Notification Detail :
RBI/2024-25/31
DOR.ORG.REC.21/14.10.001/2024-25 April 30, 2024
1. Purpose
1.1 Operational Risk is inherent in all banking/ financial products, services, activities, processes, and systems. Effective management of Operational Risk is an integral part of the Regulated Entities’ (REs) risk management framework. Sound Management of Operational Risk shows the overall effectiveness of the Board of Directors and Senior Management in administering the RE’s portfolio of products, services, activities, processes, and systems.
1.2 An operational disruption can threaten the viability of an RE, impact its customers and other market participants, and ultimately have an impact on financial stability. It can result from man-made causes, Information Technology (IT) threats (e.g., cyber-attacks, changes in technology, technology failures, etc), geopolitical conflicts, business disruptions, internal/external frauds, execution/ delivery errors, third party dependencies, or natural causes (e.g., climate change, pandemic, etc.).
1.3 An RE needs to factor in the entire gamut of risks (including the aforesaid risks in its risk assessment policies/ processes), identify and assess them using appropriate tools, monitor its material operational exposures and devise appropriate risk mitigation/management strategies using strong internal controls to minimize operational disruptions and continue to deliver critical operations, thus ensuring operational resilience.
View Attachment
|