data management and maintenance system; and control, oversight, and validation system for credit risk of exposures.

Advanced systems means an Enterprise's advanced IRB systems, operational risk management processes, operational risk data and assessment systems, operational risk quantification systems, and, to the extent used by the Enterprise, the internal models methodology, advanced CVA approach, double default excessive correlation detection process, and internal models approach (IMA) for equity exposures.

Backtesting means the comparison of an Enterprise's internal estimates with actual outcomes during a sample period not used in model development. In this context, backtesting is one form of out-of-sample testing.

Benchmarking means the comparison of an Enterprise's internal estimates with relevant internal and external data or with estimates based on other estimation techniques.

Business environment and internal control factors means the indicators of an Enterprise's operational risk profile that reflect a current and forward-looking assessment of the Enterprise's underlying business risk factors and internal control environment.

Dependence means a measure of the association among operational losses across and within units of measure.

Economic downturn conditions means, with respect to an exposure held by the Enterprise, those conditions in which the aggregate default rates for that exposure's exposure subcategory (or subdivision of such subcategory selected by the Enterprise) in the exposure's jurisdiction (or subdivision of such jurisdiction selected by the Enterprise) are significantly higher than average.

Eligible operational risk offsets means amounts, not to exceed expected operational loss, that:

(i) Are generated by internal business practices to absorb highly predictable and reasonably stable operational losses, including reserves calculated consistent with GAAP; and

(ii) Are available to cover expected operational losses with a high degree of certainty over a one-year horizon.

Expected operational loss (EOL) means the expected value of the distribution of potential aggregate operational losses, as generated by the Enterprise's operational risk quantification system using a one-year horizon.

External operational loss event data means, with respect to an Enterprise, gross operational loss amounts, dates, recoveries, and relevant causal information for operational loss events occurring at organizations other than the Enterprise.

Internal operational loss event data means, with respect to an Enterprise, gross operational loss amounts, dates, recoveries, and relevant causal information for operational loss events occurring at the Enterprise.

Operational loss means a loss (excluding insurance or tax effects) resulting from an operational loss event. Operational loss includes all expenses associated with an operational loss event except for opportunity costs, forgone revenue, and costs related to risk management and control enhancements implemented to prevent future operational losses.

Operational loss event means an event that results in loss and is associated with any of the following seven operational loss event type categories:

(i) Internal fraud, which means the operational loss event type category that comprises operational losses resulting from an act involving at least one internal party of a type intended to defraud, misappropriate property, or circumvent regulations, the law, or company policy excluding diversity- and discrimination-type events.

(ii) External fraud, which means the operational loss event type category that comprises operational losses resulting from an act by a third party of a type intended to defraud, misappropriate property, or circumvent the law. All third-party-initiated credit losses are to be treated as credit risk losses.

(iii) Employment practices and workplace safety, which means the operational loss event type category that comprises operational losses resulting from an act inconsistent with employment, health, or safety laws or agreements, payment of personal injury claims, or payment arising from diversity- and discrimination-type events.

(iv) Clients, products, and business practices, which means the operational loss event type category that comprises operational losses resulting from the nature or design of a product or from an unintentional or negligent failure to meet a professional obligation to specific clients (including fiduciary and suitability requirements).

(v) Damage to physical assets, which means the operational loss event type category that comprises operational losses resulting from the loss of or damage to physical assets from natural disaster or other events.

(vi) Business disruption and system failures, which means the operational loss event type category that comprises operational losses resulting from disruption of business or system failures.

(vii) Execution, delivery, and process management, which means the operational loss event type category that comprises operational losses resulting from failed transaction processing or process management or losses arising from relations with trade counterparties and vendors.

Operational risk means the risk of loss resulting from inadequate or failed internal processes, people, and systems or from external events (including legal risk but excluding strategic and reputational risk).

Operational risk exposure means the 99.9th percentile of the distribution of potential aggregate operational losses, as generated by the Enterprise's operational risk quantification system over a one-year horizon (and not incorporating eligible operational risk offsets or qualifying operational risk mitigants).

Risk parameter means a variable used in determining risk-based capital requirements for exposures, such as probability of default, loss given default, exposure at default, or effective maturity.

Scenario analysis means a systematic process of obtaining expert opinions from business managers and risk management experts to derive reasoned assessments of the likelihood and loss impact of plausible high-severity operational losses. Scenario analysis may include the well-reasoned evaluation and use of external operational loss event data, adjusted as appropriate to ensure relevance to an Enterprise's operational risk profile and control structure.

Unexpected operational loss (UOL) means the difference between the Enterprise's operational risk exposure and the Enterprise's expected operational loss.

Unit of measure means the level (for example, organizational unit or operational loss event type) at which the Enterprise's operational risk quantification system generates a separate distribution of potential operational losses.

The following state regulations pages link to this page.