Inhoudsopgave
Bestuursverslag
Corporate governance
Jaarrekening Rabobank Groep
Jaarrekening Rabobank
Per business unit, business line and event type
Internal loss data
Incident frequency
distributions
Stand-alone Annual
loss distributions
Diversified Annual loss
distribution Group
Scenario data
External loss
Internal loss
Incident severity
distributions
RCand EC Group
RCandECBUs
Perbusiness line and event type
Per business unit
Incident frequency distributions
Poisson distribution
Average frequencies determined using weighting method
Stand-alone Annual loss distributions
Combination of frequency distribution and severity
distribution using Monte Carlo
Incident severity distributions Diversified Annual loss distribution Group
Body: Empirical distribution Aggregation of stand-alone Annual loss distributions
Tail: Parameterised distribution using copula approach
Figure 3: Capital model.
Rabobank recognises the following operational risk types:
Risk type Definition
Fraud Risk that an internal or external party obtains an undue personal benefit
at the expense of our organ isation (or at the expense of a customer or
client whose property we are responsible for safeguarding).
IT Risk that infrastructure or systems fail, possibly leading to business
disruption, creating a financial impact. Also the risk of losses arising from
systems intrusion and invasion, online data fraud or deception schemes
for profit, external identity theft through system intrusion and skimming
or electronic eavesdropping.
Clients, Products The risk of not exercising due care in dealings with clients and customers,
and Business conduct and contract breaches by the organisation and its staff, conflicts
Practices of interest, inappropriate products and business practices, as well as
compliance or governance breaches.
Management actions
Rabobank has implemented measures on all levels in the organisation to
mitigate this risk, including scanning of electronic banking and Know-
your-customer (KYC) policies.
Maintaining a well-functioning and secure IT environment is crucial
to the performance of Rabobank. To this end there is a specific IT risk
managementteam within NFR.
Various measures have been implemented to deal with this area,
including a Product Approval Process.
Execution, The risk of direct and indirect losses incurred when a prearranged As this category is a part of the day-to-day operations of Rabobank,
Delivery operational task or transaction is executed improperly. Includes primary responsibility lies with the entities units, as they are the first line
and Process transactional errors, non-transactional errors and errors relating to client of defence.
Management or customer service delivery and includes errors or mistakes arising from
reference data issues.
Business The risk of impact to the organisation which disrupt its ability to continue Although Business Continuity Management (BCM) is not recognised
Continuity to deliver Rabobank products and services at acceptable predefined as a specific ORM risk, ORM has close links with BCM. Within Rabobank,
levels. a specific BCM organisation liaises with the entities for effective
management of risks.
363 8. Operational risk